-@table @asis
-
-@cindex TLS
-@item Why do not you use TLS?
-It is complicated protocol. It uses Authenticate-then-Encrypt ordering
-of algorithms -- it is not secure. Moreover its libraries are huge and
-hard to read, review and analyze.
-
-@cindex SSH
-@item Why do not you use SSH?
-Its first protocol versions used A-a-E ordering, however later ones
-supports even ChaCha20-Poly1305 algorithms. But its source code is not
-so trivial and rather big to read and review. OpenSSH does not support
-strong zero-knowledge password authentication.
-
-@cindex IPsec
-@item Why do not you use IPsec?
-It is rather good protocol, supported by all modern OSes. But it lacks
-strong zero-knowledge password authentication and, again, its code is
-hard to read.
-
-@item Why do not you use XXX?
-For the same reasons: most of software do not provide strong password
-authentication, high cryptographic protocol security, and most of this
-software is written in C -- it is hard to write right on it.
-
-@cindex Why Go
-@cindex Go
-@item Why GoVPN is written on Go?
+See also this page @ref{ЧАВО, on russian}.
+
+@menu
+* Why do not you use TLS?: Why not TLS.
+* Why do not you use SSH?: Why not SSH.
+* Why do not you use IPsec?: Why not IPsec.
+* Why GoVPN is written on Go?: Why Go.
+* Why do you authenticate with passphrases?: Why passphrases.
+* Why all network configuration must be done manually?: Why manual network configuration.
+* Why there is no either OS X or Windows support?: Why no proprietary OS support.
+* What do you mean by perfect forward secrecy?: What is perfect forward secrecy.
+* What do you mean by saying that clients are anonymous?: What is anonymity.
+* What do you mean by censorship resistance?: What is censorship resistance.
+* When should I use encryptionless mode?: When encryptionless mode.
+* When should I use noise option?: When noise option.
+* When should I use time synchronization option?: When timesync option.
+* Can I DoS (denial of service) the daemon?: Can I DoS daemon.
+* Why YAML for configuration?: Why YAML.
+@end menu
+
+@node Why not TLS
+@section Why do not you use TLS?
+
+@itemize
+@item It is complicated badly designed protocol.
+@item It uses Authenticate-then-Encrypt ordering of algorithms.
+@item Its libraries are huge and hard to read, review and analyze.
+@end itemize
+
+@node Why not SSH
+@section Why do not you use SSH?
+
+@itemize
+@item Its first protocol versions used A-a-E ordering, however later
+ones supports even ChaCha20-Poly1305 algorithms.
+@item OpenSSH does not support strong zero-knowledge password
+authentication.
+@end itemize
+
+@node Why not IPsec
+@section Why do not you use IPsec?
+
+It lacks strong zero-knowledge password authentication and, again,
+its code is hard to read.
+
+@node Why Go
+@section Why GoVPN is written on Go?
+