Clarify that encryption is always performed client-side.

Suggested by Bruce Burdick.

doc/xml/reference.xml

@@ -477,7 +477,7 @@
                         <ul>
                             <li><id>none</id> - The repository is not encrypted</li>
                             <li><id>aes-256-cbc</id> - Advanced Encryption Standard with 256 bit key length</li>
-                        </ul></text>
+                        </ul>Note that encryption is always performed client-side even if the repository type (e.g. S3) supports encryption.</text>
 
                         <default>none</default>
                         <example>aes-256-cbc</example>

doc/xml/release.xml

@@ -13,6 +13,17 @@
 
     <release-list>
         <release date="XXXX-XX-XX" version="2.09dev" title="UNDER DEVELOPMENT">
+            <release-doc-list>
+                <release-improvement-list>
+                    <release-item>
+                        <release-item-contributor-list>
+                            <release-item-ideator id="bruce.burdick"/>
+                        </release-item-contributor-list>
+
+                        <p>Clarify that encryption is always performed client-side.</p>
+                    </release-item>
+                </release-improvement-list>
+            </release-doc-list>
         </release>
 
         <release date="2019-01-02" version="2.08" title="Minor Improvements and Bug Fixes">
@@ -5994,6 +6005,11 @@
             <contributor-id type="github">scrummyin</contributor-id>
         </contributor>
 
+        <contributor id="bruce.burdick">
+            <contributor-name-display>Bruce Burdick</contributor-name-display>
+            <contributor-id type="github">baburdick</contributor-id>
+        </contributor>
+
         <contributor id="camilo.aguilar">
             <contributor-name-display>Camilo Aguilar</contributor-name-display>
             <contributor-id type="github">c4milo</contributor-id>

doc/xml/user-guide.xml

@@ -941,7 +941,7 @@
         <section id="configure-encryption">
             <title>Configure Repository Encryption</title>
 
-            <p>The repository will be configured with a cipher type and key to demonstrate encryption.</p>
+            <p>The repository will be configured with a cipher type and key to demonstrate encryption.  Encryption is always performed client-side even if the repository type (e.g. S3) supports encryption.</p>
 
             <p>It is important to use a long, random passphrase for the cipher key.  A good way to generate one is to run: <code>openssl rand -base64 48</code>.</p>