1 files changed, 7 insertions, 5 deletions

diff --git a/doc/manual.cli b/doc/manual.cli
index 505585b..dc8dd37 100644
--- a/doc/manual.cli
+++ b/doc/manual.cli
@@ -410,9 +410,11 @@ starts with the task request manifest followed by a list of machine manifests.
 
 \li|\n\c{fingerprint: <agent-fingerprint>}\n
 
-  The SHA256 fingerprint of the agent's public key. If not present, and
-  the controller is configured to require it, then it responds with the
-  \c{unauthorized} (401) HTTP status code.||
+  The SHA256 fingerprint of the agent's public key. An agent may be configured
+  not to use the certificate-based authentication in which case it does not
+  include this value. However, the controller may be configured to require
+  the authentication in which case it will respond with the
+  401 (unauthorized) HTTP status code.|
 
 
 \h#arch-task-res-manifest|Task Response Manifest|
@@ -477,8 +479,8 @@ result response and only a successful but empty POST result is returned.
 \li|\n\c{challenge: <text>}\n
 
   The answer to the private key challenge as posed by the controller in the
-  task response. Must present only if the challenge value was present in the
-  task response.||
+  task response. Must be present only if the challenge value was present in
+  the task response.||
 
 
 \h#arch-worker|Worker Logic|