2 files changed, 9 insertions, 7 deletions

diff --git a/docs/configuration/protocols/failover.rst b/docs/configuration/protocols/failover.rst
index daeb65f4..8088e104 100644
--- a/docs/configuration/protocols/failover.rst
+++ b/docs/configuration/protocols/failover.rst
@@ -2,10 +2,10 @@
 Failover
 ########
 
-Failover routes are manually configured routes, but they install
+Failover routes are manually configured routes, but they only install
 to the routing table if the health-check target is alive.
 If the target is not alive the route is removed from the routing table
-until the target will be available.
+until the target becomes available.
 
 ***************
 Failover Routes
diff --git a/docs/configuration/protocols/rpki.rst b/docs/configuration/protocols/rpki.rst
index bb4b9e43..17557884 100644
--- a/docs/configuration/protocols/rpki.rst
+++ b/docs/configuration/protocols/rpki.rst
@@ -138,11 +138,13 @@ Configuration
 SSH
 ===
 
-Connections to the RPKI caching server can not only be established by HTTP/TLS
-but you can also rely on a secure SSH session to the server. To enable SSH,
-first you need to create an SSH client keypair using ``generate ssh
-client-key /config/auth/id_rsa_rpki``. Once your key is created you can setup
-the connection.
+Connections to the RPKI caching server can not only be established by TCP using
+the RTR protocol but you can also rely on a secure SSH session to the server.
+This provides transport integrity and confidentiality and it is a good idea if
+your validation software supports it.  To enable SSH, first you need to create
+an SSH client keypair using ``generate ssh client-key
+/config/auth/id_rsa_rpki``. Once your key is created you can setup the
+connection.
 
 .. cfgcmd:: set protocols rpki cache <address> ssh username <user>