diff options
author | Ingela Anderton Andin <[email protected]> | 2015-03-17 10:49:50 +0100 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2015-03-17 10:49:50 +0100 |
commit | 5389ac364e76593ab436e1597fe39d93af1caf3c (patch) | |
tree | 298ba5f36bdb853c12c65ec0f682cc0a50bc2e0f | |
parent | e0c0518a14b747cf02a0e5adfbd5b116a189422d (diff) | |
parent | 2c5ec58cedb6d88ea1ecdee4893bba54d397aeed (diff) | |
download | otp-5389ac364e76593ab436e1597fe39d93af1caf3c.tar.gz otp-5389ac364e76593ab436e1597fe39d93af1caf3c.tar.bz2 otp-5389ac364e76593ab436e1597fe39d93af1caf3c.zip |
Merge branch 'ia/ssl/crl/doc'
* ia/ssl/crl/doc:
ssl: Improve documentation
-rw-r--r-- | lib/ssl/doc/src/ssl.xml | 18 | ||||
-rw-r--r-- | lib/ssl/doc/src/ssl_crl_cache.xml | 2 | ||||
-rw-r--r-- | lib/ssl/doc/src/ssl_crl_cache_api.xml | 16 |
3 files changed, 19 insertions, 17 deletions
diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index c9b02d44ec..47100c0d81 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -94,7 +94,7 @@ {log_alert, boolean()} | {server_name_indication, hostname() | disable} </c></p> - <p><c>transportoption() = {cb_info, {CallbackModule::atom(), DataTag::atom(), ClosedTag::atom(), ErrTag:atom()}} + <p><c>transportoption() = {cb_info, {CallbackModule :: atom(), DataTag :: atom(), ClosedTag :: atom(), ErrTag:atom()}} - defaults to {gen_tcp, tcp, tcp_closed, tcp_error}. Can be used to customize the transport layer. The callback module must implement a reliable transport protocol and behave as gen_tcp and in addition have functions corresponding to @@ -303,20 +303,20 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom() | {revo </taglist> </item> - <tag>{crl_check, boolean() | peer | best_effort )</tag> + <tag>{crl_check, boolean() | peer | best_effort }</tag> <item> Perform CRL (Certificate Revocation List) verification <seealso marker="public_key:public_key#pkix_crl_validate-3"> - public_key:pkix_crls_validate/3</seealso>, during the + (public_key:pkix_crls_validate/3)</seealso> on all the certificates during the path validation <seealso - marker="public_key:public_key#pkix_path_validation-3">public_key:pkix_path_validation/3 </seealso> - invokation on all the certificates in the peer certificate chain. Defaults to - false. - + marker="public_key:public_key#pkix_path_validation-3">(public_key:pkix_path_validation/3) + </seealso> + of the certificate chain. Defaults to false. + <p><c>peer</c> - check is only performed on the peer certificate.</p> - <p><c>best_effort</c> - if certificate revokation status can not be determined + <p><c>best_effort</c> - if certificate revocation status can not be determined it will be accepted as valid.</p> <p>The CA certificates specified for the connection will be used to @@ -326,7 +326,7 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom() | {revo <seealso marker="ssl:ssl_crl_cache_api">ssl_crl_cache_api(3)</seealso>.</p> </item> - <tag>{crl_cache, {Module::atom, {DbHandle::internal | term(), Args::list()}}</tag> + <tag>{crl_cache, {Module :: atom(), {DbHandle :: internal | term(), Args :: list()}}}</tag> <item> <p>Module defaults to ssl_crl_cache with <c> DbHandle </c> internal and an empty argument list. The following arguments may be specified for the internal cache.</p> diff --git a/lib/ssl/doc/src/ssl_crl_cache.xml b/lib/ssl/doc/src/ssl_crl_cache.xml index 1ed76d3e2a..b291c7b633 100644 --- a/lib/ssl/doc/src/ssl_crl_cache.xml +++ b/lib/ssl/doc/src/ssl_crl_cache.xml @@ -29,7 +29,7 @@ <p> Implements an internal CRL (Certificate Revocation List) cache. In addition to implementing the <seealso - marker="ssl_cache_crl_api"> ssl_cache_crl_api</seealso> + marker="ssl_cache_crl_api"> ssl_cache_crl_api</seealso> behaviour the following functions are available. </p> </description> diff --git a/lib/ssl/doc/src/ssl_crl_cache_api.xml b/lib/ssl/doc/src/ssl_crl_cache_api.xml index 24365c9f59..3f518496be 100644 --- a/lib/ssl/doc/src/ssl_crl_cache_api.xml +++ b/lib/ssl/doc/src/ssl_crl_cache_api.xml @@ -27,13 +27,15 @@ <modulesummary>API for a SSL/TLS CRL (Certificate Revocation List) cache.</modulesummary> <description> <p> - When SSL/TLS performs certificate path validation according to - <url href="http://www.ietf.org/rfc/rfc5280.txt">RFC 5280 </url> it should - also perform CRL validation checks. To enable the CRL checks the application - needs access to CRLs. A database of CRLs can be set up in many different ways. - This module provides an API to integrate an arbitrary CRL cache with the erlang - ssl application. It is also used by the application itself to provide a simple - default implementation of a CRL cache. + When SSL/TLS performs certificate path validation according to + <url href="http://www.ietf.org/rfc/rfc5280.txt">RFC 5280 </url> + it should also perform CRL validation checks. To enable the CRL + checks the application needs access to CRLs. A database of CRLs + can be set up in many different ways. This module provides the + behavior of the API needed to integrate an arbitrary CRL cache + with the erlang ssl application. It is also used by the + application itself to provide a simple default implementation of + a CRL cache. </p> </description> |