From 9c985a3d7a84bdfad17e11a12f671605bb31b3be Mon Sep 17 00:00:00 2001
From: Eli Zaretskii <eliz@gnu.org>
Date: Sun, 8 Jul 2018 17:46:32 +0300
Subject: Minor improvements in recent NSM documentation changes

* doc/emacs/misc.texi (Network Security): Improve wording and
markup of last change.

* src/gnutls.c (Fgnutls_peer_status): Doc fix.

* etc/NEWS: Improve wording of last change.
---
 etc/NEWS | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

(limited to 'etc')

diff --git a/etc/NEWS b/etc/NEWS
index 8883066237b..dae028be7b0 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -136,12 +136,15 @@ of what checks to run via the `network-security-protocol-checks'
 variable.
 
 +++
-** Most of the checks for outdated, believed-to-be-weak TLS algorithms
-and ciphers are now switched on by default.  To get the old behaviour
-back (where certificates are checked for validity, but no warnings
-about weak cryptography are issued), you can either set
-`network-security-protocol-checks' to nil, or adjust the elements in
-that variable to only happen on the `high' security level.
+** TLS connections have their security tightened by default.
+Most of the checks for outdated, believed-to-be-weak TLS algorithms
+and ciphers are now switched on by default.  By default, the NSM will
+flag connections using these weak algorithms and ask users whether to
+allow them.  To get the old behavior back (where certificates are
+checked for validity, but no warnings about weak cryptography are
+issued), you can either set 'network-security-protocol-checks' to nil,
+or adjust the elements in that variable to only happen on the 'high'
+security level (assuming you use the 'medium' level).
 
 +++
 ** New function 'fill-polish-nobreak-p', to be used in 'fill-nobreak-predicate'.
-- 
cgit v1.2.1