From 0f2d15c95f98e7b271111c9311210a808c624adb Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Fri, 8 May 2015 15:57:15 +0200
Subject: public_key, ssl: Align public_key and ssl doc

Make sure that links from ssl to public_key work.

OTP-12670 - Ignoring 1.2 extension in 1.0 or TLS-1.1
solved by 5edda23ee854038c9d4bcddd0d676ee0ffd20da5
is mentioned here to make the release scripts happy,
as the branch solving this accidently had a name ending 1267
instead of 12670
---
 lib/public_key/doc/src/Makefile               |   2 +-
 lib/public_key/doc/src/part.xml               |   2 +-
 lib/public_key/doc/src/public_key_records.xml | 841 ++++++++++++++++++++++++++
 lib/public_key/doc/src/records.xml            | 841 --------------------------
 lib/ssl/doc/src/ssl.xml                       |   8 +-
 lib/ssl/doc/src/ssl_crl_cache_api.xml         |   4 +-
 6 files changed, 849 insertions(+), 849 deletions(-)
 create mode 100644 lib/public_key/doc/src/public_key_records.xml
 delete mode 100644 lib/public_key/doc/src/records.xml

diff --git a/lib/public_key/doc/src/Makefile b/lib/public_key/doc/src/Makefile
index 2adc13a5cf..d04819b5aa 100644
--- a/lib/public_key/doc/src/Makefile
+++ b/lib/public_key/doc/src/Makefile
@@ -42,7 +42,7 @@ XML_REF6_FILES =
 XML_PART_FILES = part.xml part_notes.xml
 XML_CHAPTER_FILES = \
 	introduction.xml \
-        records.xml \
+        public_key_records.xml \
 	using_public_key.xml \
 	notes.xml
 
diff --git a/lib/public_key/doc/src/part.xml b/lib/public_key/doc/src/part.xml
index d3cc9303bd..465f311946 100644
--- a/lib/public_key/doc/src/part.xml
+++ b/lib/public_key/doc/src/part.xml
@@ -38,7 +38,7 @@
     PKCS</url> standard.</p>
   </description>
   <xi:include href="introduction.xml"/>
-  <xi:include href="records.xml"/>
+  <xi:include href="public_key_records.xml"/>
   <xi:include href="using_public_key.xml"/>
 </part>
 
