diff --git a/xml/System.Security.Cryptography/CngKeyCreationOptions.xml b/xml/System.Security.Cryptography/CngKeyCreationOptions.xml
index 3185843a385..8d3582ea546 100644
--- a/xml/System.Security.Cryptography/CngKeyCreationOptions.xml
+++ b/xml/System.Security.Cryptography/CngKeyCreationOptions.xml
@@ -205,7 +205,7 @@
       </ReturnValue>
       <MemberValue>65536</MemberValue>
       <Docs>
-        <summary>To be added.</summary>
+        <summary>Indicates a key should be protected with Virtualization-based security (VBS).</summary>
       </Docs>
     </Member>
     <Member MemberName="RequireVbs">
@@ -231,7 +231,7 @@
       </ReturnValue>
       <MemberValue>131072</MemberValue>
       <Docs>
-        <summary>To be added.</summary>
+        <summary>Indicates a key must be protected with Virtualization-based security (VBS).</summary>
       </Docs>
     </Member>
     <Member MemberName="UsePerBootKey">
@@ -257,7 +257,9 @@
       </ReturnValue>
       <MemberValue>262144</MemberValue>
       <Docs>
-        <summary>To be added.</summary>
+        <summary>
+          <para>Instructs Virtualization-based security (VBS) to protect the client key with a per-boot key when combined with <see cref="F:System.Security.Cryptography.CngKeyCreationOptions.RequireVbs" /> or <see cref="F:System.Security.Cryptography.CngKeyCreationOptions.PreferVbs" />.</para>
+        </summary>
       </Docs>
     </Member>
   </Members>
diff --git a/xml/System.Security.Cryptography/SafeEvpPKeyHandle.xml b/xml/System.Security.Cryptography/SafeEvpPKeyHandle.xml
index 9efd21776ce..56ae15abd0f 100644
--- a/xml/System.Security.Cryptography/SafeEvpPKeyHandle.xml
+++ b/xml/System.Security.Cryptography/SafeEvpPKeyHandle.xml
@@ -260,11 +260,21 @@
         <Parameter Name="keyUri" Type="System.String" Index="1" FrameworkAlternate="net-9.0" />
       </Parameters>
       <Docs>
-        <param name="providerName">To be added.</param>
-        <param name="keyUri">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
-        <remarks>To be added.</remarks>
+        <param name="providerName">The name of the <code>OSSL_PROVIDER</code> to process the key open request.</param>
+        <param name="keyUri">The URI assigned by the <code>OSSL_PROVIDER</code> of the key to open.</param>
+        <summary>Opens a named key using a named <code>OSSL_PROVIDER</code>.</summary>
+        <returns>The opened key.</returns>
+        <remarks>
+          <para>Both <paramref name="providerName" /> and <paramref name="keyUri" /> must be trusted inputs.</para>
+          <para>This operation will fail if OpenSSL cannot successfully load the named <code>OSSL_PROVIDER</code>, or if the named <code>OSSL_PROVIDER</code> cannot load the named key.</para>
+          <para>The syntax for <paramref name="keyUri" /> is determined by each individual named <code>OSSL_PROVIDER</code>.</para>
+        </remarks>
+        <exception cref="T:System.ArgumentNullException">
+          <paramref name="providerName" /> or <paramref name="keyUri" /> is <see langword="null" />.</exception>
+        <exception cref="T:System.ArgumentException">
+          <paramref name="providerName" /> or <paramref name="keyUri" /> is the empty string.</exception>
+        <exception cref="T:System.PlatformNotSupportedException">The current platform does not support OpenSSL Providers.</exception>
+        <exception cref="T:System.Security.Cryptography.CryptographicException">The key could not be opened via the specified named <code>OSSL_PROVIDER</code>.</exception>
       </Docs>
     </Member>
     <Member MemberName="OpenPrivateKeyFromEngine">