docs(README.md): update description of installation process

Sponsored-by: author

1 files changed, 11 insertions, 8 deletions

diff --git a/README.md b/README.md
index c836cec..a069c8a 100644
--- a/README.md
+++ b/README.md
@@ -191,17 +191,19 @@ still being installed in a chroot.
 
 Thus, **v-i** does the following:
 
-* delete any trace of LVM2 from all drives, wipe all SSDs, and
-  generally reset the system to as close to a blank state as possible
-  - there is no question "are you sure?" to give the user a chance to
-    repent: as soon as you run **v-i**, you've lost all your data
+* delete any trace of LVM2 from all drives, erase all SSDs (securely,
+  if possble), and generally reset the system to as close to a blank
+  state as possible
+  - __there is no question "are you sure?" to give the user a chance to
+    repent: as soon as you run **v-i**, you've lost all your data__
 * create a partition table ("label") on the target drive
-* create EFI and boot partitions, needed to boot with UEFI and LUKS
+* create cleartext EFI and boot partitions, needed to boot with UEFI
+  and LUKS
 * create a physical volume for LVM2, and a logical volume for the root
   file system
   - add any additional drives as physical volumes to the volume group
-  - optionally use LUKS for full disk encryption for each physical
-    volume
+  - optionally use LUKS2 for full disk encryption for each physical
+    volume (LUKS2 for `argon2id` support)
 * install the Debian base system
   - run `debootstrap`, install a boot loader, and create fstab and
     `crypttab` files
@@ -212,7 +214,8 @@ Thus, **v-i** does the following:
   - install an SSH server
   - add a chosen SSH public key to the root user's authorized keys
     file
-* run any additional playbooks
+  - other configuration
+* run any additional playbooks provided by the user
 
 **v-i** uses the **vmdb2** caching feature, where the results of
 `debootstrap` and some other steps get stored in a compressed tar