diff --git a/README.adoc b/README.adoc
new file mode 100644
index 0000000..9cecf84
--- /dev/null
+++ b/README.adoc
@@ -0,0 +1,32 @@
+This is a simple, but (eventually) very fast scanner to identify certificates in use on your network.
+
+Documentation is terrible at this point; the program is still being written and debugged, so configuration and output formats are in flux.
+
+== Installation
+
+Download the sources and run `cargo build --release`
+
+Copy the binary `target/release/ascertain` somewhere on your path.
+
+== Configuration
+
+A simple example to get you started:
+
+Place the following in sample_config.toml and run using `ascertain -c sample_config.toml`
+[toml]
+----
+[targets]
+hosts = ["10.24.74.0/24"]
+ports = [443, 80, 8443, 636]
+live_port = 22
+
+[output]
+format = "json"
+output_file = "certs.jsonl"
+issuer_file = "issuers.jsonl"
+----
+
+This probes port 22 to see if the target even exists; if so, it scans the other four ports.
+
+There are many more config options; read src/config.rs and JSONConfig in src/report.rs for details.
+