diff --git a/docs/config.md b/docs/config.md
index 344083286..1b353cd3e 100644
--- a/docs/config.md
+++ b/docs/config.md
@@ -203,11 +203,20 @@ version = 2
         endpoint = ["https://registry-1.docker.io", ]
 
   # 'plugins."io.containerd.grpc.v1.cri".image_decryption' contains config related
-  # to the handling decryption of encrypted container images.
+  # to handling decryption of encrypted container images.
   [plugins."io.containerd.grpc.v1.cri".image_decryption]
-    # key_model sets how the trust model of where keys should reside for the
-    # decryption of encrypted container images. The default is "node".
-    # The docs/encryption.md file provides further information of key models.
+    # key_model defines the name of the key model used for how the cri obtains
+    # keys used for decryption of encrypted container images.
+    # Set of available string options: {"node"}
+    #
+    # In order to use the decryption feature, additional configurations must be made.
+    # The [decryption document](https://github.com/containerd/cri/blob/master/docs/decryption.md)
+    # provides information of key models and how to set them up with stream processors and the
+    # containerd imgcrypt decoder.
+    #
+    # Additional information on stream processors and imgcrypt:
+    # * Stream processors: https://github.com/containerd/containerd/blob/master/docs/stream_processors.md
+    # * Containerd imgcrypt : https://github.com/containerd/imgcrypt
     key_model = "node"
 ```
 
diff --git a/docs/encryption.md b/docs/decryption.md
similarity index 93%
rename from docs/encryption.md
rename to docs/decryption.md
index ff1406e1c..e1e54a4f9 100644
--- a/docs/encryption.md
+++ b/docs/decryption.md
@@ -1,5 +1,5 @@
-# Configure Image Encryption
-This document describes the method to configure image encryption for `containerd` for use with the `cri` plugin.
+# Configure Image Decryption
+This document describes the method to configure encrypted container image decryption for `containerd` for use with the `cri` plugin.
 
 ## Encrypted Container Images
 
@@ -17,7 +17,7 @@ In this model encryption is tied to worker nodes. The usecase here revolves arou
 
 The default configuration does not handle decrypting encrypted container images.
 
-An example for configuring the "node" key model for container image decryption is as follows:
+An example for configuring the "node" key model for container image decryption:
 
 ```toml
 [plugins.cri.image_decryption]
@@ -36,8 +36,6 @@ An example for configuring the "node" key model for container image decryption i
     args = ["--decryption-keys-path", "/keys"]
 ```
 
-
-
 In this example, container image decryption is set to use the "node" key model. In addition, the decryption `stream_processors` are configured as specified in [containerd/imgcrypt project](https://github.com/containerd/imgcrypt), with the additional field `--decryption-keys-path` configured to specify where decryption keys are located locally in the node.
 
 After modify this config, you need restart the `containerd` service.