From 37688315a566d2bfaeae040ee1cbaae3102efced Mon Sep 17 00:00:00 2001
From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Sat, 22 Apr 2023 00:21:25 +0100
Subject: Docs: clarify TLS cert name verification

---
 doc/doc-docbook/spec.xfpt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'doc/doc-docbook/spec.xfpt')

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index d2d40728b..b8f6f939d 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -26161,7 +26161,8 @@ This option give a list of hosts for which,
 while verifying the server certificate,
 checks will be included on the host name
 (note that this will generally be the result of a DNS MX lookup)
-versus Subject and Subject-Alternate-Name fields.  Wildcard names are permitted
+versus the Subject-Alternate-Name (or, if none, Subject-Name) fields.
+Wildcard names are permitted,
 limited to being the initial component of a 3-or-more component FQDN.
 
 There is no equivalent checking on client certificates.
-- 
cgit v1.2.3