Address review comments regarding ssl_client2 and ssl tests
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index d4c73fc..e13c7cb 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -470,7 +470,7 @@
      * set of trusted certificates (such as a hashtable) and only
      * return those trusted certificates which satisfy basic
      * parental checks, such as the matching of child `Issuer`
-     * and parent `Subject` field. */
+     * and parent `Subject` field or matching key identifiers. */
     ((void) child);
 
     first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 6f967da..e9322ec 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -947,10 +947,6 @@
             "$P_CLI ca_callback=1 debug_level=3 " \
             0 \
             -c "use CA callback for X.509 CRT verification"\
-            -s "Protocol is TLSv1.2" \
-            -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \
-            -s "client hello v3, signature_algorithm ext: 6" \
-            -s "ECDHE curve: secp521r1" \
             -S "error" \
             -C "error"
 
@@ -2602,7 +2598,8 @@
             0 \
             -c "Handshake was completed" \
 
-# Tests for auth_mode
+# Tests for auth_mode, there are duplicated tests using ca callback for authentication
+# When updating these tests, modify the matching authentication tests accordingly
 
 run_test    "Authentication: server badcert, client required" \
             "$P_SRV crt_file=data_files/server5-badsign.crt \
@@ -2981,7 +2978,8 @@
             -c "! mbedtls_ssl_handshake returned" \
             -s "X509 - Certificate verification failed"
 
-# Tests for auth_mode, using CA callback
+# Tests for auth_mode, using CA callback, these are duplicated from the authentication tests
+# When updating these tests, modify the matching authentication tests accordingly
 
 requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
 run_test    "Authentication, CA callback: server badcert, client required" \