diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2016-02-26 16:10:36 -0600 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2016-02-26 16:10:36 -0600 |
| commit | 648c0fb14b762bd79243644ad5fcde586b94e098 (patch) | |
| tree | 4d432e84dca7683d39420a7b1d553ceae769d2ab /docs/x509 | |
| parent | 20f0df583c8990c9c44c2941632c2a9b2780edf8 (diff) | |
| download | cryptography-648c0fb14b762bd79243644ad5fcde586b94e098.tar.gz cryptography-648c0fb14b762bd79243644ad5fcde586b94e098.tar.bz2 cryptography-648c0fb14b762bd79243644ad5fcde586b94e098.zip | |
try to improve the language
Diffstat (limited to 'docs/x509')
| -rw-r--r-- | docs/x509/reference.rst | 18 |
1 files changed, 8 insertions, 10 deletions
diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst index 12fee807..529578ba 100644 --- a/docs/x509/reference.rst +++ b/docs/x509/reference.rst @@ -1864,10 +1864,8 @@ X.509 Extensions .. versionadded:: 1.3 - The policy constraints extension can be used in certificates issued - to CAs. The policy constraints extension constrains path validation - in two ways. It can be used to prohibit policy mapping or require - that each certificate in a path contain an acceptable policy + The policy constraints extension is used to inhibit policy mapping or + require that each certificate in a chain contain an acceptable policy identifier. For more information about the use of this extension see :rfc:`5280`. @@ -1881,10 +1879,10 @@ X.509 Extensions :type: int or None - If this field is present, the value indicates the number of additional - certificates that may appear in the path before an explicit policy is + If this field is not None, the value indicates the number of additional + certificates that may appear in the chain before an explicit policy is required for the entire path. When an explicit policy is required, it - is necessary for all certificates in the path to contain an acceptable + is necessary for all certificates in the chain to contain an acceptable policy identifier in the certificate policies extension. An acceptable policy identifier is the identifier of a policy required by the user of the certification path or the identifier of a policy @@ -1894,11 +1892,11 @@ X.509 Extensions :type: int or None - If this field is present, the value indicates the number of additional - certificates that may appear in the path before policy mapping is no + If this field is not None, the value indicates the number of additional + certificates that may appear in the chain before policy mapping is no longer permitted. For example, a value of one indicates that policy mapping may be processed in certificates issued by the subject of this - certificate, but not in additional certificates in the path. + certificate, but not in additional certificates in the chain. .. class:: CRLNumber(crl_number) |