Enhancing docs

1 files changed, 9 insertions, 2 deletions

diff --git a/share/man/keyringer.1.mdwn b/share/man/keyringer.1.mdwn
index 980d9c5..3b2fbc0 100644
--- a/share/man/keyringer.1.mdwn
+++ b/share/man/keyringer.1.mdwn
@@ -132,7 +132,7 @@ mv <*secret*> <*dest*>
 :   Rename a secret.
 
 edit <*secret*>
-:   Edit a secret by temporarily decrypting it, opening the decrypted copy into the 
+:   Edit a secret by temporarily decrypting it, opening the decrypted copy into the
     text editor defined by the *$EDITOR* environment variable and then re-encrypting it.
 
 encrypt <*secret*> [*file*]
@@ -251,7 +251,10 @@ Keyringer currently has the following limitations:
    repository can discover all public key IDs used for encryption, and which secrets
    are encrypted to which keys. This can be improved in the future by encrypting
    the repository configuration with support for the *--hidden-recipient* GnuPG
-   option.
+   option and encrypted repository options.
+
+   To mitigate that, it's possible to keep the repo just atop of an encrypted and
+   non-public place.
 
 2. History is not rewritten by default when secrets are removed from a keyringer
    repository. After a secret is removed with the *del* action, it will still be
@@ -274,6 +277,10 @@ Keyringer currently has the following limitations:
     Users wishing to edit their repository history should proceed manually
     using the *git* action.
 
+3. Keyringer does not protect data which were not encrypted to a keyring,
+   so be careful when decrypting secrets and writing them to the disk or
+   other storage media.
+
 # SEE ALSO
 
 The *README* file distributed with Keyringer contains full documentation.