diff --git a/lib/public_key/doc/src/public_key_records.xml b/lib/public_key/doc/src/public_key_records.xml
new file mode 100644
index 0000000000..9536167839
--- /dev/null
+++ b/lib/public_key/doc/src/public_key_records.xml
@@ -0,0 +1,841 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE chapter SYSTEM "chapter.dtd">
+
+<chapter>
+  <header>
+    <copyright>
+      <year>2008</year>
+      <year>2015</year>
+      <holder>Ericsson AB, All Rights Reserved</holder>
+    </copyright>
+    <legalnotice>
+  The contents of this file are subject to the Erlang Public License,
+  Version 1.1, (the "License"); you may not use this file except in
+  compliance with the License. You should have received a copy of the
+  Erlang Public License along with this software. If not, it can be
+  retrieved online at http://www.erlang.org/.
+
+  Software distributed under the License is distributed on an "AS IS"
+  basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
+  the License for the specific language governing rights and limitations
+  under the License.
+
+  The Initial Developer of the Original Code is Ericsson AB.
+    </legalnotice>
+
+    <title>Public-Key Records</title>
+    <prepared>Ingela Anderton Andin</prepared>
+    <responsible></responsible>
+    <docno></docno>
+    <approved></approved>
+    <checked></checked>
+    <date>2008-02-06</date>
+    <rev>A</rev>
+    <file>public_key_records.xml</file>
+  </header>
+    
+  <p>This chapter briefly describes Erlang records derived from ASN.1
+  specifications used to handle public key infrastructure.
+  The scope is to describe the data types of each component,
+  not the semantics. For information on the
+  semantics, refer to the relevant standards and RFCs linked in the sections below.</p>
+
+  <p>Use the following include directive to get access to the
+  records and constant macros described in the following sections:</p>
+  
+  <code> -include_lib("public_key/include/public_key.hrl"). </code>
+
+ <section>
+    <title>Data Types</title>   
+
+    <p>Common non-standard Erlang
+    data types used to describe the record fields in the
+    following sections and which are not defined in the Public Key <seealso
+    marker="public_key">Reference Manual</seealso>
+    follows here:</p>
+    
+    <taglist>
+      <tag><c>time()</c></tag>
+      <item><p>= <c>uct_time() | general_time()</c></p></item>
+
+      <tag><c>uct_time()</c></tag>
+      <item><p>= <c>{utcTime, "YYMMDDHHMMSSZ"}</c></p></item>
+
+      <tag><c>general_time()</c></tag>
+      <item><p>= <c>{generalTime, "YYYYMMDDHHMMSSZ"}</c></p></item>
+ 
+      <tag><c>general_name()</c></tag>
+      <item>= <p><c>{rfc822Name, string()}</c></p>
+      <p><c>| {dNSName, string()}</c></p>
+      <p><c>| {x400Address, string()}</c></p>
+      <p><c>| {directoryName, {rdnSequence, [#AttributeTypeAndValue'{}]}}</c></p>
+      <p><c>| {eidPartyName, special_string()}</c></p>
+      <p><c>| {eidPartyName, special_string(), special_string()}</c></p>
+      <p><c>| {uniformResourceIdentifier, string()}</c></p>
+      <p><c>| {ipAddress, string()}</c></p>
+      <p><c>| {registeredId, oid()}</c></p>
+      <p><c>| {otherName, term()}</c></p>
+      </item>
+
+      <tag><c>special_string()</c></tag>
+      <item>= <p><c>{teletexString, string()}</c></p>
+      <p><c>| {printableString, string()}</c></p>
+      <p><c>| {universalString, string()}</c></p>
+      <p><c>| {utf8String, binary()}</c></p>
+      <p><c>| {bmpString, string()}</c></p>
+      </item>
+
+      <tag><c>dist_reason()</c></tag>
+      <item>= <p><c>unused</c></p>
+      <p><c>| keyCompromise</c></p>
+      <p><c>| cACompromise</c></p>
+      <p><c>| affiliationChanged</c></p>
+      <p><c>| superseded</c></p>
+      <p><c>| cessationOfOperation</c></p>
+      <p><c>| certificateHold</c></p>
+      <p><c>| privilegeWithdrawn</c></p>
+      <p><c>| aACompromise</c></p>
+      </item>
+
+      <tag><c>OID_macro()</c></tag>
+      <item>= <p><c>?OID_name() </c></p>
+      </item>
+      
+      <tag><c>OID_name()</c></tag>
+      <item>= <p><c>atom()</c></p>
+      </item>
+      
+    </taglist>
+
+  </section>
+  
+  <section>
+    <title>RSA</title>
+    <p>Erlang representation of <url href="http://www.ietf.org/rfc/rfc3447.txt"> 
+    Rivest-Shamir-Adleman cryptosystem (RSA)</url> keys follows:</p>
+    
+    <code>
+#'RSAPublicKey'{
+	  modulus,       % integer()
+	  publicExponent % integer()
+	  }.
+
+#'RSAPrivateKey'{
+          version,         % two-prime | multi
+	  modulus,         % integer()
+	  publicExponent,  % integer()
+	  privateExponent, % integer()
+	  prime1,          % integer() 
+	  prime2,          % integer()
+	  exponent1,       % integer()
+	  exponent2,       % integer()
+	  coefficient,     % integer()
+	  otherPrimeInfos  % [#OtherPrimeInfo{}] | asn1_NOVALUE
+	 }.
+
+#'OtherPrimeInfo'{
+	prime,           % integer()
+	exponent,        % integer()
+	coefficient      % integer()
+ 	 }.	 </code>
+
+  </section>
+
+  <section>
+    <title>DSA</title>
+     <p>Erlang representation of <url href="http://www.ietf.org/rfc/rfc6979.txt">Digigital Signature Algorithm (DSA)</url> keys</p>
+    <code>	 
+#'DSAPrivateKey',{
+	  version,      % integer()
+	  p,            % integer()
+	  q,            % integer()
+	  g,            % integer()
+	  y,            % integer()
+	  x             % integer()
+	  }.
+
+#'Dss-Parms',{
+         p,         % integer()
+	 q,         % integer()
+	 g          % integer()
+	 }. </code>
+	
+  </section>
+
+  <section>
+       <title>ECDSA </title>
+       <p>Erlang representation of  <url href="http://www.ietf.org/rfc/rfc6979.txt">Elliptic Curve Digital Signature Algorithm (ECDSA)</url> keys follows:</p> 
+    
+    <code>	 
+#'ECPrivateKey'{
+          version,       % integer()
+	  privateKey,    % binary()  
+	  parameters,    % der_encoded() - {'EcpkParameters', #'ECParameters'{}} |
+	                                   {'EcpkParameters', {namedCurve, oid()}} |
+	                                   {'EcpkParameters', 'NULL'} % Inherited by CA
+	  publicKey      % bitstring()
+	  }.
+	  
+#'ECParameters'{
+      version,    % integer()
+      fieldID,    % #'FieldID'{}
+      curve,      % #'Curve'{}
+      base,       % binary()       
+      order,      % integer()        
+      cofactor    % integer()
+      }.
+      
+#'Curve'{
+	a,        % binary()
+	b,        % binary() 
+	seed      % bitstring() - optional
+
+	}.
+
+#'FieldID'{
+	fieldType,    % oid()
+	parameters    % Depending on fieldType
+	}.
+
+#'ECPoint'{
+      point %  binary() - the public key
+      }.</code>
+  </section>
+
+  <section>
+    <title>PKIX Certificates</title>   
+    <p>Erlang representation of PKIX certificates derived from ASN.1 
+    specifications see also <url href="http://www.ietf.org/rfc/rfc5280.txt">X509 certificates (RFC 5280)</url>, also referred to as <c>plain</c> type,  are as follows:</p>
+<code>
+#'Certificate'{
+		tbsCertificate,        % #'TBSCertificate'{}
+		signatureAlgorithm,    % #'AlgorithmIdentifier'{} 
+		signature              % bitstring()
+	       }.
+
+#'TBSCertificate'{
+	  version,              % v1 | v2 | v3 
+	  serialNumber,         % integer() 
+	  signature,            % #'AlgorithmIdentifier'{} 
+	  issuer,               % {rdnSequence, [#AttributeTypeAndValue'{}]} 
+	  validity,             % #'Validity'{}
+	  subject,              % {rdnSequence, [#AttributeTypeAndValue'{}]} 
+	  subjectPublicKeyInfo, % #'SubjectPublicKeyInfo'{}
+	  issuerUniqueID,       % binary() | asn1_novalue
+	  subjectUniqueID,      % binary() | asn1_novalue
+	  extensions            % [#'Extension'{}] 
+	 }.
+	  
+#'AlgorithmIdentifier'{
+	  algorithm,  % oid() 
+	  parameters  % der_encoded()
+	 }.</code>
+
+<p>Erlang alternate representation of PKIX certificate, also referred to as <c>otp</c> type</p>
+	 
+<code>
+#'OTPCertificate'{
+		tbsCertificate,        % #'OTPTBSCertificate'{}
+		signatureAlgorithm,    % #'SignatureAlgorithm'
+		signature              % bitstring()
+	       }.
+
+#'OTPTBSCertificate'{
+	  version,              % v1 | v2 | v3 
+	  serialNumber,         % integer() 
+	  signature,            % #'SignatureAlgorithm'
+	  issuer,               % {rdnSequence, [#AttributeTypeAndValue'{}]} 
+	  validity,             % #'Validity'{}
+	  subject,              % {rdnSequence, [#AttributeTypeAndValue'{}]} 
+	  subjectPublicKeyInfo, % #'OTPSubjectPublicKeyInfo'{}
+	  issuerUniqueID,       % binary() | asn1_novalue
+	  subjectUniqueID,      % binary() | asn1_novalue
+	  extensions            % [#'Extension'{}] 
+	 }.
+	  
+#'SignatureAlgorithm'{
+	  algorithm,  % id_signature_algorithm()
+	  parameters  % asn1_novalue | #'Dss-Parms'{}
+	 }.</code>
+
+<p><c>id_signature_algorithm() = OID_macro()</c></p>
+
+<p>The available OID names are as follows:</p>
+<table>
+  <row>
+    <cell align="left" valign="middle"><em>OID Name</em></cell>
+  </row>
+  <row>
+    <cell align="left" valign="middle">id-dsa-with-sha1</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">id-dsaWithSHA1 (ISO or OID to above)</cell>
+      </row>
+       <row>
+	<cell align="left" valign="middle">md2WithRSAEncryption</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">md5WithRSAEncryption</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">sha1WithRSAEncryption</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">sha-1WithRSAEncryption (ISO or OID to above)</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">sha224WithRSAEncryption</cell>
+      </row>
+       <row>
+	<cell align="left" valign="middle">sha256WithRSAEncryption</cell>
+      </row>
+     <row>
+	<cell align="left" valign="middle">sha512WithRSAEncryption</cell>
+      </row>
+        <row>
+	  <cell align="left" valign="middle">ecdsa-with-SHA1</cell>
+     </row>
+      <tcaption>Signature Algorithm OIDs </tcaption>
+</table>
+    
+<p>The data type <c>'AttributeTypeAndValue'</c>, is represented as
+ the following erlang record:</p>
+
+<code>
+#'AttributeTypeAndValue'{
+	  type,   % id_attributes()
+	  value   % term() 
+	 }.</code>
+
+<p>The attribute OID name atoms and their corresponding value types
+are as follows:</p>
+<table>
+  <row>
+    <cell align="left" valign="middle"><em>OID Name</em></cell>
+    <cell align="left" valign="middle"><em>Value Type</em></cell>
+  </row>
+  <row>
+    <cell align="left" valign="middle">id-at-name</cell>
+    <cell align="left" valign="middle">special_string()</cell>
+  </row>      
+  <row>
+    <cell align="left" valign="middle">id-at-surname</cell>
+    <cell align="left" valign="middle">special_string()</cell>
+  </row>
+  <row>
+    <cell align="left" valign="middle">id-at-givenName</cell>
+    <cell align="left" valign="middle">special_string()</cell>
+  </row>
+  <row>
+    <cell align="left" valign="middle">id-at-initials </cell>
+    <cell align="left" valign="middle">special_string()</cell>
+  </row>
+  <row>
+    <cell align="left" valign="middle">id-at-generationQualifier</cell>
+    <cell align="left" valign="middle">special_string()</cell>
+  </row>
+  <row>
+    <cell align="left" valign="middle">id-at-commonName</cell>
+    <cell align="left" valign="middle">special_string()</cell>
+  </row>   
+  <row>
+    <cell align="left" valign="middle">id-at-localityName</cell>
+    <cell align="left" valign="middle">special_string()</cell>
+  </row>
+  <row>
+    <cell align="left" valign="middle">id-at-stateOrProvinceName</cell>
+    <cell align="left" valign="middle">special_string()</cell>
+  </row>
+  <row>
+    <cell align="left" valign="middle">id-at-organizationName</cell>
+    <cell align="left" valign="middle">special_string()</cell>
+  </row>
+  <row>
+    <cell align="left" valign="middle">id-at-title</cell>
+    <cell align="left" valign="middle">special_string()</cell>
+  </row>
+  <row>
+    <cell align="left" valign="middle">id-at-dnQualifier</cell>
+    <cell align="left" valign="middle">{printableString, string()}</cell>
+  </row>
+  <row>
+    <cell align="left" valign="middle">id-at-countryName</cell>
+    <cell align="left" valign="middle">{printableString, string()}</cell>
+  </row>
+  <row>
+    <cell align="left" valign="middle">id-at-serialNumber</cell>
+    <cell align="left" valign="middle">{printableString, string()}</cell>
+  </row>      
+  <row>
+    <cell align="left" valign="middle">id-at-pseudonym</cell>
+    <cell align="left" valign="middle">special_string()</cell>
+  </row>
+  <tcaption>Attribute OIDs</tcaption>
+</table>
+    
+<p>The data types <c>'Validity'</c>, <c>'SubjectPublicKeyInfo'</c>, and 
+<c>'SubjectPublicKeyInfoAlgorithm'</c> are represented as the following Erlang records:</p>
+
+<code>
+#'Validity'{ 
+	  notBefore, % time()
+	  notAfter   % time()
+	 }.
+	 
+#'SubjectPublicKeyInfo'{
+	  algorithm,       % #AlgorithmIdentifier{} 
+	  subjectPublicKey % binary() 
+	 }.
+
+#'SubjectPublicKeyInfoAlgorithm'{
+	  algorithm,  % id_public_key_algorithm()
+	  parameters  % public_key_params()
+	 }.</code>
+
+<p>The public-key algorithm OID name atoms are as follows:</p>
+<table>
+  <row>
+    <cell align="left" valign="middle"><em>OID Name</em></cell>
+  </row>
+  <row>
+    <cell align="left" valign="middle">rsaEncryption</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">id-dsa</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">dhpublicnumber</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">id-keyExchangeAlgorithm</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">id-ecPublicKey</cell>
