various cleanup;

author: jmc <> 2016-12-12 22:02:55 +0000
committer: jmc <> 2016-12-12 22:02:55 +0000
commit: d9e7f6c929cacb184976d2c298bcbd059299393f (patch)
tree: 4a20a5f9e884936a67c849ee14b4af49a72a2364
parent: 88d745522b5af8342f83892d9f4baf86ce252a70 (diff)
download: openbsd-d9e7f6c929cacb184976d2c298bcbd059299393f.tar.gz
openbsd-d9e7f6c929cacb184976d2c298bcbd059299393f.tar.bz2
openbsd-d9e7f6c929cacb184976d2c298bcbd059299393f.zip
4 files changed, 26 insertions, 25 deletions
diff --git a/src/lib/libcrypto/man/X509_new.3 b/src/lib/libcrypto/man/X509_new.3
index 2cc4ddd7b6..605d1db7be 100644
--- a/src/lib/libcrypto/man/X509_new.3
+++ b/src/lib/libcrypto/man/X509_new.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: X509_new.3,v 1.5 2016/12/05 19:41:46 jmc Exp $
+.\"     $OpenBSD: X509_new.3,v 1.6 2016/12/12 22:02:55 jmc Exp $
 .\"     OpenSSL 3a59ad98 Dec 11 00:36:06 2015 +0000
 .\"
 .\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 5 2016 $
+.Dd $Mdocdate: December 12 2016 $
 .Dt X509_NEW 3
 .Os
 .Sh NAME
@@ -74,7 +74,7 @@ The X509 ASN.1 allocation routines allocate and free an
 structure, which represents an X509 certificate.
 .Pp
 .Fn X509_new
-allocates and initializes a X509 structure with reference count 1.
+allocates and initializes an X509 structure with reference count 1.
 .Pp
 .Fn X509_free
 decrements the reference count of the
diff --git a/src/lib/libcrypto/man/openssl.cnf.5 b/src/lib/libcrypto/man/openssl.cnf.5
index 2826b779ba..1d8ee2d430 100644
--- a/src/lib/libcrypto/man/openssl.cnf.5
+++ b/src/lib/libcrypto/man/openssl.cnf.5
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: openssl.cnf.5,v 1.1 2016/12/11 18:06:09 schwarze Exp $
+.\"     $OpenBSD: openssl.cnf.5,v 1.2 2016/12/12 22:02:55 jmc Exp $
 .\"     OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
 .\"
 .\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -49,14 +49,14 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 11 2016 $
+.Dd $Mdocdate: December 12 2016 $
 .Dt OPENSSL.CNF 5
 .Os
 .Sh NAME
 .Nm openssl.cnf
 .Nd OpenSSL configuration files
 .Sh DESCRIPTION
-The OpenSSL CONF library can be used to read configuration files, see
+The OpenSSL CONF library can be used to read configuration files; see
 .Xr CONF_modules_load_file 3 .
 It is used for the OpenSSL master configuration file
 .Pa /etc/ssl/openssl.cnf
@@ -163,12 +163,12 @@ to use an alternative configuration file.
 To enable library configuration, the default section needs to contain
 an appropriate line which points to the main configuration section.
 The default name is
-.Ic openssl_conf
+.Ic openssl_conf ,
 which is used by the
 .Xr openssl 1
 utility.
 Other applications may use an alternative name such as
-.Sy myapplicaton_conf .
+.Sy myapplication_conf .
 .Pp
 The configuration section should consist of a set of name value pairs
 which contain specific module configuration information.
@@ -200,7 +200,7 @@ The features of each configuration module are described below.
 This module has the name
 .Ic oid_section .
 The value of this variable points to a section containing name value
-pairs of OIDs: the name is the OID short and long name, the value is the
+pairs of OIDs: the name is the OID short and long name, and the value is the
 numerical form of the OID.
 Although some of the
 .Xr openssl 1
@@ -236,7 +236,7 @@ below) and further sections containing configuration information
 specific to each ENGINE.
 .Pp
 Each ENGINE specific section is used to set default algorithms, load
-dynamic, perform initialization and send ctrls.
+dynamic ENGINEs, perform initialization and send ctrls.
 The actual operation performed depends on the command
 name which is the name of the name value pair.
 The currently supported commands are listed below.
@@ -280,9 +280,9 @@ with the path argument followed by
 .Sy LIST_ADD
 with value 2 and
 .Sy LOAD
-to the dynamic ENGINE. If this is not the required behaviour then
+to the dynamic ENGINE.
