diff --git a/examples/pycaosdb.ini b/examples/pycaosdb.ini
index 429e1d8cdbacdc2f09ae86385c7e273bd068121c..b5d7defc9d9125d300a12c4b1cb0b1015c073b73 100644
--- a/examples/pycaosdb.ini
+++ b/examples/pycaosdb.ini
@@ -15,12 +15,12 @@
 # The password input method defines how the password is supplied that is used
 # for authentication with the server.
 #
-# DEFAULT: `input` 
+# DEFAULT: `input`
 # The username is optional in this case.  The password is entered directly by the user.
 # password_method=input
 #
-# OR: `plain` 
-# This implies that the password must # be saved as plain text in a 
+# OR: `plain`
+# This implies that the password must # be saved as plain text in a
 # configuration under the 'password' key.
 # password_method=plain
 # password=caosdb
@@ -32,7 +32,7 @@
 # password_method=pass
 # password_identifier=caosdb_password
 #
-# OR: `keyring` 
+# OR: `keyring`
 # Using the system keyring/wallet (macOS, GNOME, KDE, Windows)
 # requires installation of the keyring python package (pip install keyring).
 # password_method=keyring
@@ -41,20 +41,24 @@
 # not recommended for users.
 # auth_token=TOKEN
 
-# If the server's SSL certificate cannot be validated by your installed 
-# certificates (default or installed by your admins), you may also need to 
+# If the server's SSL certificate cannot be validated by your installed
+# certificates (default or installed by your admins), you may also need to
 # supply the matching key (pem file):
 # cacert=/path/to/caosdb.ca.pem
 
-# If this option is set, the SSL certificate will be ignored.  Use with care!
+# If this option is set, the SSL certificate of the server will not be
+# validated. This has the potential of a man-in-the-middle attack. Use with care!
 # ssl_insecure=True
 
-# You may define the ssl version to be used. It has to be the name of the 
+# You may define the ssl version to be used. It has to be the name of the
 # corresponding attribute in the Python ssl module.
 # ssl_version=PROTOCOL_TLS
 
 # You can define a socket proxy to be used.
-# socket_proxy=
+# This is for the case that the server sits behind a firewall which is being
+# tunnelled with a socket proxy (SOCKS4 or SOCKS5) (e.g. via ssh's -D option or
+# a dedicated proxy server).
+# socket_proxy=localhost:12345
 
-# You can define the connection implementation to be used.
-# implementation
+# This option is used internally and for testing. Do not override.
+# implementation=_DefaultCaosDBServerConnection