From 195331a759347d7c363661f00be5135ef2be7a1e Mon Sep 17 00:00:00 2001
From: DatuX <edwin@datux.nl>
Date: Tue, 26 Sep 2023 11:42:35 +0200
Subject: [PATCH] Updated Encryption (markdown)

---
 Encryption.md | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/Encryption.md b/Encryption.md
index 1244e72..a00b60c 100644
--- a/Encryption.md
+++ b/Encryption.md
@@ -15,9 +15,14 @@ Things get more interesting if you want to change the encryption-state of a data
 * If you want to encrypt plain datasets when they are received, you should use the `--encrypt` option. Datasets will then be stored encrypted at the target. Datasets that are already encrypted will still be sent over unaltered in raw-mode.
 * If you also want re-encrypt encrypted datasets with the target-side encryption you can use both options. 
 
-Note 1: The --encrypt option will rely on inheriting encryption parameters from the parent datasets on the target side. You are responsible for setting those up and loading the keys. So --encrypt is no guarantee for encryption: If you dont set it up, it cant encrypt.
 
-Note 2: Decide what you want at an early stage: If you change the --encrypt or --decrypt parameter after the inital sync you might get weird and wonderfull errors. (nothing dangerous)
+## Notes
+
+* The --encrypt option will rely on inheriting encryption parameters from the parent datasets on the target side. You are responsible for setting those up and loading the keys. So --encrypt is no guarantee for encryption: If you dont set it up, it cant encrypt. (and will store the data unencrypted)
+
+* --encrypt will be ignored for datasets that are already encrypted: These are transferred in raw mode.
+
+* Decide what you want at an early stage: If you change the --encrypt or --decrypt parameter after the inital sync you might get weird and wonderfull errors. (nothing dangerous)
 
 ## Some common errors while using zfs encryption