-alternative ctrls can be sent directly to the dynamic ENGINE using ctrl
+If this is not the required behaviour then alternative ctrls can be sent
-commands.
+directly to the dynamic ENGINE using ctrl commands.
 .Pp
 The command
 .Ic init
diff --git a/src/lib/libcrypto/man/x509.3 b/src/lib/libcrypto/man/x509.3
index 3d2aadb166..51650ca074 100644
--- a/src/lib/libcrypto/man/x509.3
+++ b/src/lib/libcrypto/man/x509.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: x509.3,v 1.4 2016/12/08 21:48:50 jmc Exp $
+.\"     $OpenBSD: x509.3,v 1.5 2016/12/12 22:02:55 jmc Exp $
 .\"     OpenSSL a9c85cea Nov 11 09:33:55 2016 +0100
 .\"
 .\" This file was written by Richard Levitte <levitte@openssl.org>
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 8 2016 $
+.Dd $Mdocdate: December 12 2016 $
 .Dt X509 3
 .Os
 .Sh NAME
@@ -57,9 +57,9 @@
 .Sh SYNOPSIS
 .In openssl/x509.h
 .Sh DESCRIPTION
-A X.509 certificate is a structured grouping of information about an
+An X.509 certificate is a structured grouping of information about an
 individual, a device, or anything one can imagine.
-A X.509 CRL (certificate revocation list) is a tool to help determine if
+An X.509 CRL (certificate revocation list) is a tool to help determine if
 a certificate is still valid.
 The exact definition of those can be found in the X.509 document from
 ITU-T, or in RFC 3280 from PKIX.
diff --git a/src/lib/libcrypto/man/x509v3.cnf.5 b/src/lib/libcrypto/man/x509v3.cnf.5
index 22e013a87e..1fd4c0cc9f 100644
--- a/src/lib/libcrypto/man/x509v3.cnf.5
+++ b/src/lib/libcrypto/man/x509v3.cnf.5
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: x509v3.cnf.5,v 1.1 2016/12/11 18:06:09 schwarze Exp $
+.\"     $OpenBSD: x509v3.cnf.5,v 1.2 2016/12/12 22:02:55 jmc Exp $
 .\"     OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
 .\"
 .\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -49,7 +49,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 11 2016 $
+.Dd $Mdocdate: December 12 2016 $
 .Dt X509V3.CNF 5
 .Os
 .Sh NAME
@@ -108,7 +108,7 @@ The correct syntax to use is defined by the extension code itself:
 check out the certificate policies extension for an example.
 .Pp
 If an extension type is unsupported, then the arbitrary extension
-syntax must be used, see the
+syntax must be used; see the
 .Sx ARBITRARY EXTENSIONS
 section for more details.
 .Sh STANDARD EXTENSIONS
@@ -267,7 +267,7 @@ These include
 .Pp
 The
 .Ic email
-option include a special
+option can include a special
 .Cm copy
 value.
 This will automatically include any email addresses contained in the
@@ -421,7 +421,7 @@ are not recognized.
 .Pp
 The name
 .Ic onlysomereasons
-is accepted which sets this field.
+is accepted, which sets this field.
 The value is in the same format as the CRL distribution point
 .Ic reasons
 field.
@@ -457,7 +457,7 @@ This is a raw extension.
 All the fields of this extension can be set by using the appropriate
 syntax.
 .Pp
-If you follow the PKIX recommendations and just using one OID, then you
+If you follow the PKIX recommendations and just use one OID, then you
 just include the value of that OID.
 Multiple OIDs can be set separated by commas, for example:
 .Pp
@@ -493,6 +493,7 @@ options.
 and
 .Ic organization
 are text strings,
+and
 .Ic noticeNumbers
 is a comma separated list of numbers.
 The
@@ -553,7 +554,7 @@ The name constraints extension is a multi-valued extension.
 The name should begin with the word
 .Cm permitted
 or
-.Cm excluded
+.Cm excluded ,
 followed by a semicolon.
 The rest of the name and the value follows the syntax of subjectAltName
 except
@@ -590,7 +591,7 @@ Example:
 .Pp
 .Dl tlsfeature = status_request
 .Sh DEPRECATED EXTENSIONS
-The following extensions are non standard, Netscape specific and largely
+The following extensions are non-standard, Netscape specific and largely
 obsolete.