+      </row>
+      <tcaption>Public-Key Algorithm OIDs</tcaption>
+</table>
+    
+<code>
+#'Extension'{
+	  extnID,    % id_extensions() | oid() 
+	  critical,  % boolean()
+	  extnValue  % der_encoded()
+	 }.</code>
+
+<p><c>id_extensions()</c>  
+  <seealso marker="#StdCertExt">Standard Certificate Extensions</seealso>, 
+  <seealso marker="#PrivIntExt">Private Internet Extensions</seealso>,  
+  <seealso marker="#CRLCertExt">CRL Extensions</seealso> and 
+  <seealso marker="#CRLEntryExt">CRL Entry Extensions</seealso>.
+</p>
+    
+</section>
+  
+<section>
+  <marker id="StdCertExt"></marker>
+  <title>Standard Certificate Extensions</title>
+    
+  <p>The standard certificate extensions OID name atoms and their 
+  corresponding value types are as follows:</p>
+
+  <table>
+      <row>
+	<cell align="left" valign="middle"><em>OID Name</em></cell>
+	<cell align="left" valign="middle"><em>Value Type</em></cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">id-ce-authorityKeyIdentifier</cell>
+	<cell align="left" valign="middle">#'AuthorityKeyIdentifier'{}</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">id-ce-subjectKeyIdentifier</cell>
+	<cell align="left" valign="middle">oid()</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">id-ce-keyUsage</cell>
+	<cell align="left" valign="middle">[key_usage()]</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">id-ce-privateKeyUsagePeriod</cell>
+	<cell align="left" valign="middle">#'PrivateKeyUsagePeriod'{}</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">id-ce-certificatePolicies</cell>
+	<cell align="left" valign="middle">#'PolicyInformation'{}</cell>
+      </row>
+      
+      <row>
+	<cell align="left" valign="middle">id-ce-policyMappings</cell>
+	<cell align="left" valign="middle">#'PolicyMappings_SEQOF'{}</cell>
+      </row>
+      
+      <row>
+	<cell align="left" valign="middle">id-ce-subjectAltName</cell>
+	<cell align="left" valign="middle">general_name()</cell>
+      </row>
+
+      <row>
+	<cell align="left" valign="middle">id-ce-issuerAltName</cell>
+	<cell align="left" valign="middle">general_name()</cell>
+      </row>
+      
+      <row>
+	<cell align="left" valign="middle">id-ce-subjectDirectoryAttributes</cell>
+	<cell align="left" valign="middle"> [#'Attribute'{}]</cell>
+      </row>
+
+      <row>
+          <cell align="left" valign="middle">id-ce-basicConstraints</cell>
+	  <cell align="left" valign="middle">#'BasicConstraints'{}</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">id-ce-nameConstraints</cell>
+	<cell align="left" valign="middle">#'NameConstraints'{}</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">id-ce-policyConstraints</cell>
+	<cell align="left" valign="middle">#'PolicyConstraints'{}</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">id-ce-extKeyUsage</cell>
+	<cell align="left" valign="middle">[id_key_purpose()]</cell>
+      </row>
+      
+      <row>
+	<cell align="left" valign="middle">id-ce-cRLDistributionPoints</cell>
+	<cell align="left" valign="middle">[#'DistributionPoint'{}]</cell>
+      </row>
+      
+      <row>
+	<cell align="left" valign="middle">id-ce-inhibitAnyPolicy</cell>
+	<cell align="left" valign="middle">integer()</cell>
+      </row>
+      
+      <row>
+	<cell align="left" valign="middle">id-ce-freshestCRL</cell>
+	<cell align="left" valign="middle">[#'DistributionPoint'{}]</cell>
+      </row>
+      
+      
+      <tcaption>Standard Certificate Extensions</tcaption>
+    </table>
+
+    <p>Here:</p>
+    <taglist>
+      <tag><c>key_usage()</c></tag>
+      <item>= <p><c>digitalSignature</c></p>
+      <p><c>| nonRepudiation</c></p>
+      <p><c>| keyEncipherment</c></p>
+      <p><c>| dataEncipherment</c></p>
+      <p><c>| keyAgreement</c></p>
+      <p><c>| keyCertSign</c></p>
+      <p><c>| cRLSign</c></p>
+      <p><c>| encipherOnly</c></p>
+      <p><c>| decipherOnly </c></p>
+      </item>
+    </taglist>
+   
+    <p>And for <c>id_key_purpose()</c>:</p>
+    
+<table>
+  <row>
+    <cell align="left" valign="middle"><em>OID Name</em></cell>
+  </row>
+  <row>
+    <cell align="left" valign="middle">id-kp-serverAuth</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">id-kp-clientAuth</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">id-kp-codeSigning</cell>
+      </row>
+      <row>
+	<cell align="left" valign="middle">id-kp-emailProtection</cell>
+      </row>
+       <row>
+	<cell align="left" valign="middle">id-kp-timeStamping</cell>
+      </row>
+       <row>
+	<cell align="left" valign="middle">id-kp-OCSPSigning</cell>
+      </row>
+      <tcaption>Key Purpose OIDs</tcaption>
+</table>
+    
+    <code>
+#'AuthorityKeyIdentifier'{
+	  keyIdentifier,	    % oid()
+	  authorityCertIssuer,      % general_name()
+	  authorityCertSerialNumber % integer() 
+	 }.
+
+#'PrivateKeyUsagePeriod'{
+	  notBefore,   % general_time()
+	  notAfter     % general_time()
+	 }.
+
+#'PolicyInformation'{
+	  policyIdentifier,  % oid()
+	  policyQualifiers   % [#PolicyQualifierInfo{}]
+	 }.
+
+#'PolicyQualifierInfo'{
+	  policyQualifierId,   % oid()
+	  qualifier            % string() | #'UserNotice'{}
+	 }.
+
+#'UserNotice'{
+         noticeRef,   % #'NoticeReference'{}
+	 explicitText % string()
+	 }.
+
+#'NoticeReference'{
+         organization,    % string()
+	 noticeNumbers    % [integer()]
+	 }.
+
+#'PolicyMappings_SEQOF'{
+	  issuerDomainPolicy,  % oid()
+	  subjectDomainPolicy  % oid()
+	 }.
+
+#'Attribute'{
+          type,  % oid()
+	  values % [der_encoded()]
+	  }).
+
+#'BasicConstraints'{
+	  cA,		    % boolean()
+	  pathLenConstraint % integer()
+	 }).
+
+#'NameConstraints'{
+	  permittedSubtrees, % [#'GeneralSubtree'{}]
+	  excludedSubtrees   % [#'GeneralSubtree'{}]
+	 }).
+
+#'GeneralSubtree'{
+	  base,    % general_name()
+	  minimum, % integer()
+	  maximum  % integer()
+	 }).
+
+#'PolicyConstraints'{
+	  requireExplicitPolicy, % integer()
+	  inhibitPolicyMapping   % integer()
+	 }).
+
+#'DistributionPoint'{
+	  distributionPoint, % {fullName, [general_name()]} | {nameRelativeToCRLIssuer,
+	  [#AttributeTypeAndValue{}]}
+	  reasons,           % [dist_reason()]
+	  cRLIssuer          % [general_name()]
+	 }).</code>
+
+</section>
+
+ <section>
+   <marker id="PrivIntExt"></marker>
+   <title>Private Internet Extensions</title>   
+
+   <p>The private internet extensions OID name atoms and their corresponding value 
+   types are as follows:</p>
+
+   <table>
+        <row>
+          <cell align="left" valign="middle"><em>OID Name</em></cell>
+          <cell align="left" valign="middle"><em>Value Type</em></cell>
+        </row>
+        <row>
+          <cell align="left" valign="middle">id-pe-authorityInfoAccess</cell>
+          <cell align="left" valign="middle">[#'AccessDescription'{}]</cell>
+        </row>
+	<row>
+          <cell align="left" valign="middle">id-pe-subjectInfoAccess</cell>
+          <cell align="left" valign="middle">[#'AccessDescription'{}]</cell>
+        </row>
+        <tcaption>Private Internet Extensions</tcaption>
+      </table>   
+ 
+<code>
+#'AccessDescription'{
+           accessMethod,    % oid()
+	   accessLocation   % general_name()
+	 }).</code>
+
+ </section>
+ 
+<section>
+    <title>CRL and CRL Extensions Profile</title>
+
+    <p>Erlang representation of CRL and CRL extensions profile 
+    derived from ASN.1 specifications and RFC 5280 are as follows:</p>
+
+ <code>
+#'CertificateList'{
+          tbsCertList,        % #'TBSCertList{}
+          signatureAlgorithm, % #'AlgorithmIdentifier'{} 
+          signature           % bitstring()
+	  }).
+
+#'TBSCertList'{
+      version,             % v2 (if defined)
+      signature,           % #AlgorithmIdentifier{}
+      issuer,              % {rdnSequence, [#AttributeTypeAndValue'{}]} 
+      thisUpdate,          % time()
+      nextUpdate,          % time() 
+      revokedCertificates, % [#'TBSCertList_revokedCertificates_SEQOF'{}]
+      crlExtensions        % [#'Extension'{}]
+      }).
+
+#'TBSCertList_revokedCertificates_SEQOF'{
+         userCertificate,      % integer()
+ 	 revocationDate,       % timer()
+	 crlEntryExtensions    % [#'Extension'{}]
+	 }).</code>
+ 
+ <section>
+   <marker id="CRLCertExt"></marker>
+   <title>CRL Extensions</title>
+
+   <p>The CRL extensions OID name atoms and their corresponding value types are as follows:</p>
+   
+   
+        <table>
+        <row>
+          <cell align="left" valign="middle"><em>OID Name</em></cell>
+          <cell align="left" valign="middle"><em>Value Type</em></cell>
+        </row>
+        <row>
+          <cell align="left" valign="middle">id-ce-authorityKeyIdentifier</cell>
+          <cell align="left" valign="middle">#'AuthorityKeyIdentifier{}</cell>
+        </row>
+        <row>
+          <cell align="left" valign="middle">id-ce-issuerAltName</cell>
+          <cell align="left" valign="middle">{rdnSequence, [#AttributeTypeAndValue'{}]}</cell>
+           </row>
+	    <row>
+          <cell align="left" valign="middle">id-ce-cRLNumber</cell>
+          <cell align="left" valign="middle">integer()</cell>
+           </row>
+	    <row>
+          <cell align="left" valign="middle">id-ce-deltaCRLIndicator</cell>
+          <cell align="left" valign="middle">integer()</cell>
+           </row>
+	    <row>
+          <cell align="left" valign="middle">id-ce-issuingDistributionPoint</cell>
+          <cell align="left" valign="middle">#'IssuingDistributionPoint'{}</cell>
+           </row>
+	   <row>
+          <cell align="left" valign="middle">id-ce-freshestCRL</cell>
+          <cell align="left" valign="middle">[#'Distributionpoint'{}]</cell>
+           </row>
+	   
+        <tcaption>CRL Extensions</tcaption>
+      </table>
+      
+      <p>Here, the data type <c>'IssuingDistributionPoint'</c> is represented as 
+      the following Erlang record:</p>
+
+      <code>
+#'IssuingDistributionPoint'{
+          distributionPoint,         % {fullName, [general_name()]} | {nameRelativeToCRLIssuer,
+	  [#AttributeTypeAndValue'{}]}
+	  onlyContainsUserCerts,     % boolean()
+	  onlyContainsCACerts,       % boolean()
+	  onlySomeReasons,           % [dist_reason()]
+	  indirectCRL,               % boolean()
+	  onlyContainsAttributeCerts % boolean()
+	  }).</code> 
+ </section>
+ 
+ <section>
+   <marker id="CRLEntryExt"></marker>
+   <title>CRL Entry Extensions</title>
+
+   <p>The CRL entry extensions OID name atoms and their corresponding value types are as follows:</p>
+
+       <table>
+        <row>
+          <cell align="left" valign="middle"><em>OID Name</em></cell>
+          <cell align="left" valign="middle"><em>Value Type</em></cell>
+        </row>
+        <row>
+          <cell align="left" valign="middle">id-ce-cRLReason</cell>
+          <cell align="left" valign="middle">crl_reason()</cell>
+        </row>
+        <row>
+          <cell align="left" valign="middle">id-ce-holdInstructionCode</cell>
+          <cell align="left" valign="middle">oid()</cell>
+           </row>
+	    <row>
+          <cell align="left" valign="middle">id-ce-invalidityDate</cell>
+          <cell align="left" valign="middle">general_time()</cell>
+           </row>
+	    <row>
+          <cell align="left" valign="middle">id-ce-certificateIssuer</cell>
+          <cell align="left" valign="middle">general_name()</cell>
+           </row>
+	   <tcaption>CRL Entry Extensions</tcaption>
+       </table>
+
+
+       <p>Here:</p>
+       <taglist>
+      <tag><c>crl_reason()</c></tag>
+      <item>= <p><c>unspecified</c></p>
+      <p><c>| keyCompromise</c></p>
+      <p><c>| cACompromise</c></p>
+      <p><c>| affiliationChanged</c></p>
+      <p><c>| superseded</c></p>
+      <p><c>| cessationOfOperation</c></p>
+      <p><c>| certificateHold</c></p>
+      <p><c>| removeFromCRL</c></p>
+      <p><c>| privilegeWithdrawn</c></p>
+      <p><c>| aACompromise</c></p>
+      </item>
+       </taglist>
+
+ </section>
+
+ <section>
+   <marker id="PKCS10"></marker>
+   <title>PKCS#10 Certification Request</title>
+   <p>Erlang representation of a PKCS#10 certification request 
+   derived from ASN.1 specifications and RFC 5280 are as follows:</p>
+   <code>
+#'CertificationRequest'{
+          certificationRequestInfo #'CertificationRequestInfo'{},
+	  signatureAlgorithm	   #'CertificationRequest_signatureAlgorithm'{}}.
+	  signature                bitstring()
+	  }
+
+#'CertificationRequestInfo'{
+	  version       atom(),
+	  subject       {rdnSequence, [#AttributeTypeAndValue'{}]} ,
+	  subjectPKInfo #'CertificationRequestInfo_subjectPKInfo'{},
+	  attributes    [#'AttributePKCS-10' {}]
+	  }
+
+#'CertificationRequestInfo_subjectPKInfo'{
+          algorithm		#'CertificationRequestInfo_subjectPKInfo_algorithm'{}
+	  subjectPublicKey 	  bitstring()
+	  }
+
+#'CertificationRequestInfo_subjectPKInfo_algorithm'{
+     algorithm = oid(),
+     parameters = der_encoded()
+}	  
+
+#'CertificationRequest_signatureAlgorithm'{
+     algorithm = oid(),
+     parameters = der_encoded()
+     }
+
+#'AttributePKCS-10'{
+    type = oid(),
+    values = [der_encoded()]
+}  </code> 
+ </section>
+</section>
+</chapter>
diff --git a/lib/public_key/doc/src/records.xml b/lib/public_key/doc/src/records.xml
deleted file mode 100644
index 9536167839..0000000000
--- a/lib/public_key/doc/src/records.xml
+++ /dev/null
@@ -1,841 +0,0 @@
-<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE chapter SYSTEM "chapter.dtd">
