diff options
author | Viktor Dukhovni <openssl-users@dukhovni.org> | 2016-01-06 13:48:16 -0500 |
---|---|---|
committer | Viktor Dukhovni <openssl-users@dukhovni.org> | 2016-01-06 14:15:12 -0500 |
commit | 63b658341e5b033d800014ea1224d2764f24e8bc (patch) | |
tree | 741ae16f6cad869a8079322a29e9268bdfa27bf8 /doc | |
parent | 700b4a4ae7c2a89ca99bfe64baef1eabfa316136 (diff) |
DANE documentation typos
Reported-by: Claus Assmann
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/ssl/SSL_CTX_dane_enable.pod | 4 | ||||
-rw-r--r-- | doc/ssl/SSL_set1_host.pod | 2 |
2 files changed, 3 insertions, 3 deletions
diff --git a/doc/ssl/SSL_CTX_dane_enable.pod b/doc/ssl/SSL_CTX_dane_enable.pod index 66eb1b3d8d..c3c203ef6a 100644 --- a/doc/ssl/SSL_CTX_dane_enable.pod +++ b/doc/ssl/SSL_CTX_dane_enable.pod @@ -41,7 +41,7 @@ to adjust the supported digest algorithms. This must be done before any SSL handles are created for the context. The B<mtype> argument specifies a DANE TLSA matching type and the -the B<md> argument specifies the associated digest algorithm handle. +B<md> argument specifies the associated digest algorithm handle. The B<ord> argument specifies a strength ordinal. Algorithms with a larger strength ordinal are considered more secure. Strength ordinals are used to implement RFC7671 digest algorithm agility. @@ -181,7 +181,7 @@ the lifetime of the SSL connection. } ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len); - /* free data as approriate */ + /* free data as appropriate */ if (ret < 0) /* handle SSL library internal error */ diff --git a/doc/ssl/SSL_set1_host.pod b/doc/ssl/SSL_set1_host.pod index b008a5ff6e..0ef2448438 100644 --- a/doc/ssl/SSL_set1_host.pod +++ b/doc/ssl/SSL_set1_host.pod @@ -35,7 +35,7 @@ that can match the peer's certificate. Any previous names set via SSL_set1_host() or SSL_add1_host() are retained, no change is made if B<name> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches. This function -is required for DANE TLA in the presence of service name indirection +is required for DANE TLSA in the presence of service name indirection via CNAME, MX or SRV records as specified in RFC7671, RFC7672 or RFC7673. |