 Their use in new applications is discouraged.
 .Ss Netscape string extensions
author	jmc <>	2016-12-12 22:02:55 +0000
committer	jmc <>	2016-12-12 22:02:55 +0000
commit	d9e7f6c929cacb184976d2c298bcbd059299393f (patch)
tree	4a20a5f9e884936a67c849ee14b4af49a72a2364
parent	88d745522b5af8342f83892d9f4baf86ce252a70 (diff)
download	openbsd-d9e7f6c929cacb184976d2c298bcbd059299393f.tar.gz openbsd-d9e7f6c929cacb184976d2c298bcbd059299393f.tar.bz2 openbsd-d9e7f6c929cacb184976d2c298bcbd059299393f.zip

diff --git a/src/lib/libcrypto/man/X509_new.3 b/src/lib/libcrypto/man/X509_new.3 index 2cc4ddd7b6..605d1db7be 100644 --- a/src/lib/libcrypto/man/X509_new.3 +++ b/src/lib/libcrypto/man/X509_new.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: X509_new.3,v 1.5 2016/12/05 19:41:46 jmc Exp $	1	.\" $OpenBSD: X509_new.3,v 1.6 2016/12/12 22:02:55 jmc Exp $
2	.\" OpenSSL 3a59ad98 Dec 11 00:36:06 2015 +0000	2	.\" OpenSSL 3a59ad98 Dec 11 00:36:06 2015 +0000
3	.\"	3	.\"
4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.	4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -48,7 +48,7 @@
48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50	.\"	50	.\"
51	.Dd $Mdocdate: December 5 2016 $	51	.Dd $Mdocdate: December 12 2016 $
52	.Dt X509_NEW 3	52	.Dt X509_NEW 3
53	.Os	53	.Os
54	.Sh NAME	54	.Sh NAME
@@ -74,7 +74,7 @@ The X509 ASN.1 allocation routines allocate and free an
74	structure, which represents an X509 certificate.	74	structure, which represents an X509 certificate.
75	.Pp	75	.Pp
76	.Fn X509_new	76	.Fn X509_new
77	allocates and initializes a X509 structure with reference count 1.	77	allocates and initializes an X509 structure with reference count 1.
78	.Pp	78	.Pp
79	.Fn X509_free	79	.Fn X509_free
80	decrements the reference count of the	80	decrements the reference count of the


diff --git a/src/lib/libcrypto/man/openssl.cnf.5 b/src/lib/libcrypto/man/openssl.cnf.5 index 2826b779ba..1d8ee2d430 100644 --- a/src/lib/libcrypto/man/openssl.cnf.5 +++ b/src/lib/libcrypto/man/openssl.cnf.5
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: openssl.cnf.5,v 1.1 2016/12/11 18:06:09 schwarze Exp $	1	.\" $OpenBSD: openssl.cnf.5,v 1.2 2016/12/12 22:02:55 jmc Exp $
2	.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400	2	.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
3	.\"	3	.\"
4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.	4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -49,14 +49,14 @@
49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51	.\"	51	.\"
52	.Dd $Mdocdate: December 11 2016 $	52	.Dd $Mdocdate: December 12 2016 $
53	.Dt OPENSSL.CNF 5	53	.Dt OPENSSL.CNF 5
54	.Os	54	.Os
55	.Sh NAME	55	.Sh NAME
56	.Nm openssl.cnf	56	.Nm openssl.cnf
57	.Nd OpenSSL configuration files	57	.Nd OpenSSL configuration files
58	.Sh DESCRIPTION	58	.Sh DESCRIPTION
59	The OpenSSL CONF library can be used to read configuration files, see	59	The OpenSSL CONF library can be used to read configuration files; see
60	.Xr CONF_modules_load_file 3 .	60	.Xr CONF_modules_load_file 3 .
61	It is used for the OpenSSL master configuration file	61	It is used for the OpenSSL master configuration file
62	.Pa /etc/ssl/openssl.cnf	62	.Pa /etc/ssl/openssl.cnf
@@ -163,12 +163,12 @@ to use an alternative configuration file.
163	To enable library configuration, the default section needs to contain	163	To enable library configuration, the default section needs to contain
164	an appropriate line which points to the main configuration section.	164	an appropriate line which points to the main configuration section.
