update the readme

README.md

@@ -2,9 +2,9 @@
 
 [![Join the chat at https://gitter.im/CleverCloud/biscuit](https://badges.gitter.im/CleverCloud/biscuit.svg)](https://gitter.im/CleverCloud/biscuit?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 
-<img src="https://raw.githubusercontent.com/CleverCloud/biscuit/master/assets/brown.png" width="300">
+<img src="https://raw.githubusercontent.com/CleverCloud/biscuit/master/assets/brown.png" width="200">
 
-*logo by [Mathias Adam](http://www.madgraphism.com/)*
+## Goals
 
 Biscuit is a (in development) authentication token for microservices
 architectures with the following properties:
@@ -20,19 +20,29 @@ architectures with the following properties:
   and add bounds on ambient data;
 - small enough to fit anywhere (cookies, etc).
 
-Non goals:
+## Non goals
 - This is not a new authentication protocol. Biscuit tokens can be used as
   opaque tokens delivered by other systems such as OAuth.
-- Revocation: while tokens come with expiration dates, revocation requires
-  external state management.
+- Revocation: while tokens come with expiration dates and revocation ids,
+  revocation still requires external state management that we will not specify.
+
+## Roadmap
 
 You can follow the next steps on the [roadmap](https://github.com/CleverCloud/biscuit/issues/12).
 
-How to help us?
+Current status:
+- the credential language, cryptographic primitives and serialization format are done
+- we have implementations in [Rust](https://github.com/clevercloud/biscuit-rust), [Java](https://github.com/clevercloud/biscuit-java) and [Web Assembly](https://github.com/clevercloud/biscuit-wasm) (based on the Rust version)
+- Currently deploying to real world use cases such as [Apache Pulsar](https://github.com/clevercloud/biscuit-pulsar)
+- looking for an audit of the token's design, cryptographic primitives and implementations
+
+## How to help us?
+
 - provide use cases that we can test the token on (some specific kind of caveats, auth delegation, etc)
 - cryptographic design audit: we need to decide on a cryptographic scheme that will be strong enough
 
-Project organisation:
+## Project organisation
+
 - `DESIGN.md` holds the current ideas about what Biscuit should be
 - `SPECIFICATIONS.md` is the in progress description of Biscuit, its format and behaviour
 - `experimentations/` holds code examples for the crypographic schemes and caveat language. `code/biscuit-poc/` contains an experimental version of Biscuit, built to explore API issues
@@ -41,6 +51,8 @@ Project organisation:
 
 Licensed under Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0)
 
+logo by [Mathias Adam](http://www.madgraphism.com/)
+
 ### Contribution
 
 Unless you explicitly state otherwise, any contribution intentionally