docs: update top-level README

Make the README a little more descriptive and point
to the cluster guide to help new users.

Signed-off-by: Tobin Feldman-Fitzthum <[email protected]>

README.md

@@ -1,18 +1,52 @@
-# Confidential Container Tools and Components for the tenant side
+# Trusted Components for Attestation and Secret Management
 
 [![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fconfidential-containers%2Fkbs.svg?type=shield)](https://app.fossa.com/projects/git%2Bgithub.com%2Fconfidential-containers%2Fkbs?ref=badge_shield)
 
-This repository includes tools and components for the tenant side of confidential containers.
+This repository contains tools and components for attesting confidential guests and providing secrets to them.
+These components typically operate on behalf of the guest owner and interact remotely with 
+[guest components](https://github.com/confidential-containers/guest-components).
 
-## 
+These components were developed for the Confidential Containers project, but can be used with a wide variety
+of applications and hardware platforms.
 
-[Key Broker Service](kbs)
-The Confidential Containers Key Broker Service (KBS) is a remote server which facilitates remote attestation, which is the reference implementation of [Relying Party](https://www.ietf.org/archive/id/draft-ietf-rats-architecture-22.html)
-and [Verifier](https://www.ietf.org/archive/id/draft-ietf-rats-architecture-22.html) in [RATS](https://datatracker.ietf.org/doc/draft-ietf-rats-architecture/)
-role terminology.
+## Components
 
-[Attestation Service](attestation-service)
-Attestation Service (AS for short) is a general function set that can verify TEE evidence.
+- [Key Broker Service](kbs)
+The KBS is a server that facilitates remote attestation and secret delivery.
+It's role is similar to that of the [Relying Party](https://www.ietf.org/archive/id/draft-ietf-rats-architecture-22.html#name-relying-party)
+in the RATS model.
+
+- [Attestation Service](attestation-service)
+The AS verifies TEE evidence.
+In the RATS model this is a [Verifier](https://www.ietf.org/archive/id/draft-ietf-rats-architecture-22.html#name-verifier)
+
+- [Reference Value Provider Service](attestation-service/rvps)
+The RVPS manages reference values used to verify TEE evidence. 
+This is related to the discussion in [section 7.5](https://www.ietf.org/archive/id/draft-ietf-rats-architecture-22.html#name-endorser-reference-value-pr)
+of the RATS document.
+
+- [Client Tool](kbs/tools/client)
+This is a simple tool which can be used to test or configure the KBS and AS.
+
+For further information, see documentation of individual components.
+
+## Architecture
+
+These components are flexible and can be deployed in several different configurations.
+This figure shows one common way to deploy these components in conjunction with certain guest components.
+
+<div align=center>
+
+![](kbs/docs/pictures/cluster.svg)
+
+</div>
+
+## Quickstart
+
+One simple way to get started with these components is with Docker compose, which can be used
+to quickly setup a cluster matching the diagram above.
+
+Please refer to the [cluster setup guide](kbs/docs/cluster.md).
 
 ## License
 [![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fconfidential-containers%2Fkbs.svg?type=large)](https://app.fossa.com/projects/git%2Bgithub.com%2Fconfidential-containers%2Fkbs?ref=badge_large)