165	The default name is	165	The default name is
166	.Ic openssl_conf	166	.Ic openssl_conf ,
167	which is used by the	167	which is used by the
168	.Xr openssl 1	168	.Xr openssl 1
169	utility.	169	utility.
170	Other applications may use an alternative name such as	170	Other applications may use an alternative name such as
171	.Sy myapplicaton_conf .	171	.Sy myapplication_conf .
172	.Pp	172	.Pp
173	The configuration section should consist of a set of name value pairs	173	The configuration section should consist of a set of name value pairs
174	which contain specific module configuration information.	174	which contain specific module configuration information.
@@ -200,7 +200,7 @@ The features of each configuration module are described below.
200	This module has the name	200	This module has the name
201	.Ic oid_section .	201	.Ic oid_section .
202	The value of this variable points to a section containing name value	202	The value of this variable points to a section containing name value
203	pairs of OIDs: the name is the OID short and long name, the value is the	203	pairs of OIDs: the name is the OID short and long name, and the value is the
204	numerical form of the OID.	204	numerical form of the OID.
205	Although some of the	205	Although some of the
206	.Xr openssl 1	206	.Xr openssl 1
@@ -236,7 +236,7 @@ below) and further sections containing configuration information
236	specific to each ENGINE.	236	specific to each ENGINE.
237	.Pp	237	.Pp
238	Each ENGINE specific section is used to set default algorithms, load	238	Each ENGINE specific section is used to set default algorithms, load
239	dynamic, perform initialization and send ctrls.	239	dynamic ENGINEs, perform initialization and send ctrls.
240	The actual operation performed depends on the command	240	The actual operation performed depends on the command
241	name which is the name of the name value pair.	241	name which is the name of the name value pair.
242	The currently supported commands are listed below.	242	The currently supported commands are listed below.
@@ -280,9 +280,9 @@ with the path argument followed by
280	.Sy LIST_ADD	280	.Sy LIST_ADD
281	with value 2 and	281	with value 2 and
282	.Sy LOAD	282	.Sy LOAD
283	to the dynamic ENGINE. If this is not the required behaviour then	283	to the dynamic ENGINE.
284	alternative ctrls can be sent directly to the dynamic ENGINE using ctrl	284	If this is not the required behaviour then alternative ctrls can be sent
285	commands.	285	directly to the dynamic ENGINE using ctrl commands.
286	.Pp	286	.Pp
287	The command	287	The command
288	.Ic init	288	.Ic init


diff --git a/src/lib/libcrypto/man/x509.3 b/src/lib/libcrypto/man/x509.3 index 3d2aadb166..51650ca074 100644 --- a/src/lib/libcrypto/man/x509.3 +++ b/src/lib/libcrypto/man/x509.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: x509.3,v 1.4 2016/12/08 21:48:50 jmc Exp $	1	.\" $OpenBSD: x509.3,v 1.5 2016/12/12 22:02:55 jmc Exp $
2	.\" OpenSSL a9c85cea Nov 11 09:33:55 2016 +0100	2	.\" OpenSSL a9c85cea Nov 11 09:33:55 2016 +0100
3	.\"	3	.\"
4	.\" This file was written by Richard Levitte <levitte@openssl.org>	4	.\" This file was written by Richard Levitte <levitte@openssl.org>
@@ -48,7 +48,7 @@
48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50	.\"	50	.\"
51	.Dd $Mdocdate: December 8 2016 $	51	.Dd $Mdocdate: December 12 2016 $
52	.Dt X509 3	52	.Dt X509 3
53	.Os	53	.Os
54	.Sh NAME	54	.Sh NAME
@@ -57,9 +57,9 @@
57	.Sh SYNOPSIS	57	.Sh SYNOPSIS
58	.In openssl/x509.h	58	.In openssl/x509.h
59	.Sh DESCRIPTION	59	.Sh DESCRIPTION
60	A X.509 certificate is a structured grouping of information about an	60	An X.509 certificate is a structured grouping of information about an
61	individual, a device, or anything one can imagine.	61	individual, a device, or anything one can imagine.
62	A X.509 CRL (certificate revocation list) is a tool to help determine if	62	An X.509 CRL (certificate revocation list) is a tool to help determine if
63	a certificate is still valid.	63	a certificate is still valid.