-
-<chapter>
-  <header>
-    <copyright>
-      <year>2008</year>
-      <year>2015</year>
-      <holder>Ericsson AB, All Rights Reserved</holder>
-    </copyright>
-    <legalnotice>
-  The contents of this file are subject to the Erlang Public License,
-  Version 1.1, (the "License"); you may not use this file except in
-  compliance with the License. You should have received a copy of the
-  Erlang Public License along with this software. If not, it can be
-  retrieved online at http://www.erlang.org/.
-
-  Software distributed under the License is distributed on an "AS IS"
-  basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-  the License for the specific language governing rights and limitations
-  under the License.
-
-  The Initial Developer of the Original Code is Ericsson AB.
-    </legalnotice>
-
-    <title>Public-Key Records</title>
-    <prepared>Ingela Anderton Andin</prepared>
-    <responsible></responsible>
-    <docno></docno>
-    <approved></approved>
-    <checked></checked>
-    <date>2008-02-06</date>
-    <rev>A</rev>
-    <file>public_key_records.xml</file>
-  </header>
-    
-  <p>This chapter briefly describes Erlang records derived from ASN.1
-  specifications used to handle public key infrastructure.
-  The scope is to describe the data types of each component,
-  not the semantics. For information on the
-  semantics, refer to the relevant standards and RFCs linked in the sections below.</p>
-
-  <p>Use the following include directive to get access to the
-  records and constant macros described in the following sections:</p>
-  
-  <code> -include_lib("public_key/include/public_key.hrl"). </code>
-
- <section>
-    <title>Data Types</title>   
-
-    <p>Common non-standard Erlang
-    data types used to describe the record fields in the
-    following sections and which are not defined in the Public Key <seealso
-    marker="public_key">Reference Manual</seealso>
-    follows here:</p>
-    
-    <taglist>
-      <tag><c>time()</c></tag>
-      <item><p>= <c>uct_time() | general_time()</c></p></item>
-
-      <tag><c>uct_time()</c></tag>
-      <item><p>= <c>{utcTime, "YYMMDDHHMMSSZ"}</c></p></item>
-
-      <tag><c>general_time()</c></tag>
-      <item><p>= <c>{generalTime, "YYYYMMDDHHMMSSZ"}</c></p></item>
- 
-      <tag><c>general_name()</c></tag>
-      <item>= <p><c>{rfc822Name, string()}</c></p>
-      <p><c>| {dNSName, string()}</c></p>
-      <p><c>| {x400Address, string()}</c></p>
-      <p><c>| {directoryName, {rdnSequence, [#AttributeTypeAndValue'{}]}}</c></p>
-      <p><c>| {eidPartyName, special_string()}</c></p>
-      <p><c>| {eidPartyName, special_string(), special_string()}</c></p>
-      <p><c>| {uniformResourceIdentifier, string()}</c></p>
-      <p><c>| {ipAddress, string()}</c></p>
-      <p><c>| {registeredId, oid()}</c></p>
-      <p><c>| {otherName, term()}</c></p>
-      </item>
-
-      <tag><c>special_string()</c></tag>
-      <item>= <p><c>{teletexString, string()}</c></p>
-      <p><c>| {printableString, string()}</c></p>
-      <p><c>| {universalString, string()}</c></p>
-      <p><c>| {utf8String, binary()}</c></p>
-      <p><c>| {bmpString, string()}</c></p>
-      </item>
-
-      <tag><c>dist_reason()</c></tag>
-      <item>= <p><c>unused</c></p>
-      <p><c>| keyCompromise</c></p>
-      <p><c>| cACompromise</c></p>
-      <p><c>| affiliationChanged</c></p>
-      <p><c>| superseded</c></p>
-      <p><c>| cessationOfOperation</c></p>
-      <p><c>| certificateHold</c></p>
-      <p><c>| privilegeWithdrawn</c></p>
-      <p><c>| aACompromise</c></p>
-      </item>
-
-      <tag><c>OID_macro()</c></tag>
-      <item>= <p><c>?OID_name() </c></p>
-      </item>
-      
-      <tag><c>OID_name()</c></tag>
-      <item>= <p><c>atom()</c></p>
-      </item>
-      
-    </taglist>
-
-  </section>
-  
-  <section>
-    <title>RSA</title>
-    <p>Erlang representation of <url href="http://www.ietf.org/rfc/rfc3447.txt"> 
-    Rivest-Shamir-Adleman cryptosystem (RSA)</url> keys follows:</p>
-    
-    <code>
-#'RSAPublicKey'{
-	  modulus,       % integer()
-	  publicExponent % integer()
-	  }.
-
-#'RSAPrivateKey'{
-          version,         % two-prime | multi
-	  modulus,         % integer()
-	  publicExponent,  % integer()
-	  privateExponent, % integer()
-	  prime1,          % integer() 
-	  prime2,          % integer()
-	  exponent1,       % integer()
-	  exponent2,       % integer()
-	  coefficient,     % integer()
-	  otherPrimeInfos  % [#OtherPrimeInfo{}] | asn1_NOVALUE
-	 }.
-
-#'OtherPrimeInfo'{
-	prime,           % integer()
-	exponent,        % integer()
-	coefficient      % integer()
- 	 }.	 </code>
-
-  </section>
-
-  <section>
-    <title>DSA</title>
-     <p>Erlang representation of <url href="http://www.ietf.org/rfc/rfc6979.txt">Digigital Signature Algorithm (DSA)</url> keys</p>
-    <code>	 
-#'DSAPrivateKey',{
-	  version,      % integer()
-	  p,            % integer()
-	  q,            % integer()
-	  g,            % integer()
-	  y,            % integer()
-	  x             % integer()
-	  }.
-
-#'Dss-Parms',{
-         p,         % integer()
-	 q,         % integer()
-	 g          % integer()
-	 }. </code>
-	
-  </section>
-
-  <section>
-       <title>ECDSA </title>
-       <p>Erlang representation of  <url href="http://www.ietf.org/rfc/rfc6979.txt">Elliptic Curve Digital Signature Algorithm (ECDSA)</url> keys follows:</p> 
-    
-    <code>	 
-#'ECPrivateKey'{
-          version,       % integer()
-	  privateKey,    % binary()  
-	  parameters,    % der_encoded() - {'EcpkParameters', #'ECParameters'{}} |
-	                                   {'EcpkParameters', {namedCurve, oid()}} |
-	                                   {'EcpkParameters', 'NULL'} % Inherited by CA
-	  publicKey      % bitstring()
-	  }.
-	  
-#'ECParameters'{
-      version,    % integer()
-      fieldID,    % #'FieldID'{}
-      curve,      % #'Curve'{}
-      base,       % binary()       
-      order,      % integer()        
-      cofactor    % integer()
-      }.
-      
-#'Curve'{
-	a,        % binary()
-	b,        % binary() 
-	seed      % bitstring() - optional
-
-	}.
-
-#'FieldID'{
-	fieldType,    % oid()
-	parameters    % Depending on fieldType
-	}.
-
-#'ECPoint'{
-      point %  binary() - the public key
-      }.</code>
-  </section>
-
-  <section>
-    <title>PKIX Certificates</title>   
-    <p>Erlang representation of PKIX certificates derived from ASN.1 
-    specifications see also <url href="http://www.ietf.org/rfc/rfc5280.txt">X509 certificates (RFC 5280)</url>, also referred to as <c>plain</c> type,  are as follows:</p>
-<code>
-#'Certificate'{
-		tbsCertificate,        % #'TBSCertificate'{}
-		signatureAlgorithm,    % #'AlgorithmIdentifier'{} 
-		signature              % bitstring()
-	       }.
-
-#'TBSCertificate'{
-	  version,              % v1 | v2 | v3 
-	  serialNumber,         % integer() 
-	  signature,            % #'AlgorithmIdentifier'{} 
-	  issuer,               % {rdnSequence, [#AttributeTypeAndValue'{}]} 
-	  validity,             % #'Validity'{}
-	  subject,              % {rdnSequence, [#AttributeTypeAndValue'{}]} 
-	  subjectPublicKeyInfo, % #'SubjectPublicKeyInfo'{}
-	  issuerUniqueID,       % binary() | asn1_novalue
-	  subjectUniqueID,      % binary() | asn1_novalue
-	  extensions            % [#'Extension'{}] 
-	 }.
-	  
-#'AlgorithmIdentifier'{
-	  algorithm,  % oid() 
-	  parameters  % der_encoded()
-	 }.</code>
-
-<p>Erlang alternate representation of PKIX certificate, also referred to as <c>otp</c> type</p>
-	 
-<code>
-#'OTPCertificate'{
-		tbsCertificate,        % #'OTPTBSCertificate'{}
-		signatureAlgorithm,    % #'SignatureAlgorithm'
-		signature              % bitstring()
-	       }.
-
-#'OTPTBSCertificate'{
-	  version,              % v1 | v2 | v3 
-	  serialNumber,         % integer() 
-	  signature,            % #'SignatureAlgorithm'
-	  issuer,               % {rdnSequence, [#AttributeTypeAndValue'{}]} 
-	  validity,             % #'Validity'{}
-	  subject,              % {rdnSequence, [#AttributeTypeAndValue'{}]} 
-	  subjectPublicKeyInfo, % #'OTPSubjectPublicKeyInfo'{}
-	  issuerUniqueID,       % binary() | asn1_novalue
-	  subjectUniqueID,      % binary() | asn1_novalue
-	  extensions            % [#'Extension'{}] 
-	 }.
-	  
-#'SignatureAlgorithm'{
-	  algorithm,  % id_signature_algorithm()
-	  parameters  % asn1_novalue | #'Dss-Parms'{}
-	 }.</code>
-
-<p><c>id_signature_algorithm() = OID_macro()</c></p>
-
-<p>The available OID names are as follows:</p>
-<table>
-  <row>
-    <cell align="left" valign="middle"><em>OID Name</em></cell>
-  </row>
-  <row>
-    <cell align="left" valign="middle">id-dsa-with-sha1</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">id-dsaWithSHA1 (ISO or OID to above)</cell>
-      </row>
-       <row>
-	<cell align="left" valign="middle">md2WithRSAEncryption</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">md5WithRSAEncryption</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">sha1WithRSAEncryption</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">sha-1WithRSAEncryption (ISO or OID to above)</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">sha224WithRSAEncryption</cell>
-      </row>
-       <row>
-	<cell align="left" valign="middle">sha256WithRSAEncryption</cell>
-      </row>
-     <row>
-	<cell align="left" valign="middle">sha512WithRSAEncryption</cell>
-      </row>
-        <row>
-	  <cell align="left" valign="middle">ecdsa-with-SHA1</cell>
-     </row>
-      <tcaption>Signature Algorithm OIDs </tcaption>
-</table>
-    
-<p>The data type <c>'AttributeTypeAndValue'</c>, is represented as
- the following erlang record:</p>
-
-<code>
-#'AttributeTypeAndValue'{
-	  type,   % id_attributes()
-	  value   % term() 
-	 }.</code>
-
-<p>The attribute OID name atoms and their corresponding value types
-are as follows:</p>
-<table>
-  <row>
-    <cell align="left" valign="middle"><em>OID Name</em></cell>
-    <cell align="left" valign="middle"><em>Value Type</em></cell>
-  </row>
-  <row>
-    <cell align="left" valign="middle">id-at-name</cell>
-    <cell align="left" valign="middle">special_string()</cell>
-  </row>      
-  <row>
-    <cell align="left" valign="middle">id-at-surname</cell>
-    <cell align="left" valign="middle">special_string()</cell>
-  </row>
-  <row>
-    <cell align="left" valign="middle">id-at-givenName</cell>
-    <cell align="left" valign="middle">special_string()</cell>
-  </row>
-  <row>
-    <cell align="left" valign="middle">id-at-initials </cell>
-    <cell align="left" valign="middle">special_string()</cell>
-  </row>
-  <row>
-    <cell align="left" valign="middle">id-at-generationQualifier</cell>
-    <cell align="left" valign="middle">special_string()</cell>
-  </row>
-  <row>
-    <cell align="left" valign="middle">id-at-commonName</cell>
-    <cell align="left" valign="middle">special_string()</cell>
-  </row>   
-  <row>
-    <cell align="left" valign="middle">id-at-localityName</cell>
-    <cell align="left" valign="middle">special_string()</cell>
-  </row>
-  <row>
-    <cell align="left" valign="middle">id-at-stateOrProvinceName</cell>
-    <cell align="left" valign="middle">special_string()</cell>
-  </row>
-  <row>
-    <cell align="left" valign="middle">id-at-organizationName</cell>
-    <cell align="left" valign="middle">special_string()</cell>
-  </row>
-  <row>
-    <cell align="left" valign="middle">id-at-title</cell>
-    <cell align="left" valign="middle">special_string()</cell>
-  </row>
-  <row>
-    <cell align="left" valign="middle">id-at-dnQualifier</cell>
-    <cell align="left" valign="middle">{printableString, string()}</cell>
-  </row>
-  <row>
-    <cell align="left" valign="middle">id-at-countryName</cell>
-    <cell align="left" valign="middle">{printableString, string()}</cell>
-  </row>
-  <row>
-    <cell align="left" valign="middle">id-at-serialNumber</cell>
-    <cell align="left" valign="middle">{printableString, string()}</cell>
-  </row>      
-  <row>
-    <cell align="left" valign="middle">id-at-pseudonym</cell>
-    <cell align="left" valign="middle">special_string()</cell>
-  </row>
-  <tcaption>Attribute OIDs</tcaption>
-</table>
-    
-<p>The data types <c>'Validity'</c>, <c>'SubjectPublicKeyInfo'</c>, and 
-<c>'SubjectPublicKeyInfoAlgorithm'</c> are represented as the following Erlang records:</p>
-
-<code>
-#'Validity'{ 
-	  notBefore, % time()
-	  notAfter   % time()
-	 }.
-	 
-#'SubjectPublicKeyInfo'{
-	  algorithm,       % #AlgorithmIdentifier{} 
-	  subjectPublicKey % binary() 
-	 }.
-
-#'SubjectPublicKeyInfoAlgorithm'{
-	  algorithm,  % id_public_key_algorithm()
-	  parameters  % public_key_params()
-	 }.</code>
-
-<p>The public-key algorithm OID name atoms are as follows:</p>
-<table>
-  <row>
-    <cell align="left" valign="middle"><em>OID Name</em></cell>
-  </row>
-  <row>
-    <cell align="left" valign="middle">rsaEncryption</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">id-dsa</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">dhpublicnumber</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">id-keyExchangeAlgorithm</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">id-ecPublicKey</cell>
-      </row>
-      <tcaption>Public-Key Algorithm OIDs</tcaption>
-</table>
-    
-<code>
-#'Extension'{
-	  extnID,    % id_extensions() | oid() 
-	  critical,  % boolean()
-	  extnValue  % der_encoded()
-	 }.</code>
-
-<p><c>id_extensions()</c>  
