Minor updates to migration guide
Signed-off-by: Dave Rodgman <email@example.com>
diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md
index 513aba8..737b4ee 100644
@@ -11,8 +11,8 @@
The changes are detailed below, and include:
-- Removal of many insecure / obsolete features
-- Tidying up of configuration options (including removing some less useful options)
+- Removal of many insecure or obsolete features
+- Tidying up of configuration options (including removing some less useful options).
- Changing function signatures (e.g., adding return codes or extra parameters); introducing const to arguments.
- Removal of functions marked as deprecated in 2.x
@@ -258,7 +258,7 @@
and still relied on `compat-1.3.h` in their code.
Please use the new names directly in your code; `scripts/rename.pl` (from any
-of the 2.x releases - no longer included in 3.0) might help you do that.
+of the 2.x releases — no longer included in 3.0) might help you do that.
Remove 3DES ciphersuites
@@ -289,7 +289,7 @@
Previously, the documentation didn't state explicitly if it was OK to call
`mbedtls_cipher_check_tag()` or `mbedtls_cipher_write_tag()` directly after
-the last call to `mbedtls_cipher_update()` - that is, without calling
+the last call to `mbedtls_cipher_update()` — that is, without calling
`mbedtls_cipher_finish()` in-between. If you code was missing that call,
please add it and be prepared to get as much as 15 bytes of output.
@@ -378,8 +378,8 @@
shutting down the TLS connection.
For users which do not rely on raw keys and IV, adjusting to the new
-callback type should be straightforward - see the example programs
-programs/ssl/ssl_client2 and programs/ssl/ssl_server2 for callbacks
+callback type should be straightforward — see the example programs
+`programs/ssl/ssl_client2` and `programs/ssl/ssl_server2` for callbacks
for NSSKeylog, EAP-TLS and DTLS-SRTP.
Users which require access to the raw keys used to secure application
@@ -418,7 +418,7 @@
You now need to pass a properly seeded, cryptographically secure RNG when
-calling these functions. It is used for blinding, a counter-measure against
+calling these functions. It is used for blinding, a countermeasure against
The configuration option `MBEDTLS_ECP_NO_INTERNAL_RNG` was removed
@@ -427,8 +427,8 @@
This doesn't affect users of the default configuration; it only affects people
who were explicitly setting this option.
-This was a trade-off between code size and counter-measures; it is no longer
-relevant as the counter-measure is now always on at no cost in code size.
+This was a trade-off between code size and countermeasures; it is no longer
+relevant as the countermeasure is now always on at no cost in code size.
Remove MaximumFragmentLength (MFL) query API
@@ -944,7 +944,7 @@
should never be returned from Mbed TLS, and there is no need to check for it.
Users should simply remove manual checks for those codes, and let the Mbed TLS
- team know if -- contrary to the team's understanding -- there is in fact a situation
+ team know if — contrary to the team's understanding — there is in fact a situation
where one of them was ever returned.
- `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` has been removed, and