diff --git a/_docs/080_encryption.md b/_docs/080_encryption.md
index 54b0b9a..0854b6c 100644
--- a/_docs/080_encryption.md
+++ b/_docs/080_encryption.md
@@ -6,8 +6,9 @@ It can be useful to manage confidential files, like SSH keys, across multiple
 systems. However, doing so would put plain text data into a Git repository,
 which often resides on a public system. yadm implements a feature which can
 make it easy to encrypt and decrypt a set of files so the encrypted version can
-be maintained in the Git repository. This feature will only work if the gpg
-command is available.
+be maintained in the Git repository. This feature will only work if the gpg or
+openssl commands are available. To use OpenSSL see the section lower on this
+page.
 _It is recommended that you use a private repository when keeping confidential
 files, even though they are encrypted._
 
@@ -16,14 +17,14 @@ To use this feature, a list of patterns must be created and saved as
 
     .ssh/*.key
 
-The `yadm encrypt` command will find all files matching the patterns, and
-prompt for a password. Once a password has confirmed, the matching files will be
-encrypted and saved as `$HOME/.config/yadm/files.gpg`. The patterns and files.gpg
-should be added to the yadm repository so they are available across multiple
-systems.
+The `yadm encrypt` command will find all files matching the patterns, and prompt
+for a password. Once a password has confirmed, the matching files will be
+encrypted and saved as `$HOME/.local/share/yadm/archive`. The patterns and
+`archive` should be added to the yadm repository so they are available across
+multiple systems.
 
     yadm add .config/yadm/encrypt
-    yadm add .config/yadm/files.gpg
+    yadm add .local/share/yadm/archive
 
 To decrypt these files later, or on another system run `yadm decrypt` and
 provide the correct password.
@@ -39,6 +40,20 @@ be enabled using the `yadm.gpg-recipient` configuration. To do so, run:
 
 For this to work, `<recipient-address>` must exist in your gpg keyrings.
 
+## OpenSSL
+
+OpenSSL can be used instead of gpg by specifying the option `yadm.cipher`,
+setting it to "openssl".
+
+    yadm config yadm.cipher openssl
+
+There are a few other options to control how the OpenSSL archive is created.
+
+* `yadm.openssl-ciphername` determines the cipher algorithm used. "aes-256-cbc"
+  is used by default.
+* `yadm.openssl-old` is a boolean option that uses parameters more suitable for
+  older versions of OpenSSL. This option defaults to "false".
+
 ## transcrypt & git-crypt
 
 transcrypt & git-crypt are tools that enable transparent encryption and