aboutsummaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2015-03-17 10:49:50 +0100
committerIngela Anderton Andin <[email protected]>2015-03-17 10:49:50 +0100
commit5389ac364e76593ab436e1597fe39d93af1caf3c (patch)
tree298ba5f36bdb853c12c65ec0f682cc0a50bc2e0f /lib
parente0c0518a14b747cf02a0e5adfbd5b116a189422d (diff)
parent2c5ec58cedb6d88ea1ecdee4893bba54d397aeed (diff)
downloadotp-5389ac364e76593ab436e1597fe39d93af1caf3c.tar.gz
otp-5389ac364e76593ab436e1597fe39d93af1caf3c.tar.bz2
otp-5389ac364e76593ab436e1597fe39d93af1caf3c.zip
Merge branch 'ia/ssl/crl/doc'
* ia/ssl/crl/doc: ssl: Improve documentation
Diffstat (limited to 'lib')
-rw-r--r--lib/ssl/doc/src/ssl.xml18
-rw-r--r--lib/ssl/doc/src/ssl_crl_cache.xml2
-rw-r--r--lib/ssl/doc/src/ssl_crl_cache_api.xml16
3 files changed, 19 insertions, 17 deletions
diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml
index c9b02d44ec..47100c0d81 100644
--- a/lib/ssl/doc/src/ssl.xml
+++ b/lib/ssl/doc/src/ssl.xml
@@ -94,7 +94,7 @@
{log_alert, boolean()} | {server_name_indication, hostname() | disable}
</c></p>
- <p><c>transportoption() = {cb_info, {CallbackModule::atom(), DataTag::atom(), ClosedTag::atom(), ErrTag:atom()}}
+ <p><c>transportoption() = {cb_info, {CallbackModule :: atom(), DataTag :: atom(), ClosedTag :: atom(), ErrTag:atom()}}
- defaults to {gen_tcp, tcp, tcp_closed, tcp_error}. Can be used to customize
the transport layer. The callback module must implement a reliable transport
protocol and behave as gen_tcp and in addition have functions corresponding to
@@ -303,20 +303,20 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom() | {revo
</taglist>
</item>
- <tag>{crl_check, boolean() | peer | best_effort )</tag>
+ <tag>{crl_check, boolean() | peer | best_effort }</tag>
<item>
Perform CRL (Certificate Revocation List) verification
<seealso marker="public_key:public_key#pkix_crl_validate-3">
- public_key:pkix_crls_validate/3</seealso>, during the
+ (public_key:pkix_crls_validate/3)</seealso> on all the certificates during the path validation
<seealso
- marker="public_key:public_key#pkix_path_validation-3">public_key:pkix_path_validation/3 </seealso>
- invokation on all the certificates in the peer certificate chain. Defaults to
- false.
-
+ marker="public_key:public_key#pkix_path_validation-3">(public_key:pkix_path_validation/3)
+ </seealso>
+ of the certificate chain. Defaults to false.
+
<p><c>peer</c> - check is only performed on
the peer certificate.</p>
- <p><c>best_effort</c> - if certificate revokation status can not be determined
+ <p><c>best_effort</c> - if certificate revocation status can not be determined
it will be accepted as valid.</p>
<p>The CA certificates specified for the connection will be used to
@@ -326,7 +326,7 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom() | {revo
<seealso marker="ssl:ssl_crl_cache_api">ssl_crl_cache_api(3)</seealso>.</p>
</item>
- <tag>{crl_cache, {Module::atom, {DbHandle::internal | term(), Args::list()}}</tag>
+ <tag>{crl_cache, {Module :: atom(), {DbHandle :: internal | term(), Args :: list()}}}</tag>
<item>
<p>Module defaults to ssl_crl_cache with <c> DbHandle </c> internal and an
empty argument list. The following arguments may be specified for the internal cache.</p>
diff --git a/lib/ssl/doc/src/ssl_crl_cache.xml b/lib/ssl/doc/src/ssl_crl_cache.xml
index 1ed76d3e2a..b291c7b633 100644
--- a/lib/ssl/doc/src/ssl_crl_cache.xml
+++ b/lib/ssl/doc/src/ssl_crl_cache.xml
@@ -29,7 +29,7 @@
<p>
Implements an internal CRL (Certificate Revocation List) cache.
In addition to implementing the <seealso
- marker="ssl_cache_crl_api"> ssl_cache_crl_api</seealso>
+ marker="ssl_cache_crl_api"> ssl_cache_crl_api</seealso> behaviour
the following functions are available.
</p>
</description>
diff --git a/lib/ssl/doc/src/ssl_crl_cache_api.xml b/lib/ssl/doc/src/ssl_crl_cache_api.xml
index 24365c9f59..3f518496be 100644
--- a/lib/ssl/doc/src/ssl_crl_cache_api.xml
+++ b/lib/ssl/doc/src/ssl_crl_cache_api.xml
@@ -27,13 +27,15 @@
<modulesummary>API for a SSL/TLS CRL (Certificate Revocation List) cache.</modulesummary>
<description>
<p>
- When SSL/TLS performs certificate path validation according to
- <url href="http://www.ietf.org/rfc/rfc5280.txt">RFC 5280 </url> it should
- also perform CRL validation checks. To enable the CRL checks the application
- needs access to CRLs. A database of CRLs can be set up in many different ways.
- This module provides an API to integrate an arbitrary CRL cache with the erlang
- ssl application. It is also used by the application itself to provide a simple
- default implementation of a CRL cache.
+ When SSL/TLS performs certificate path validation according to
+ <url href="http://www.ietf.org/rfc/rfc5280.txt">RFC 5280 </url>
+ it should also perform CRL validation checks. To enable the CRL
+ checks the application needs access to CRLs. A database of CRLs
+ can be set up in many different ways. This module provides the
+ behavior of the API needed to integrate an arbitrary CRL cache
+ with the erlang ssl application. It is also used by the
+ application itself to provide a simple default implementation of
+ a CRL cache.
</p>
</description>