-  <seealso marker="#StdCertExt">Standard Certificate Extensions</seealso>, 
-  <seealso marker="#PrivIntExt">Private Internet Extensions</seealso>,  
-  <seealso marker="#CRLCertExt">CRL Extensions</seealso> and 
-  <seealso marker="#CRLEntryExt">CRL Entry Extensions</seealso>.
-</p>
-    
-</section>
-  
-<section>
-  <marker id="StdCertExt"></marker>
-  <title>Standard Certificate Extensions</title>
-    
-  <p>The standard certificate extensions OID name atoms and their 
-  corresponding value types are as follows:</p>
-
-  <table>
-      <row>
-	<cell align="left" valign="middle"><em>OID Name</em></cell>
-	<cell align="left" valign="middle"><em>Value Type</em></cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">id-ce-authorityKeyIdentifier</cell>
-	<cell align="left" valign="middle">#'AuthorityKeyIdentifier'{}</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">id-ce-subjectKeyIdentifier</cell>
-	<cell align="left" valign="middle">oid()</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">id-ce-keyUsage</cell>
-	<cell align="left" valign="middle">[key_usage()]</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">id-ce-privateKeyUsagePeriod</cell>
-	<cell align="left" valign="middle">#'PrivateKeyUsagePeriod'{}</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">id-ce-certificatePolicies</cell>
-	<cell align="left" valign="middle">#'PolicyInformation'{}</cell>
-      </row>
-      
-      <row>
-	<cell align="left" valign="middle">id-ce-policyMappings</cell>
-	<cell align="left" valign="middle">#'PolicyMappings_SEQOF'{}</cell>
-      </row>
-      
-      <row>
-	<cell align="left" valign="middle">id-ce-subjectAltName</cell>
-	<cell align="left" valign="middle">general_name()</cell>
-      </row>
-
-      <row>
-	<cell align="left" valign="middle">id-ce-issuerAltName</cell>
-	<cell align="left" valign="middle">general_name()</cell>
-      </row>
-      
-      <row>
-	<cell align="left" valign="middle">id-ce-subjectDirectoryAttributes</cell>
-	<cell align="left" valign="middle"> [#'Attribute'{}]</cell>
-      </row>
-
-      <row>
-          <cell align="left" valign="middle">id-ce-basicConstraints</cell>
-	  <cell align="left" valign="middle">#'BasicConstraints'{}</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">id-ce-nameConstraints</cell>
-	<cell align="left" valign="middle">#'NameConstraints'{}</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">id-ce-policyConstraints</cell>
-	<cell align="left" valign="middle">#'PolicyConstraints'{}</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">id-ce-extKeyUsage</cell>
-	<cell align="left" valign="middle">[id_key_purpose()]</cell>
-      </row>
-      
-      <row>
-	<cell align="left" valign="middle">id-ce-cRLDistributionPoints</cell>
-	<cell align="left" valign="middle">[#'DistributionPoint'{}]</cell>
-      </row>
-      
-      <row>
-	<cell align="left" valign="middle">id-ce-inhibitAnyPolicy</cell>
-	<cell align="left" valign="middle">integer()</cell>
-      </row>
-      
-      <row>
-	<cell align="left" valign="middle">id-ce-freshestCRL</cell>
-	<cell align="left" valign="middle">[#'DistributionPoint'{}]</cell>
-      </row>
-      
-      
-      <tcaption>Standard Certificate Extensions</tcaption>
-    </table>
-
-    <p>Here:</p>
-    <taglist>
-      <tag><c>key_usage()</c></tag>
-      <item>= <p><c>digitalSignature</c></p>
-      <p><c>| nonRepudiation</c></p>
-      <p><c>| keyEncipherment</c></p>
-      <p><c>| dataEncipherment</c></p>
-      <p><c>| keyAgreement</c></p>
-      <p><c>| keyCertSign</c></p>
-      <p><c>| cRLSign</c></p>
-      <p><c>| encipherOnly</c></p>
-      <p><c>| decipherOnly </c></p>
-      </item>
-    </taglist>
-   
-    <p>And for <c>id_key_purpose()</c>:</p>
-    
-<table>
-  <row>
-    <cell align="left" valign="middle"><em>OID Name</em></cell>
-  </row>
-  <row>
-    <cell align="left" valign="middle">id-kp-serverAuth</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">id-kp-clientAuth</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">id-kp-codeSigning</cell>
-      </row>
-      <row>
-	<cell align="left" valign="middle">id-kp-emailProtection</cell>
-      </row>
-       <row>
-	<cell align="left" valign="middle">id-kp-timeStamping</cell>
-      </row>
-       <row>
-	<cell align="left" valign="middle">id-kp-OCSPSigning</cell>
-      </row>
-      <tcaption>Key Purpose OIDs</tcaption>
-</table>
-    
-    <code>
-#'AuthorityKeyIdentifier'{
-	  keyIdentifier,	    % oid()
-	  authorityCertIssuer,      % general_name()
-	  authorityCertSerialNumber % integer() 
-	 }.
-
-#'PrivateKeyUsagePeriod'{
-	  notBefore,   % general_time()
-	  notAfter     % general_time()
-	 }.
-
-#'PolicyInformation'{
-	  policyIdentifier,  % oid()
-	  policyQualifiers   % [#PolicyQualifierInfo{}]
-	 }.
-
-#'PolicyQualifierInfo'{
-	  policyQualifierId,   % oid()
-	  qualifier            % string() | #'UserNotice'{}
-	 }.
-
-#'UserNotice'{
-         noticeRef,   % #'NoticeReference'{}
-	 explicitText % string()
-	 }.
-
-#'NoticeReference'{
-         organization,    % string()
-	 noticeNumbers    % [integer()]
-	 }.
-
-#'PolicyMappings_SEQOF'{
-	  issuerDomainPolicy,  % oid()
-	  subjectDomainPolicy  % oid()
-	 }.
-
-#'Attribute'{
-          type,  % oid()
-	  values % [der_encoded()]
-	  }).
-
-#'BasicConstraints'{
-	  cA,		    % boolean()
-	  pathLenConstraint % integer()
-	 }).
-
-#'NameConstraints'{
-	  permittedSubtrees, % [#'GeneralSubtree'{}]
-	  excludedSubtrees   % [#'GeneralSubtree'{}]
-	 }).
-
-#'GeneralSubtree'{
-	  base,    % general_name()
-	  minimum, % integer()
-	  maximum  % integer()
-	 }).
-
-#'PolicyConstraints'{
-	  requireExplicitPolicy, % integer()
-	  inhibitPolicyMapping   % integer()
-	 }).
-
-#'DistributionPoint'{
-	  distributionPoint, % {fullName, [general_name()]} | {nameRelativeToCRLIssuer,
-	  [#AttributeTypeAndValue{}]}
-	  reasons,           % [dist_reason()]
-	  cRLIssuer          % [general_name()]
-	 }).</code>
-
-</section>
-
- <section>
-   <marker id="PrivIntExt"></marker>
-   <title>Private Internet Extensions</title>   
-
-   <p>The private internet extensions OID name atoms and their corresponding value 
-   types are as follows:</p>
-
-   <table>
-        <row>
-          <cell align="left" valign="middle"><em>OID Name</em></cell>
-          <cell align="left" valign="middle"><em>Value Type</em></cell>
-        </row>
-        <row>
-          <cell align="left" valign="middle">id-pe-authorityInfoAccess</cell>
-          <cell align="left" valign="middle">[#'AccessDescription'{}]</cell>
-        </row>
-	<row>
-          <cell align="left" valign="middle">id-pe-subjectInfoAccess</cell>
-          <cell align="left" valign="middle">[#'AccessDescription'{}]</cell>
-        </row>
-        <tcaption>Private Internet Extensions</tcaption>
-      </table>   
- 
-<code>
-#'AccessDescription'{
-           accessMethod,    % oid()
-	   accessLocation   % general_name()
-	 }).</code>
-
- </section>
- 
-<section>
-    <title>CRL and CRL Extensions Profile</title>
-
-    <p>Erlang representation of CRL and CRL extensions profile 
-    derived from ASN.1 specifications and RFC 5280 are as follows:</p>
-
- <code>
-#'CertificateList'{
-          tbsCertList,        % #'TBSCertList{}
-          signatureAlgorithm, % #'AlgorithmIdentifier'{} 
-          signature           % bitstring()
-	  }).
-
-#'TBSCertList'{
-      version,             % v2 (if defined)
-      signature,           % #AlgorithmIdentifier{}
-      issuer,              % {rdnSequence, [#AttributeTypeAndValue'{}]} 
-      thisUpdate,          % time()
-      nextUpdate,          % time() 
-      revokedCertificates, % [#'TBSCertList_revokedCertificates_SEQOF'{}]
-      crlExtensions        % [#'Extension'{}]
-      }).
-
-#'TBSCertList_revokedCertificates_SEQOF'{
-         userCertificate,      % integer()
- 	 revocationDate,       % timer()
-	 crlEntryExtensions    % [#'Extension'{}]
-	 }).</code>
- 
- <section>
-   <marker id="CRLCertExt"></marker>
-   <title>CRL Extensions</title>
-
-   <p>The CRL extensions OID name atoms and their corresponding value types are as follows:</p>
-   
-   
-        <table>
-        <row>
-          <cell align="left" valign="middle"><em>OID Name</em></cell>
-          <cell align="left" valign="middle"><em>Value Type</em></cell>
-        </row>
-        <row>
-          <cell align="left" valign="middle">id-ce-authorityKeyIdentifier</cell>
-          <cell align="left" valign="middle">#'AuthorityKeyIdentifier{}</cell>
-        </row>
-        <row>
-          <cell align="left" valign="middle">id-ce-issuerAltName</cell>
-          <cell align="left" valign="middle">{rdnSequence, [#AttributeTypeAndValue'{}]}</cell>
-           </row>
-	    <row>
-          <cell align="left" valign="middle">id-ce-cRLNumber</cell>
-          <cell align="left" valign="middle">integer()</cell>
-           </row>
-	    <row>
-          <cell align="left" valign="middle">id-ce-deltaCRLIndicator</cell>
-          <cell align="left" valign="middle">integer()</cell>
-           </row>
-	    <row>
-          <cell align="left" valign="middle">id-ce-issuingDistributionPoint</cell>
-          <cell align="left" valign="middle">#'IssuingDistributionPoint'{}</cell>
-           </row>
-	   <row>
-          <cell align="left" valign="middle">id-ce-freshestCRL</cell>
-          <cell align="left" valign="middle">[#'Distributionpoint'{}]</cell>
-           </row>
-	   
-        <tcaption>CRL Extensions</tcaption>
-      </table>
-      
-      <p>Here, the data type <c>'IssuingDistributionPoint'</c> is represented as 
-      the following Erlang record:</p>
-
-      <code>
-#'IssuingDistributionPoint'{
-          distributionPoint,         % {fullName, [general_name()]} | {nameRelativeToCRLIssuer,
-	  [#AttributeTypeAndValue'{}]}
-	  onlyContainsUserCerts,     % boolean()
-	  onlyContainsCACerts,       % boolean()
-	  onlySomeReasons,           % [dist_reason()]
-	  indirectCRL,               % boolean()
-	  onlyContainsAttributeCerts % boolean()
-	  }).</code> 
- </section>
- 
- <section>
-   <marker id="CRLEntryExt"></marker>
-   <title>CRL Entry Extensions</title>
-
-   <p>The CRL entry extensions OID name atoms and their corresponding value types are as follows:</p>
-
-       <table>
-        <row>
-          <cell align="left" valign="middle"><em>OID Name</em></cell>
-          <cell align="left" valign="middle"><em>Value Type</em></cell>
-        </row>
-        <row>
-          <cell align="left" valign="middle">id-ce-cRLReason</cell>
-          <cell align="left" valign="middle">crl_reason()</cell>
-        </row>
-        <row>
-          <cell align="left" valign="middle">id-ce-holdInstructionCode</cell>
-          <cell align="left" valign="middle">oid()</cell>
-           </row>
-	    <row>
-          <cell align="left" valign="middle">id-ce-invalidityDate</cell>
-          <cell align="left" valign="middle">general_time()</cell>
-           </row>
-	    <row>
-          <cell align="left" valign="middle">id-ce-certificateIssuer</cell>
-          <cell align="left" valign="middle">general_name()</cell>
-           </row>
-	   <tcaption>CRL Entry Extensions</tcaption>
-       </table>
-
-
-       <p>Here:</p>
-       <taglist>
-      <tag><c>crl_reason()</c></tag>
-      <item>= <p><c>unspecified</c></p>
-      <p><c>| keyCompromise</c></p>
-      <p><c>| cACompromise</c></p>
-      <p><c>| affiliationChanged</c></p>
-      <p><c>| superseded</c></p>
-      <p><c>| cessationOfOperation</c></p>
-      <p><c>| certificateHold</c></p>
-      <p><c>| removeFromCRL</c></p>
-      <p><c>| privilegeWithdrawn</c></p>
-      <p><c>| aACompromise</c></p>
-      </item>
-       </taglist>
-
- </section>
-
- <section>
-   <marker id="PKCS10"></marker>
-   <title>PKCS#10 Certification Request</title>
-   <p>Erlang representation of a PKCS#10 certification request 
-   derived from ASN.1 specifications and RFC 5280 are as follows:</p>
-   <code>
-#'CertificationRequest'{
-          certificationRequestInfo #'CertificationRequestInfo'{},
-	  signatureAlgorithm	   #'CertificationRequest_signatureAlgorithm'{}}.
-	  signature                bitstring()
-	  }
-
-#'CertificationRequestInfo'{
-	  version       atom(),
-	  subject       {rdnSequence, [#AttributeTypeAndValue'{}]} ,
-	  subjectPKInfo #'CertificationRequestInfo_subjectPKInfo'{},
-	  attributes    [#'AttributePKCS-10' {}]
-	  }
-
-#'CertificationRequestInfo_subjectPKInfo'{
-          algorithm		#'CertificationRequestInfo_subjectPKInfo_algorithm'{}
-	  subjectPublicKey 	  bitstring()
-	  }
-
-#'CertificationRequestInfo_subjectPKInfo_algorithm'{
-     algorithm = oid(),
-     parameters = der_encoded()
-}	  
-
-#'CertificationRequest_signatureAlgorithm'{
-     algorithm = oid(),
-     parameters = der_encoded()
-     }
-
-#'AttributePKCS-10'{
-    type = oid(),
-    values = [der_encoded()]
-}  </code> 
- </section>
-</section>
-</chapter>
diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml
index cdf6870c25..46dc93e343 100644
--- a/lib/ssl/doc/src/ssl.xml
+++ b/lib/ssl/doc/src/ssl.xml
@@ -268,7 +268,7 @@ atom()}} |
 	application. It differentiates between the peer
 	certificate and the CA certificates by using <c>valid_peer</c> or
 	<c>valid</c> as second argument to the verification fun. See the
-	<seealso marker="public_key:cert_records">public_key User's
+	<seealso marker="public_key:public_key_records">public_key User's
 	Guide</seealso> for definition of <c>#'OTPCertificate'{}</c> and
 	<c>#'Extension'{}</c>.</p>
 
