Clarify a point in the documentation

commit: 27716cc1da66fbf98f212428998e7d8488eccb4e [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Jun 17 11:49:39 2015 +0200
committer: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Jun 17 14:27:38 2015 +0200
tree: 1f7f41132c1a1ebfed1ab75769cb787fce9a999d
parent: b541da6ef394d1da303a7408821c100a56a27bc2 [diff] [blame]
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index ea0c2cd..9f4160f 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h

@@ -301,6 +301,10 @@
  * \note           Same as \c mbedtls_x509_crt_verify(), but with explicit
  *                 security profile.
  *
+ * \note           The restrictions on keys (RSA minimum size, allowed curves
+ *                 for ECDSA) only applys to (intermediate) CAs, not to the
+ *                 end-entity certificate.
+ *
  * \param crt      a certificate to be verified
  * \param trust_ca the trusted CA chain
  * \param ca_crl   the CRL chain for trusted CA's
commit	27716cc1da66fbf98f212428998e7d8488eccb4e	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Wed Jun 17 11:49:39 2015 +0200
committer	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Wed Jun 17 14:27:38 2015 +0200
tree	1f7f41132c1a1ebfed1ab75769cb787fce9a999d
parent	b541da6ef394d1da303a7408821c100a56a27bc2 [diff] [blame]