Clarify a point in the documentation
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 318ca46..c1fca19 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1517,7 +1517,15 @@
* use. The server can override our preference order.
*
* Both sides: limits the set of curves used by peer to the
- * listed curves for any use (ECDH(E), certificates).
+ * listed curves for any use ECDHE and the end-entity
+ * certificate.
+ *
+ * \note This has no influence on which curve are allowed inside the
+ * certificate chains, see \c mbedtls_ssl_conf_cert_profile()
+ * for that. For example, if the peer's certificate chain is
+ * EE -> CA_int -> CA_root, then the allowed curves for EE are
+ * controlled by \c mbedtls_ssl_conf_curves() but for CA_int
+ * and CA_root it's \c mbedtls_ssl_conf_cert_profile().
*
* \param conf SSL configuration
* \param curves Ordered list of allowed curves,
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index ea0c2cd..9f4160f 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -301,6 +301,10 @@
* \note Same as \c mbedtls_x509_crt_verify(), but with explicit
* security profile.
*
+ * \note The restrictions on keys (RSA minimum size, allowed curves
+ * for ECDSA) only applys to (intermediate) CAs, not to the
+ * end-entity certificate.
+ *
* \param crt a certificate to be verified
* \param trust_ca the trusted CA chain
* \param ca_crl the CRL chain for trusted CA's