@@ -364,10 +364,10 @@ marker="public_key:public_key#pkix_path_validation-3">public_key:pkix_path_valid
 	empty argument list. The following arguments may be specified for the internal cache.</p>
 	<taglist>
 	  <tag><c>{http, timeout()}</c></tag>
-	  <item>
+	  <item><p>
 	    Enables fetching of CRLs specified as http URIs in<seealso 
-	    marker="public_key:cert_records"> X509 cerificate extensions.</seealso>
-	    Requires the OTP inets application.
+	    marker="public_key:public_key_records"> X509 cerificate extensions.</seealso>
+	    Requires the OTP inets application.</p>
 	  </item>	    
 	</taglist>    
       </item>
diff --git a/lib/ssl/doc/src/ssl_crl_cache_api.xml b/lib/ssl/doc/src/ssl_crl_cache_api.xml
index 1d9353a2cc..90aa895aff 100644
--- a/lib/ssl/doc/src/ssl_crl_cache_api.xml
+++ b/lib/ssl/doc/src/ssl_crl_cache_api.xml
@@ -50,8 +50,8 @@
     <tag><c>cache_ref()</c></tag> 
     <item> = opaque()</item>
     <tag><c>dist_point()</c></tag>
-    <item> = #'DistributionPoint'{} see <seealso
-    marker="public_key:cert_records"> X509 certificates records</seealso></item>
+    <item><p> = #'DistributionPoint'{} see <seealso
+    marker="public_key:public_key_records"> X509 certificates records</seealso></p></item>
     
