diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/ssl/SSL_CTX_dane_enable.pod | 4 | ||||
| -rw-r--r-- | doc/ssl/SSL_set1_host.pod | 2 |
2 files changed, 3 insertions, 3 deletions
diff --git a/doc/ssl/SSL_CTX_dane_enable.pod b/doc/ssl/SSL_CTX_dane_enable.pod index 66eb1b3d8d..c3c203ef6a 100644 --- a/doc/ssl/SSL_CTX_dane_enable.pod +++ b/doc/ssl/SSL_CTX_dane_enable.pod @@ -41,7 +41,7 @@ to adjust the supported digest algorithms. This must be done before any SSL handles are created for the context. The B<mtype> argument specifies a DANE TLSA matching type and the -the B<md> argument specifies the associated digest algorithm handle. +B<md> argument specifies the associated digest algorithm handle. The B<ord> argument specifies a strength ordinal. Algorithms with a larger strength ordinal are considered more secure. Strength ordinals are used to implement RFC7671 digest algorithm agility. @@ -181,7 +181,7 @@ the lifetime of the SSL connection. } ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len); - /* free data as approriate */ + /* free data as appropriate */ if (ret < 0) /* handle SSL library internal error */ diff --git a/doc/ssl/SSL_set1_host.pod b/doc/ssl/SSL_set1_host.pod index b008a5ff6e..0ef2448438 100644 --- a/doc/ssl/SSL_set1_host.pod +++ b/doc/ssl/SSL_set1_host.pod @@ -35,7 +35,7 @@ that can match the peer's certificate. Any previous names set via SSL_set1_host() or SSL_add1_host() are retained, no change is made if B<name> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches. This function -is required for DANE TLA in the presence of service name indirection +is required for DANE TLSA in the presence of service name indirection via CNAME, MX or SRV records as specified in RFC7671, RFC7672 or RFC7673. |