diff --git a/keystone/conf/trust.py b/keystone/conf/trust.py
index 1e73df74b5..1c1067f522 100644
--- a/keystone/conf/trust.py
+++ b/keystone/conf/trust.py
@@ -19,28 +19,34 @@ enabled = cfg.BoolOpt(
     'enabled',
     default=True,
     help=utils.fmt("""
-Delegation and impersonation features can be optionally disabled.
+Delegation and impersonation features using trusts can be optionally disabled.
 """))
 
 allow_redelegation = cfg.BoolOpt(
     'allow_redelegation',
     default=False,
     help=utils.fmt("""
-Enable redelegation feature.
+Allows authorization to be redelegated from one user to another, effectively
+chaining trusts together. When disabled, the `remaining_uses` attribute of a
+trust is constrained to be zero.
 """))
 
 max_redelegation_count = cfg.IntOpt(
     'max_redelegation_count',
     default=3,
     help=utils.fmt("""
-Maximum depth of trust redelegation.
+Maximum number of times that authorization can be redelegated from one user to
+another in a chain of trusts. This number may be reduced further for a specific
+trust.
 """))
 
 driver = cfg.StrOpt(
     'driver',
     default='sql',
     help=utils.fmt("""
-Entrypoint for the trust backend driver in the keystone.trust namespace.
+Entry point for the trust backend driver in the `keystone.trust` namespace.
+Keystone only provides a `sql` driver, so there is no reason to change this
+unless you are providing a custom entry point.
 """))