     </taglist>
     
-- 
cgit v1.2.3


From f630482b4e54b53b78434c6bfc11591ddfdcfbe7 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Mon, 11 May 2015 16:27:20 +0200
Subject: public_key: Align "=" sign in type declarations to decided policy

---
 lib/public_key/doc/src/public_key.xml         | 157 +++++++++++++-------------
 lib/public_key/doc/src/public_key_records.xml |  32 +++---
 2 files changed, 97 insertions(+), 92 deletions(-)

diff --git a/lib/public_key/doc/src/public_key.xml b/lib/public_key/doc/src/public_key.xml
index 6d220c9b69..883c52393f 100644
--- a/lib/public_key/doc/src/public_key.xml
+++ b/lib/public_key/doc/src/public_key.xml
@@ -87,104 +87,109 @@
       <tag><c>oid()</c></tag>
       <item><p>Object identifier, a tuple of integers as generated by the <c>ASN.1</c> compiler.</p></item>
 
-      <tag><c>boolean()</c></tag>
-      <item><p>= <c>true | false</c></p></item>
-
-      <tag><c>string()</c></tag>
-      <item><p>= <c>[bytes()]</c></p></item>
-
-      <tag><c>der_encoded()</c></tag>
-      <item><p>= <c>binary()</c></p></item>
-
-      <tag><c>pki_asn1_type()</c></tag>
-      <item>= <p><c>'Certificate'</c></p>
-      <p><c>| 'RSAPrivateKey'</c></p>
-      <p><c>| 'RSAPublicKey'</c></p>
-      <p><c>| 'DSAPrivateKey'</c></p>
-      <p><c>| 'DSAPublicKey'</c></p>
-      <p><c>| 'DHParameter'</c></p>
-      <p><c>| 'SubjectPublicKeyInfo'</c></p>
-      <p><c>| 'PrivateKeyInfo'</c></p>
-      <p><c>| 'CertificationRequest'</c></p>
-      <p><c>| 'ECPrivateKey'</c></p>
-      <p><c>| 'EcpkParameters'</c></p></item>
-
-      <tag><c>pem_entry ()</c></tag>
-      <item><p>= <c>{pki_asn1_type(), binary(), %% DER or encrypted DER not_encrypted</c></p>
-      <p><c>| cipher_info()}</c></p></item>
+      <tag><c>boolean() =</c></tag>
+      <item><p><c>true | false</c></p></item>
+      
+      <tag><c>string() =</c></tag>
+      <item><p><c>[bytes()]</c></p></item>
+
+      <tag><c>der_encoded() =</c></tag>
+      <item><p><c>binary()</c></p></item>
+
+      <tag><c>pki_asn1_type() =</c></tag>
+      <item>
+	<p><c>'Certificate'</c></p>
+	<p><c>| 'RSAPrivateKey'</c></p>
+	<p><c>| 'RSAPublicKey'</c></p>
+	<p><c>| 'DSAPrivateKey'</c></p>
+	<p><c>| 'DSAPublicKey'</c></p>
+	<p><c>| 'DHParameter'</c></p>
+	<p><c>| 'SubjectPublicKeyInfo'</c></p>
+	<p><c>| 'PrivateKeyInfo'</c></p>
+	<p><c>| 'CertificationRequest'</c></p>
+	<p><c>| 'ECPrivateKey'</c></p>
+      <p><c>| 'EcpkParameters'</c></p>
+      </item>
 
-      <tag><c>cipher_info()</c></tag>
-      <item><p>= <c>{"RC2-CBC" | "DES-CBC" | "DES-EDE3-CBC", crypto:rand_bytes(8)</c></p>
+      <tag><c>pem_entry () =</c></tag>
+      <item><p><c>{pki_asn1_type(), binary(), %% DER or encrypted DER not_encrypted</c></p>
+      <p><c>| cipher_info()}</c></p></item>
+      
+      <tag><c>cipher_info() = </c></tag>
+      <item><p><c>{"RC2-CBC" | "DES-CBC" | "DES-EDE3-CBC", crypto:rand_bytes(8)</c></p>
       <p><c>| {#'PBEParameter{}, digest_type()} | #'PBES2-params'{}}</c></p>
       </item>
       
-      <tag><c>public_key()</c></tag>
-      <item><p>= <c>rsa_public_key() | dsa_public_key() | ec_public_key()</c></p></item>
-
-      <tag><c>private_key()</c></tag>
-      <item><p>= <c>rsa_private_key() | dsa_private_key() | ec_private_key()</c></p></item>
+      <tag><c>public_key() =</c></tag>
+      <item><p><c>rsa_public_key() | dsa_public_key() | ec_public_key()</c></p></item>
+      
+      <tag><c>private_key() =</c></tag>
+      <item><p><c>rsa_private_key() | dsa_private_key() | ec_private_key()</c></p></item>
 
-      <tag><c>rsa_public_key()</c></tag>
-      <item><p>= <c>#'RSAPublicKey'{}</c></p></item>
+      <tag><c>rsa_public_key() =</c></tag>
+      <item><p><c>#'RSAPublicKey'{}</c></p></item>
 
-      <tag><c>rsa_private_key()</c></tag>
-      <item><p>= <c>#'RSAPrivateKey'{}</c></p></item>
+      <tag><c>rsa_private_key() =</c></tag>
+      <item><p><c>#'RSAPrivateKey'{}</c></p></item>
 
-      <tag><c>dsa_public_key()</c></tag>
-      <item><p>= <c>{integer(),  #'Dss-Parms'{}}</c></p></item>
+      <tag><c>dsa_public_key() =</c></tag>
+      <item><p><c>{integer(),  #'Dss-Parms'{}}</c></p></item>
 
-      <tag><c>dsa_private_key()</c></tag>
-      <item><p>= <c>#'DSAPrivateKey'{}</c></p></item>
+      <tag><c>dsa_private_key() =</c></tag>
+      <item><p><c>#'DSAPrivateKey'{}</c></p></item>
 
       <tag><c>ec_public_key()</c></tag>
       <item><p>= <c>{#'ECPoint'{}, #'EcpkParameters'{} | {namedCurve, oid()}}</c></p></item>
 
-      <tag><c>ec_private_key()</c></tag>
-      <item><p>= <c>#'ECPrivateKey'{}</c></p></item>
+      <tag><c>ec_private_key() =</c></tag>
+      <item><p><c>#'ECPrivateKey'{}</c></p></item>
 
-      <tag><c>public_crypt_options()</c></tag>
-      <item><p>= <c>[{rsa_pad, rsa_padding()}]</c></p></item>
+      <tag><c>public_crypt_options() =</c></tag>
+      <item><p><c>[{rsa_pad, rsa_padding()}]</c></p></item>
 
-      <tag><c>rsa_padding()</c></tag>
-      <item><p>= <c>'rsa_pkcs1_padding'</c></p>
-      <p><c>| 'rsa_pkcs1_oaep_padding'</c></p>
-      <p><c>| 'rsa_no_padding'</c></p>
+      <tag><c>rsa_padding() =</c></tag>
+      <item>
+	<p><c>'rsa_pkcs1_padding'</c></p>
+	<p><c>| 'rsa_pkcs1_oaep_padding'</c></p>
+	<p><c>| 'rsa_no_padding'</c></p>
       </item>
 
-      <tag><c>digest_type()</c></tag>
+      <tag><c>digest_type() = </c></tag>
       <item><p>Union of <c>rsa_digest_type()</c>, <c>dss_digest_type()</c>, 
       and <c>ecdsa_digest_type()</c>.</p></item>
 
-      <tag><c>rsa_digest_type()</c></tag>
-      <item><p>= <c>'md5' | 'sha' | 'sha224' | 'sha256' | 'sha384' | 'sha512'</c></p></item>
-
-      <tag><c>dss_digest_type()</c></tag>
-      <item><p>= <c>'sha'</c></p></item>
-
-      <tag><c>ecdsa_digest_type()</c></tag>
-      <item><p>= <c>'sha'| 'sha224' | 'sha256' | 'sha384' | 'sha512'</c></p></item>
-
-      <tag><c>crl_reason()</c></tag>
-      <item><p>= <c>unspecified</c></p>
-      <p><c>| keyCompromise</c></p>
-      <p><c>| cACompromise</c></p>
-      <p><c>| affiliationChanged</c></p>
-      <p><c>| superseded</c></p>
-      <p><c>| cessationOfOperation</c></p>
-      <p><c>| certificateHold</c></p>
-      <p><c>| privilegeWithdrawn</c></p>
-      <p><c>| aACompromise</c></p>
-      </item>
+      <tag><c>rsa_digest_type() = </c></tag>
+      <item><p><c>'md5' | 'sha' | 'sha224' | 'sha256' | 'sha384' | 'sha512'</c></p></item>
+
+      <tag><c>dss_digest_type() = </c></tag>
+      <item><p><c>'sha'</c></p></item>
 
-      <tag><c>issuer_name()</c></tag>
-      <item><p>= <c>{rdnSequence,[#'AttributeTypeAndValue'{}]}</c></p>  
+      <tag><c>ecdsa_digest_type() = </c></tag>
+      <item><p><c>'sha'| 'sha224' | 'sha256' | 'sha384' | 'sha512'</c></p></item>
+      
+      <tag><c>crl_reason() = </c></tag>
+      <item>
+	<p><c>unspecified</c></p>
+	<p><c>| keyCompromise</c></p>
+	<p><c>| cACompromise</c></p>
+	<p><c>| affiliationChanged</c></p>
+	<p><c>| superseded</c></p>
+	<p><c>| cessationOfOperation</c></p>
+	<p><c>| certificateHold</c></p>
+	<p><c>| privilegeWithdrawn</c></p>
+	<p><c>| aACompromise</c></p>
       </item>
 
-      <tag><c>ssh_file()</c></tag>
-      <item><p>= <c>openssh_public_key</c></p>
-      <p><c>| rfc4716_public_key</c></p>
-      <p><c>| known_hosts</c></p>
-      <p><c>| auth_keys</c></p>
+      <tag><c>issuer_name() =</c></tag>
+      <item><p><c>{rdnSequence,[#'AttributeTypeAndValue'{}]}</c></p>  
+      </item>
+      
+      <tag><c>ssh_file() =</c></tag>
+      <item>
+	<p><c>openssh_public_key</c></p>
+	<p><c>| rfc4716_public_key</c></p>
+	<p><c>| known_hosts</c></p>
+	<p><c>| auth_keys</c></p>
       </item>
     </taglist>
     
diff --git a/lib/public_key/doc/src/public_key_records.xml b/lib/public_key/doc/src/public_key_records.xml
index 9536167839..fc2a74a353 100644
--- a/lib/public_key/doc/src/public_key_records.xml
+++ b/lib/public_key/doc/src/public_key_records.xml
@@ -55,17 +55,17 @@
     follows here:</p>
     
     <taglist>
-      <tag><c>time()</c></tag>
-      <item><p>= <c>uct_time() | general_time()</c></p></item>
+      <tag><c>time() =</c></tag>
+      <item><p><c>uct_time() | general_time()</c></p></item>
 
-      <tag><c>uct_time()</c></tag>
-      <item><p>= <c>{utcTime, "YYMMDDHHMMSSZ"}</c></p></item>
+      <tag><c>uct_time() =</c></tag>
+      <item><p><c>{utcTime, "YYMMDDHHMMSSZ"}</c></p></item>
 
-      <tag><c>general_time()</c></tag>
-      <item><p>= <c>{generalTime, "YYYYMMDDHHMMSSZ"}</c></p></item>
+      <tag><c>general_time() =</c></tag>
+      <item><p><c>{generalTime, "YYYYMMDDHHMMSSZ"}</c></p></item>
  
-      <tag><c>general_name()</c></tag>
-      <item>= <p><c>{rfc822Name, string()}</c></p>
+      <tag><c>general_name() =</c></tag>
+      <item><p><c>{rfc822Name, string()}</c></p>
       <p><c>| {dNSName, string()}</c></p>
       <p><c>| {x400Address, string()}</c></p>
       <p><c>| {directoryName, {rdnSequence, [#AttributeTypeAndValue'{}]}}</c></p>
@@ -77,16 +77,16 @@
       <p><c>| {otherName, term()}</c></p>
       </item>
 
-      <tag><c>special_string()</c></tag>
-      <item>= <p><c>{teletexString, string()}</c></p>
+      <tag><c>special_string() =</c></tag>
+      <item><p><c>{teletexString, string()}</c></p>
       <p><c>| {printableString, string()}</c></p>
       <p><c>| {universalString, string()}</c></p>
       <p><c>| {utf8String, binary()}</c></p>
       <p><c>| {bmpString, string()}</c></p>
       </item>
 
