docs: quickstart improvements

docs/quickstart.rst

@@ -16,18 +16,29 @@ A step by step example
     $ attic init /somewhere/my-repository.attic
 
 2. Backup the ``~/src`` and ``~/Documents`` directories into an archive called
-   *first-backup*::
+   *Monday*::
 
     $ attic create -v /somwhere/my-repository.attic::Monday ~/src ~/Documents
 
-3. The next day create a new archive called *second-backup*::
+3. The next day create a new archive called *Tuesday*::
 
     $ attic create -v --stats /somwhere/my-repository.attic::Tuesday ~/src ~/Documents
 
    This backup will be a lot quicker and a lot smaller since only new never
    before seen data is stored. The ``--stats`` option causes |project_name| to
    output statistics about the newly created archive such as the amount of unique
-   data (not shared with other archives).
+   data (not shared with other archives)::
+
+    Archive name: Tuesday
+    Archive fingerprint: 387a5e3f9b0e792e91ce87134b0f4bfe17677d9248cb5337f3fbf3a8e157942a
+    Start time: Sun Apr  6 12:00:10 2014
+    End time:   Sun Apr  6 12:00:10 2014
+    Duration: 0.08 seconds
+    Number of files: 358
+                           Original size      Compressed size    Deduplicated size
+    This archive:               57.16 MB             46.78 MB            151.67 kB
+    All archives:              114.02 MB             93.46 MB             44.81 MB
+
 
 4. List all archives in the repository::
 
@@ -87,12 +98,17 @@ Repository encryption is enabled at repository creation time::
 When repository encryption is enabled all data is encrypted using 256-bit AES_
 encryption and the integrity and authenticity is verified using `HMAC-SHA256`_.
 
+All data is encrypted before being written to the repository. This means that
+an attacker that manages to compromise the host containing an encrypted
+archive will not be able to access any of the data.
+
 |project_name| supports two different methods to derive the AES and HMAC keys.
 
 Passphrase based encryption
     This method uses a user supplied passphrase to derive the keys using the
-    PBKDF2_ key derivation function. This method is convenient to use and
-    secure as long as a *strong* passphrase is used.
+    PBKDF2_ key derivation function. This method is convenient to use since
+    there is no key file to keep track of and secure as long as a *strong*
+    passphrase is used.
 
     .. Note::
         For automated backups the passphrase can be specified using the
@@ -101,7 +117,8 @@ Passphrase based encryption
 Key file based encryption
     This method generates random keys at repository initialization time that
     are stored in a password protected file in the ``~/.attic/keys/`` directory.
-    This method is secure and suitable for automated backups.
+    The key file is a printable text file. This method is secure and suitable
+    for automated backups.
 
     .. Note::
         The repository data is totally inaccessible without the key file