8 years ago · c19124fcac
--- a/docs/secrets.md
+++ b/docs/secrets.md
@@ -20,6 +20,8 @@ Each secret is assigned a functional role which indicates what it is used for. T
 
				 * IKE key strings
			
 
				 * Routing protocol shared secrets
			
 
				 
			
 
				+Roles are also used to control access to secrets. Each role is assigned an arbitrary number of groups and/or users. Only the users associated with a role have permission to decrypt the secrets assigned to that role. (A superuser has permission to decrypt all secrets, provided they have an active user key.)
			
 
				+
			
 
				 ---
			
 
				 
			
 
				 # User Keys