Move subsection
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md
index 1b24c41..2e08640 100644
--- a/docs/3.0-migration-guide.md
+++ b/docs/3.0-migration-guide.md
@@ -260,17 +260,6 @@
Please also refer to the section [Low-level crypto](#low-level-crypto) for
changes that could sit in either category.
-### Remove 3DES ciphersuites
-
-This change does not affect users using default settings for 3DES in `mbedtls_config.h`
-because the 3DES ciphersuites were disabled by that.
-
-3DES has weaknesses/limitations and there are better alternatives, and more and
-more standard bodies are recommending against its use in TLS.
-
-The migration path here is to chose from the alternatives recommended in the
-literature, such as AES.
-
### Deprecated error codes for hardware failures were removed
- The macros `MBEDTLS_ERR_xxx_FEATURE_UNSUPPORTED` from various crypto modules
@@ -1009,3 +998,14 @@
```
If you still need to allow hashes and curves in TLS that have been removed from the default configuration, call `mbedtls_ssl_conf_sig_hashes()` and `mbedtls_ssl_conf_curves()` with the desired lists.
+
+### Remove 3DES ciphersuites
+
+This change does not affect users using default settings for 3DES in `mbedtls_config.h`
+because the 3DES ciphersuites were disabled by that.
+
+3DES has weaknesses/limitations and there are better alternatives, and more and
+more standard bodies are recommending against its use in TLS.
+
+The migration path here is to chose from the alternatives recommended in the
+literature, such as AES.
