doc update

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2012-11-08 23:08:46 +0100
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2012-11-08 23:08:46 +0100
commit: d3af4aada3a0f170535a2f90e2ec3121b34b9a85 (patch)
tree: fcd7acd34d00b86528b4429c2c28cee1c3bd968b /doc/cha-cert-auth.texi
parent: 3a7a9116a5ac1dd8fdb45ab90b6f86e6fcd10bb8 (diff)
download: gnutls-d3af4aada3a0f170535a2f90e2ec3121b34b9a85.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/doc/cha-cert-auth.texi b/doc/cha-cert-auth.texi
index 168b10639a..6b9c85d528 100644
--- a/doc/cha-cert-auth.texi
+++ b/doc/cha-cert-auth.texi
@@ -498,7 +498,9 @@ provide an alternative public key infrastructure to the commercial CAs that
 are typically used to sign TLS certificates. The DANE protocol takes advantage
 of the DNSSEC infrastructure to verify TLS certificates. This can be 
 in addition to the verification by CA infrastructure or 
-could even replace it where DNSSEC is deployed.
+may even replace it where DNSSEC is fully deployed. Note however, that DNSSEC deployment is
+fairly new and it would be better to use it as an additional verification
+method rather than the only one.
 
 The DANE functionality is provided by the @code{libgnutls-dane} library that is shipped
 with GnuTLS and the function prototypes are in @code{gnutls/dane.h}.
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2012-11-08 23:08:46 +0100
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2012-11-08 23:08:46 +0100
commit	d3af4aada3a0f170535a2f90e2ec3121b34b9a85 (patch)
tree	fcd7acd34d00b86528b4429c2c28cee1c3bd968b /doc/cha-cert-auth.texi
parent	3a7a9116a5ac1dd8fdb45ab90b6f86e6fcd10bb8 (diff)
download	gnutls-d3af4aada3a0f170535a2f90e2ec3121b34b9a85.tar.gz