> ## Documentation Index
> Fetch the complete documentation index at: https://docs.healthkeri.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Introduction

> Welcome to healthKERI, we'll show you how to Sign Everything.

<img className="block dark:hidden" src="https://mintcdn.com/healthkeri/OvbovaMHLtIokDX_/images/sign-everything-light.png?fit=max&auto=format&n=OvbovaMHLtIokDX_&q=85&s=0cc8f7095f85e993b34c488574570b94" alt="Sign Everything" width="556" height="540" data-path="images/sign-everything-light.png" />

<img className="hidden dark:block" src="https://mintcdn.com/healthkeri/OvbovaMHLtIokDX_/images/sign-everything.png?fit=max&auto=format&n=OvbovaMHLtIokDX_&q=85&s=ca7e70c500830e3b0301c149b86b69ea" alt="Sign Everything" width="540" height="540" data-path="images/sign-everything.png" />

“Signing everything” means using cryptographically secure digital signatures on every transaction. In this zero-trust environment, data is only sent/ingested when valid digital signatures are used. No more shared secrets.

We achieve this by combining the most advanced key management protocol available, [Key Event Receipt Infrastructure (KERI)](https://trustoverip.github.io/tswg-keri-specification/), with an approach to confidential and authentic data exchange called [ESSR](./essentials/essr), for "Encrypt Sender's key and then Sign Receiver's key", which is detailed [here](https://eprint.iacr.org/2001/079). For a more accessible explanation see the following: [PKAE1](https://neilmadden.blog/2018/11/14/public-key-authenticated-encryption-and-why-you-want-it-part-i/), [PKAE2](https://neilmadden.blog/2018/11/26/public-key-authenticated-encryption-and-why-you-want-it-part-ii/), [PKAE3](https://neilmadden.blog/2018/12/14/public-key-authenticated-encryption-and-why-you-want-it-part-iii/).

This unique combination of protocols allows our gateways to establish [True Zero-Trust](https://www.cisa.gov/resources-tools/resources/modern-approaches-network-access-security) connections that rely on post quantum secure identifiers, while keeping your "keys at the edge", where they belong.

## Setting up

The first step to securing all your data is setting up your environment and installing the demo software.

<CardGroup cols={2}>
  <Card title="Setup your Environment" icon="screwdriver-wrench" href="/environment">
    Ensure you have the necessary software installed on your system
  </Card>

  <Card title="Get the Software" icon="link" href="/software">
    Get the <Tooltip tip="Routing, Authentication and Confidentiality with KERI">RACK</Tooltip> starter kit Docker image, compose files and associated data
  </Card>
</CardGroup>

## Learning RACK

Next is learning how our **Routing, Authentication and Confidentiality with KERI (RACK)** Gateways work. Install and configure <Tooltip tip="Routing, Authentication and Confidentiality with KERI">RACK</Tooltip> using the following tutorials to learn how <Tooltip tip="Routing, Authentication and Confidentiality with KERI">RACK</Tooltip> secures your data transactions.

<CardGroup cols={2}>
  <Card title="Quickstart" icon="rocket" href="/quickstart">
    Connect 2 <Tooltip tip="Routing, Authentication and Confidentiality with KERI">RACK</Tooltip> gateway peers to secure data between 2 Mirth instances
  </Card>

  <Card title="Routing Through the Cloud" icon="cloud" href="/cloud">
    Use healthKERI's SaaS service to route data through cloud routers
  </Card>

  <Card title="Establish Data Provenance" icon="code" href="/anchors">
    Create long lived digital signatures that can persist with data forever
  </Card>

  <Card title="Protect Web Portals" icon="window" href="/portals">
    Allow secure Zero-Trust access to any web portal
  </Card>
</CardGroup>