From 2a60c506ec8995f580c58336337de1a1881d1060 Mon Sep 17 00:00:00 2001
From: Michael Andrews <michael.andrews@me.com>
Date: Fri, 13 Oct 2017 17:14:37 -0400
Subject: [PATCH 1/2] Updated README

---
 README.rst | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/README.rst b/README.rst
index 10abd46..42435cc 100644
--- a/README.rst
+++ b/README.rst
@@ -13,12 +13,11 @@ mrcrypt: Multi-Region Encryption
 .. image:: https://codecov.io/gh/aol/mrcrypt/branch/master/graph/badge.svg
     :target: https://codecov.io/gh/aol/mrcrypt
 
-mrcrypt is a command-line tool that allows you to encrypt secrets in
-multiple AWS regions using KMS keys using a technique called `Envelope
-Encryption <http://docs.aws.amazon.com/kms/latest/developerguide/workflow.html>`__.
-It is intended to be used with the `AWS Encryption SDK for
-Java <https://github.com/awslabs/aws-encryption-sdk-java>`__, but could
-be used on its own.
+mrcrypt is a command-line tool which encrypts secrets that conform to the AWS Encryption SDK's `message format <http://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/message-format.html>`__ for envelope encryption. Envelope encryption is used to encrypt a file using a KMS data key. That data key is then encrypted with regional KMS Customer Master Keys. Each regionally encrypted data key is then stored in the encrypted message. When decrypting, the appropriate regional CMK is used to decrypt the data key, and the data key is then used to decrypt the file. In other words, encrypt once - decrypt from anywhere.
+
+Because mrcrypt follows the AWS Encryption SDK's message format, files encrypted by mrcrypt can also be decrypted by the AWS Encryption SDKs for Python and Java. This allows application developers to build robust in-app decryption solutions.
+
+mrcrypt itself does not use the AWS Encryption SDK for Python, as it was written prior to its release. However, future releases may decide to do so.
 
 Installation
 ============

From d9a4aa37322d8409c29ad9b3f91dbcb9c356df45 Mon Sep 17 00:00:00 2001
From: Austin Moore <austin_moore@icloud.com>
Date: Fri, 13 Oct 2017 17:33:34 -0400
Subject: [PATCH 2/2] Move note about Python AWS Encryption SDK

Moved down to section about compatibility
---
 README.rst | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/README.rst b/README.rst
index 42435cc..f98f6e0 100644
--- a/README.rst
+++ b/README.rst
@@ -17,8 +17,6 @@ mrcrypt is a command-line tool which encrypts secrets that conform to the AWS En
 
 Because mrcrypt follows the AWS Encryption SDK's message format, files encrypted by mrcrypt can also be decrypted by the AWS Encryption SDKs for Python and Java. This allows application developers to build robust in-app decryption solutions.
 
-mrcrypt itself does not use the AWS Encryption SDK for Python, as it was written prior to its release. However, future releases may decide to do so.
-
 Installation
 ============
 
@@ -185,6 +183,11 @@ Compatability with the AWS Encryption SDK
 Encryption SDK.** But not all files encrypted with the AWS Encryption
 SDK can be decrypted by mrcrypt.
 
+mrcrypt itself does not use the 
+`AWS Encryption SDK for Python <https://github.com/awslabs/aws-encryption-sdk-python>`__,
+as it was written prior to its release. However, future releases may
+decide to do so.
+
 Currently, mrcrypt only supports the AWS Encryption SDK's default (and
 most secure) cryptographic algorithm: