diff --git a/conf/smr.conf.in b/conf/smr.conf.in
index 5d44c41..07ee357 100644
--- a/conf/smr.conf.in
+++ b/conf/smr.conf.in
@@ -6,14 +6,21 @@ server tls {
 }
 
 seccomp_tracing yes
+
+privsep worker {
+	runas <{get chuser }>
+
+	root  <{get kore_chroot }>
+
+}
+privsep keymgr {
+	runas <{get chuser }>
+
+	root .
+}
+
 load		./smr.so
-root            <{get kore_chroot}>
 
-runas           <{get chuser }>
-
-keymgr_runas    <{get chuser }>
-
-keymgr_root     .
 workers         1
 
 http_body_max 8388608
@@ -38,90 +45,166 @@ domain * {
 	#I run kore behind a lighttpd reverse proxy, so this is a bit useless to me
 	accesslog 	/dev/null
 
-	route  /        home
-	route  /_css/style.css asset_serve_style_css
-	route  /_css/suggest_tags.css asset_serve_suggest_tags_css
-	route  /_css/milligram.css asset_serve_milligram_css
-	route  /_css/milligram.min.css.map asset_serve_milligram_min_css_map
-	route  /_faq asset_serve_faq_html
-	route  /_js/suggest_tags.js asset_serve_suggest_tags_js
-	route  /_js/bookmark.js asset_serve_bookmark_js
-	route  /_js/intervine_deletion.js asset_serve_intervine_deletion_js
-	route  /favicon.ico asset_serve_favicon_ico
-	route  /_paste  post_story
-	route  /_edit   edit_story
-	route  /_bio    edit_bio
-	route  /_login  login
-	route  /_logout logout
-	route  ^/_claim  claim
-	route  /_download download
-	route  /_preview preview
-	route  /_search search
-	route  /_archive archive
-	route  /_api api
-	route  /_delete delete
-	# Leading ^ is needed for dynamic routes, kore says the route is dynamic if it does not start with '/'
-	route  ^/[^_].*  read_story
+	route / {
+		handler home
+		methods get
+	}
 
-	params get /_edit {
-		validate story v_storyid
+	route /_css/style.css {
+		handler asset_serve_style_css
+		methods get
 	}
-	params get /_download {
-		validate story v_storyid
-		validate pwd v_hex_128
+	
+	route /_css/suggest_tags.css {
+		handler asset_serve_style_css
+		methods get
 	}
-	params post /_edit {
-		validate title v_any
-		validate story v_storyid
-		validate text v_any
-		validate pasteas v_subdomain
-		validate markup v_markup
-		validate tags v_any
-		validate unlisted v_checkbox
+
+	route /_css/milligram.css {
+		handler asset_serve_milligram_css
+		methods get
 	}
-	params post /_paste {
-		validate title v_any
-		validate text v_any
-		validate pasteas v_subdomain
-		validate markup v_markup
-		validate tags v_any
-		validate unlisted v_checkbox
+
+	route /_css/milligram.min.css.map {
+		handler asset_serve_milligram_min_css_map
+		methods get
 	}
-	params post /_preview {
-		validate title v_any
-		validate text v_any
-		validate pasteas v_subdomain
-		validate markup v_markup
-		validate tags v_any
-		validate unlisted v_checkbox
+
+	route /_faq {
+		handler asset_serve_faq_html
+		methods get
 	}
-	params get /_search {
-		validate q v_any
+
+	route /_js/suggest_tags.js {
+		handler asset_serve_suggest_tags_js
+		methods get
 	}
-	params get /_archive {
-		validate t v_time
+
+	route /_js/bookmark.js {
+		handler asset_serve_bookmark_js
+		methods get
 	}
-	params get ^/[^_].* {
-		validate comments v_bool
-		validate pwd v_hex_128
+
+	route /_js/intervine_deletion.js {
+		handler asset_serve_intervine_deletion_js
+		methods get
 	}
-	params post ^/[^_].* {
-		validate text v_any
-		validate postas v_subdomain
-		validate pwd v_hex_128
+
+	route /favicon.ico {
+		handler asset_serve_favicon_ico
+		methods get
 	}
-	params post /_login {
-		validate user v_subdomain
-		validate pass v_any
+
+	route /_paste {
+		handler post_story
+		methods get post
+
+		validate post title v_any
+		validate post text v_any
+		validate post pasteas v_subdomain
+		validate post markup v_markup
+		validate post tags v_any
+		validate post unlisted v_checkbox
 	}
-	params post ^/_claim {
-		validate user v_subdomain
+
+	route /_edit {
+		handler edit_story
+		methods get post
+
+		validate qs:get story v_storyid
+
+		validate post title v_any
+		validate post story v_storyid
+		validate post text v_any
+		validate post pasteas v_subdomain
+		validate post markup v_markup
+		validate post tags v_any
+		validate post unlisted v_checkbox
 	}
-	params get /_api {
-		validate call v_any
-		validate data v_any
+	
+	route /_bio {
+		handler edit_bio
+		methods get
 	}
-	params post /_delete {
-		validate story v_storyid
+	
+	route /_login {
+		handler login
+		methods get post
+
+		validate qs:get user v_subdomain
+		validate qs:get pass v_any
+	}
+	
+	route /_logout {
+		handler logout
+		methods get
+	}
+
+	route ^/_claim {
+		handler claim
+		methods get post
+
+		validate post user v_subdomain
+	}
+
+	route /_download {
+		handler download
+		methods get
+
+		validate qs:get story v_storyid
+		validate qs:get pwd v_hex_128
+	}
+
+	route /_preview {
+		handler preview
+		methods post
+
+		validate post title v_any
+		validate post text v_any
+		validate post pasteas v_subdomain
+		validate post markup v_markup
+		validate post tags v_any
+		validate post unlisted v_checkbox
+	}
+
+	route /_search {
+		handler search
+		methods get
+
+		validate qs:get q v_any
+	}
+
+	route /_archive {
+		handler archive
+		methods get
+
+		validate qs:get t v_time
+	}
+
+	route /_api {
+		handler api
+		methods get
+
+		validate qs:get call v_any
+		validate qs:get data v_any
+	}
+
+	route /_delete {
+		handler delete
+		methods post
+
+		validate post story v_storyid
+	}
+	# Leading ^ is needed for dynamic routes, kore says the route is dynamic if it does not start with '/'
+	route  ^/[^_].* {
+		handler read_story
+		methods get post
+
+		validate qs:get comments v_bool
+		validate qs:get pwd v_hex_128
+
+		validate post text v_any
+		validate post postas v_subdomain
+		validate post pwd v_hex_128
 	}
 }