-      <tag><c>dist_reason()</c></tag>
-      <item>= <p><c>unused</c></p>
+      <tag><c>dist_reason() =</c></tag>
+      <item><p><c>unused</c></p>
       <p><c>| keyCompromise</c></p>
       <p><c>| cACompromise</c></p>
       <p><c>| affiliationChanged</c></p>
@@ -97,12 +97,12 @@
       <p><c>| aACompromise</c></p>
       </item>
 
-      <tag><c>OID_macro()</c></tag>
-      <item>= <p><c>?OID_name() </c></p>
+      <tag><c>OID_macro() =</c></tag>
+      <item><p><c>?OID_name()</c></p>
       </item>
       
-      <tag><c>OID_name()</c></tag>
-      <item>= <p><c>atom()</c></p>
+      <tag><c>OID_name() =</c></tag>
+      <item><p><c>atom()</c></p>
       </item>
       
     </taglist>
-- 
cgit v1.2.3


From be5abeec807ab642881898033a3d23503ec91ce3 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Mon, 11 May 2015 16:54:05 +0200
Subject: ssl: Align "=" sign in type declarations to decided policy

---
 lib/ssl/doc/src/ssl.xml | 124 ++++++++++++++++++++++++------------------------
 1 file changed, 63 insertions(+), 61 deletions(-)

diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml
index 46dc93e343..c4651d051c 100644
--- a/lib/ssl/doc/src/ssl.xml
+++ b/lib/ssl/doc/src/ssl.xml
@@ -67,15 +67,15 @@
 
     <taglist>
 
-      <tag><c>boolean()</c></tag>
-      <item><p><c>= true | false</c></p></item>
+      <tag><c>boolean() =</c></tag>
+      <item><p><c>true | false</c></p></item>
 
-      <tag><c>option()</c></tag>
-      <item><p><c>= socketoption() | ssloption() | transportoption()</c></p>
+      <tag><c>option() =</c></tag>
+      <item><p><c>socketoption() | ssloption() | transportoption()</c></p>
       </item>
 
-      <tag><c>socketoption()</c></tag>
-      <item><p><c>= proplists:property()</c></p>
+      <tag><c>socketoption() =</c></tag>
+      <item><p><c>proplists:property()</c></p>
       <p>The default socket options are
       <c>[{mode,list},{packet, 0},{header, 0},{active, true}]</c>.</p>
       <p>For valid options, see the
@@ -83,32 +83,34 @@
       <seealso marker="kernel:gen_tcp">gen_tcp(3)</seealso> manual pages
       in Kernel.</p></item>
 
-      <tag><marker id="type-ssloption"></marker><c>ssloption()</c></tag>
-      <item><p><c>= {verify, verify_type()}</c></p>
-      <p><c>| {verify_fun, {fun(), term()}}</c></p>
-      <p><c>| {fail_if_no_peer_cert, boolean()} {depth, integer()}</c></p>
-      <p><c>| {cert, public_key:der_encoded()}</c></p>
-      <p><c>| {certfile, path()}</c></p>
-      <p><c>| {key, {'RSAPrivateKey'| 'DSAPrivateKey' | 'ECPrivateKey' 
-      | 'PrivateKeyInfo', public_key:der_encoded()}}</c></p>
-      <p><c>| {keyfile, path()}</c></p>
-      <p><c>| {password, string()}</c></p>
-      <p><c>| {cacerts, [public_key:der_encoded()]}</c></p>
-      <p><c>| {cacertfile, path()}</c></p>
-      <p><c>| {dh, public_key:der_encoded()}</c></p>
-      <p><c>| {dhfile, path()}</c></p>
-      <p><c>| {ciphers, ciphers()}</c></p>
-      <p><c>| {user_lookup_fun, {fun(), term()}}, {psk_identity, string()},
-      {srp_identity, {string(), string()}}</c></p>
-      <p><c>| {reuse_sessions, boolean()}</c></p>
-      <p><c>| {reuse_session, fun()} {next_protocols_advertised, [binary()]}</c></p>
-      <p><c>| {client_preferred_next_protocols, {client | server,
-      [binary()]} | {client | server, [binary()], binary()}}</c></p>
-      <p><c>| {log_alert, boolean()}</c></p>
-      <p><c>| {server_name_indication, hostname() | disable}</c></p></item>
-
-      <tag><c>transportoption()</c></tag>
-      <item><p><c>= {cb_info, {CallbackModule::atom(), DataTag::atom(),
+      <tag><marker id="type-ssloption"></marker><c>ssloption() =</c></tag>
+      <item>
+	<p><c>{verify, verify_type()}</c></p>
+	<p><c>| {verify_fun, {fun(), term()}}</c></p>
+	<p><c>| {fail_if_no_peer_cert, boolean()} {depth, integer()}</c></p>
+	<p><c>| {cert, public_key:der_encoded()}</c></p>
+	<p><c>| {certfile, path()}</c></p>
+	<p><c>| {key, {'RSAPrivateKey'| 'DSAPrivateKey' | 'ECPrivateKey' 
+	| 'PrivateKeyInfo', public_key:der_encoded()}}</c></p>
+	<p><c>| {keyfile, path()}</c></p>
+	<p><c>| {password, string()}</c></p>
+	<p><c>| {cacerts, [public_key:der_encoded()]}</c></p>
+	<p><c>| {cacertfile, path()}</c></p>
+	<p><c>| {dh, public_key:der_encoded()}</c></p>
+	<p><c>| {dhfile, path()}</c></p>
+	<p><c>| {ciphers, ciphers()}</c></p>
+	<p><c>| {user_lookup_fun, {fun(), term()}}, {psk_identity, string()},
+	{srp_identity, {string(), string()}}</c></p>
+	<p><c>| {reuse_sessions, boolean()}</c></p>
+	<p><c>| {reuse_session, fun()} {next_protocols_advertised, [binary()]}</c></p>
+	<p><c>| {client_preferred_next_protocols, {client | server,
+	[binary()]} | {client | server, [binary()], binary()}}</c></p>
+	<p><c>| {log_alert, boolean()}</c></p>
+      <p><c>| {server_name_indication, hostname() | disable}</c></p>
+      </item>
+      
+      <tag><c>transportoption() =</c></tag>
+      <item><p><c>{cb_info, {CallbackModule::atom(), DataTag::atom(),
       ClosedTag::atom(), ErrTag:atom()}}</c></p>
       <p>Defaults to <c>{gen_tcp, tcp, tcp_closed, tcp_error}</c>. Can be used
       to customize the transport layer. The callback module must implement a
@@ -129,57 +131,57 @@
       </taglist>
       </item>
 
-      <tag><c>verify_type()</c></tag>
-      <item><p><c>= verify_none | verify_peer</c></p></item>
+      <tag><c>verify_type() =</c></tag>
+      <item><p><c>verify_none | verify_peer</c></p></item>
 
-      <tag><c>path()</c></tag>
-      <item><p><c>= string()</c></p>
+      <tag><c>path() =</c></tag>
+      <item><p><c>string()</c></p>
       <p>Represents a file path.</p></item>
 
-      <tag><c>public_key:der_encoded()</c></tag>
-      <item><p><c>= binary()</c></p>
+      <tag><c>public_key:der_encoded() =</c></tag>
+      <item><p><c>binary()</c></p>
       <p>ASN.1 DER-encoded entity as an Erlang binary.</p></item>
 
-      <tag><c>host()</c></tag>
-      <item><p><c>= hostname() | ipaddress()</c></p></item>
+      <tag><c>host() =</c></tag>
+      <item><p><c>hostname() | ipaddress()</c></p></item>
 
-      <tag><c>hostname()</c></tag>
-      <item><p><c>= string()</c></p></item>
+      <tag><c>hostname() =</c></tag>
+      <item><p><c>string()</c></p></item>
 
-      <tag><c>ip_address()</c></tag>
-      <item><p><c>= {N1,N2,N3,N4} % IPv4 | {K1,K2,K3,K4,K5,K6,K7,K8} % IPv6
+      <tag><c>ip_address() =</c></tag>
+      <item><p><c>{N1,N2,N3,N4} % IPv4 | {K1,K2,K3,K4,K5,K6,K7,K8} % IPv6
       </c></p></item>
 
-      <tag><c>sslsocket()</c></tag>
-      <item><p>Opaque to the user.</p></item>
+      <tag><c>sslsocket() =</c></tag>
+      <item><p>opaque()</p></item>
 
-      <tag><c>protocol()</c></tag>
-      <item><p><c>= sslv3 | tlsv1 | 'tlsv1.1' | 'tlsv1.2'</c></p></item>
+      <tag><c>protocol() =</c></tag>
+      <item><p><c>sslv3 | tlsv1 | 'tlsv1.1' | 'tlsv1.2'</c></p></item>
 
-      <tag><c>ciphers()</c></tag>
+      <tag><c>ciphers() =</c></tag>
       <item><p><c>= [ciphersuite()] | string()</c></p>
       <p>According to old API.</p></item>
 
-      <tag><c>ciphersuite()</c></tag>
-      <item><p><c>= {key_exchange(), cipher(), hash()}</c></p></item>
+      <tag><c>ciphersuite() =</c></tag>
+      <item><p><c>{key_exchange(), cipher(), hash()}</c></p></item>
 
-      <tag><c>key_exchange()</c></tag>
-      <item><p><c>= rsa | dhe_dss | dhe_rsa | dh_anon | psk | dhe_psk
+      <tag><c>key_exchange()=</c></tag>
+      <item><p><c>rsa | dhe_dss | dhe_rsa | dh_anon | psk | dhe_psk
       | rsa_psk | srp_anon | srp_dss | srp_rsa | ecdh_anon | ecdh_ecdsa
       | ecdhe_ecdsa | ecdh_rsa | ecdhe_rsa</c></p></item>
 
-      <tag><c>cipher()</c></tag>
-      <item><p><c>= rc4_128 | des_cbc | '3des_ede_cbc'
+      <tag><c>cipher() =</c></tag>
+      <item><p><c>rc4_128 | des_cbc | '3des_ede_cbc'
       | aes_128_cbc | aes_256_cbc | aes_128_gcm | aes_256_gcm</c></p></item>
 
-      <tag><c>hash()</c></tag>
-      <item><p><c>= md5 | sha</c></p></item>
+      <tag><c>hash() =</c></tag>
+      <item><p><c>md5 | sha</c></p></item>
 
-      <tag><c>prf_random()</c></tag>
-      <item><p><c>= client_random | server_random</c></p></item>
+      <tag><c>prf_random() =</c></tag>
+      <item><p><c>client_random | server_random</c></p></item>
 
-      <tag><c>srp_param_type()</c></tag>
-      <item><p><c>= srp_1024 | srp_1536 | srp_2048 | srp_3072
+      <tag><c>srp_param_type() =</c></tag>
+      <item><p><c>srp_1024 | srp_1536 | srp_2048 | srp_3072
       | srp_4096 | srp_6144 | srp_8192</c></p></item>
 
     </taglist>
-- 
cgit v1.2.3