From 5fe66d4f79ab0bc387bb88a939fb155b21f564b1 Mon Sep 17 00:00:00 2001
From: Ravind Kumar <ravind@min.io>
Date: Mon, 3 May 2021 17:00:44 -0400
Subject: [PATCH] Apply suggestions from code review

Co-authored-by: Andreas Auernhammer <aead@mail.de>
---
 source/reference/minio-server/minio-server.rst | 8 +++-----
 source/tutorials/minio-installation.rst        | 4 ++--
 2 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/source/reference/minio-server/minio-server.rst b/source/reference/minio-server/minio-server.rst
index 83c31f31..e5956415 100644
--- a/source/reference/minio-server/minio-server.rst
+++ b/source/reference/minio-server/minio-server.rst
@@ -277,8 +277,7 @@ Key Management Service and Encryption
 
    The private key associated to the the :envvar:`MINIO_KMS_KES_CERT_FILE` 
    x.509 certificate to use when authenticating to the KES server. 
-   The KES server requires clients to present both their certificate and
-   private key for performing mutual TLS (mTLS).
+   The KES server requires clients to present their certificate for performing mutual TLS (mTLS).
 
    See the :minio-git:`KES wiki <kes/wiki/Configuration#policy-configuration>` 
    for more complete documentation on KES access control.
@@ -286,8 +285,7 @@ Key Management Service and Encryption
 .. envvar:: MINIO_KMS_KES_CERT_FILE
 
    The x.509 certificate to present to the KES server. 
-   The KES server requires clients to present both their certificate and
-   private key for performing mutual TLS (mTLS).
+   The KES server requires clients to present their certificate and for performing mutual TLS (mTLS).
 
    The KES server computes an 
    :minio-git:`identity <kes/wiki/Configuration#policy-configuration>`
@@ -301,7 +299,7 @@ Key Management Service and Encryption
 
 .. envvar:: MINIO_KMS_KES_KEY_NAME
 
-   The name of an external ke to retrieve from the Key Management System (KMS)
+   The name of an external key at the Key Management System (KMS) to perform en/decryption operations
    configured on the KES server. MinIO uses this key for supporting
    server-side encryption of objects (SSE-S3) and MinIO backend encryption.
 
diff --git a/source/tutorials/minio-installation.rst b/source/tutorials/minio-installation.rst
index 7eedca91..69a54b91 100644
--- a/source/tutorials/minio-installation.rst
+++ b/source/tutorials/minio-installation.rst
@@ -193,7 +193,7 @@ The command uses the following options:
        Replace this value with a unique, random, and long string.
 
    * - :envvar:`MINIO_KMS_SECRET_KEY`
-     - The key to use for encrypting the MinIO backend (users, groups,
+     - The key to use for encrypting the MinIO backend (S3 objects, users, groups,
        policies, and server configuration).
 
        Replace this value with a 256-bit base64-encrypted string:
@@ -424,4 +424,4 @@ install using `pkg <https://github.com/freebsd/pkg>`__:
    pkg install minio
    sysrc minio_enable=yes
    sysrc minio_disks=/path/to/disks
-   service minio start
\ No newline at end of file
+   service minio start