tls edits

Author: mestew

memdocs/configmgr/core/plan-design/security/includes/enable-tls-1-2-protocol-security-provider.md

@@ -9,6 +9,4 @@ ms.localizationpriority: medium
 
 <!--## Enable Transport layer security (TLS) 1.2 protocol as a security provider Note: the heading in in the 2 articles (enable-tls-1-2-client & enable-tls-1-2-server) to better facilitate linking. -->
 
-TLS 1.2 is enabled by default. Therefore, no change to these keys is needed to enable it. You can make changes under `Protocols` to disable TLS 1.0 and TLS 1.1 after you've followed the rest of the guidance in these articles and you've verified that the environment works when only TLS 1.2 enabled.
-
-Verify the `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols` registry subkey setting, as shown in [Transport layer security (TLS) best practices with the .NET Framework](/dotnet/framework/network-programming/tls#configuring-security-via-the-windows-registry).
+Usually, protocol usage is controlled at three levels, the operating system level, the framework or platform level, and the application level. TLS 1.2 is enabled by default at the operating system level. Once you ensure that the .NET registry values are set to enable TLS 1.2 and verify the environment is properly utilizing TLS 1.2 on the network, you may want to edit the `SChannel\Protocols` registry key to disable the older, less secure protocols. For more information on disabling TLS 1.0 and 1.1, see [Configuring Schannel protocols in the Windows Registry](/dotnet/framework/network-programming/tls#configuring-schannel-protocols-in-the-windows-registry).