diff --git a/README.md b/README.md
index a4600e7..cb0b8fa 100644
--- a/README.md
+++ b/README.md
@@ -59,6 +59,7 @@ add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; prelo
 
 * Additionally, the entire zone is dual-signed with DNSSEC. See the current DNSSEC status at: **[DNSSEC Audit Report](/docs/AUDIT_DNSSEC.md)**
 * A comprehensive TLS audit of the `git.coresecret.dev` Gitea server is also available. See: **[TLS Audit Report](/docs/AUDIT_TLS.md)**
+* The infrastructure of the CISS.debian.live.builder building system is visualized here. See: **[Centurion Net](/docs/CNET.md)**
 
 ### 1.1.3. Gitea Action Runner Hardening
 
diff --git a/docs/CNET.md b/docs/CNET.md
new file mode 100644
index 0000000..0b324de
--- /dev/null
+++ b/docs/CNET.md
@@ -0,0 +1,21 @@
+---
+gitea: none
+include_toc: true
+---
+
+# 1. CISS.debian.live.builder
+
+**Centurion Intelligence Consulting Agency Information Security Standard**<br>
+*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
+**Master Version**: 8.03<br>
+**Build**: V8.03.384.2025.06.03<br>
+
+# 2. Download the latest PUBLIC CISS.debian.live.ISO
+
+This is an automatically generated overview of the secure ``Centurion Net`` ``CISS.debian.live.builder`` building system.
+
+![Centurion Net](/docs/graphviz/ciss.debian.live.builder.png)
+
+---
+**[no tracking | no logging | no advertising | no profiling | no bullshit](https://coresecret.eu/)**
+<!-- vim: set number et ts=2 sw=2 sts=2 ai tw=128 ft=markdown -->
diff --git a/docs/graphiz/ciss.debian.live.builder.dot b/docs/graphviz/ciss.debian.live.builder.dot
similarity index 95%
rename from docs/graphiz/ciss.debian.live.builder.dot
rename to docs/graphviz/ciss.debian.live.builder.dot
index aea4997..3d5eb53 100644
--- a/docs/graphiz/ciss.debian.live.builder.dot
+++ b/docs/graphviz/ciss.debian.live.builder.dot
@@ -86,10 +86,7 @@ digraph CISS_debian_live_builder {
         // ----- Cluster: TLS/HTTPS group (contains B-Server, cloud, and the TLS cloud) -----
         subgraph cluster_tls_group {
             // The red dotted rectangle around B-Cluster, cloud, and the TLS cloud
-            label="ECDHE-RSA-AES256-GCM-SHA384 ECDH 448 AESGCM 256\n\
-                   ECDHE-RSA-CHACHA20-POLY1305 ECDH 448 ChaCha20 256\n\
-                   TLS_AES_256_GCM_SHA384 ECDH 448 AESGCM 256\n\
-                   TLS_CHACHA20_POLY1305_SHA256 ECDH 448 ChaCha20 256";
+            label="TLS 1.2 || 1.3 AES256-GCM-SHA384 ECDH 448 AESGCM 256 only.";
             style=dashed;
             color=red;
 
diff --git a/docs/graphiz/ciss.debian.live.builder.png b/docs/graphviz/ciss.debian.live.builder.png
similarity index 100%
rename from docs/graphiz/ciss.debian.live.builder.png
rename to docs/graphviz/ciss.debian.live.builder.png