64	The exact definition of those can be found in the X.509 document from	64	The exact definition of those can be found in the X.509 document from
65	ITU-T, or in RFC 3280 from PKIX.	65	ITU-T, or in RFC 3280 from PKIX.


diff --git a/src/lib/libcrypto/man/x509v3.cnf.5 b/src/lib/libcrypto/man/x509v3.cnf.5 index 22e013a87e..1fd4c0cc9f 100644 --- a/src/lib/libcrypto/man/x509v3.cnf.5 +++ b/src/lib/libcrypto/man/x509v3.cnf.5
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: x509v3.cnf.5,v 1.1 2016/12/11 18:06:09 schwarze Exp $	1	.\" $OpenBSD: x509v3.cnf.5,v 1.2 2016/12/12 22:02:55 jmc Exp $
2	.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400	2	.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
3	.\"	3	.\"
4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.	4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -49,7 +49,7 @@
49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51	.\"	51	.\"
52	.Dd $Mdocdate: December 11 2016 $	52	.Dd $Mdocdate: December 12 2016 $
53	.Dt X509V3.CNF 5	53	.Dt X509V3.CNF 5
54	.Os	54	.Os
55	.Sh NAME	55	.Sh NAME
@@ -108,7 +108,7 @@ The correct syntax to use is defined by the extension code itself:
108	check out the certificate policies extension for an example.	108	check out the certificate policies extension for an example.
109	.Pp	109	.Pp
110	If an extension type is unsupported, then the arbitrary extension	110	If an extension type is unsupported, then the arbitrary extension
111	syntax must be used, see the	111	syntax must be used; see the
112	.Sx ARBITRARY EXTENSIONS	112	.Sx ARBITRARY EXTENSIONS
113	section for more details.	113	section for more details.
114	.Sh STANDARD EXTENSIONS	114	.Sh STANDARD EXTENSIONS
@@ -267,7 +267,7 @@ These include
267	.Pp	267	.Pp
268	The	268	The
269	.Ic email	269	.Ic email
270	option include a special	270	option can include a special
271	.Cm copy	271	.Cm copy
272	value.	272	value.
273	This will automatically include any email addresses contained in the	273	This will automatically include any email addresses contained in the
@@ -421,7 +421,7 @@ are not recognized.
421	.Pp	421	.Pp
422	The name	422	The name
423	.Ic onlysomereasons	423	.Ic onlysomereasons
424	is accepted which sets this field.	424	is accepted, which sets this field.
425	The value is in the same format as the CRL distribution point	425	The value is in the same format as the CRL distribution point
426	.Ic reasons	426	.Ic reasons
427	field.	427	field.
@@ -457,7 +457,7 @@ This is a raw extension.
457	All the fields of this extension can be set by using the appropriate	457	All the fields of this extension can be set by using the appropriate
458	syntax.	458	syntax.
459	.Pp	459	.Pp
460	If you follow the PKIX recommendations and just using one OID, then you	460	If you follow the PKIX recommendations and just use one OID, then you
461	just include the value of that OID.	461	just include the value of that OID.
462	Multiple OIDs can be set separated by commas, for example:	462	Multiple OIDs can be set separated by commas, for example:
463	.Pp	463	.Pp
@@ -493,6 +493,7 @@ options.
493	and	493	and
494	.Ic organization	494	.Ic organization
495	are text strings,	495	are text strings,
		496	and
496	.Ic noticeNumbers	497	.Ic noticeNumbers
497	is a comma separated list of numbers.	498	is a comma separated list of numbers.
498	The	499	The
@@ -553,7 +554,7 @@ The name constraints extension is a multi-valued extension.
553	The name should begin with the word	554	The name should begin with the word
554	.Cm permitted	555	.Cm permitted
555	or	556	or
556	.Cm excluded	557	.Cm excluded ,
557	followed by a semicolon.	558	followed by a semicolon.
558	The rest of the name and the value follows the syntax of subjectAltName	559	The rest of the name and the value follows the syntax of subjectAltName
559	except	560	except
@@ -590,7 +591,7 @@ Example:
590	.Pp	591	.Pp
591	.Dl tlsfeature = status_request	592	.Dl tlsfeature = status_request
592	.Sh DEPRECATED EXTENSIONS	593	.Sh DEPRECATED EXTENSIONS
593	The following extensions are non standard, Netscape specific and largely	594	The following extensions are non-standard, Netscape specific and largely
594	obsolete.	595	obsolete.
595	Their use in new applications is discouraged.	596	Their use in new applications is discouraged.
596	.Ss Netscape string extensions	597	.Ss Netscape string extensions