Make the OSSL_CMP manual conform with man-pages(7)

[openssl.git] / doc / man3 / OSSL_CMP_validate_msg.pod

diff --git a/doc/man3/OSSL_CMP_validate_msg.pod b/doc/man3/OSSL_CMP_validate_msg.pod
index ed2ff6c2c64367981ed0fd5fde2c89d3ef3e1f49..5ada09a6febb80a1619d8270b791b173955f3c9e 100644 (file)
--- a/doc/man3/OSSL_CMP_validate_msg.pod
+++ b/doc/man3/OSSL_CMP_validate_msg.pod
@@ -19,17 +19,17 @@ This is the API for validating the protection of CMP messages,
 which includes validating CMP message sender certificates and their paths
 while optionally checking the revocation status of the certificates(s).
 
-OSSL_CMP_validate_msg() validates the protection of the given C<msg>
+OSSL_CMP_validate_msg() validates the protection of the given I<msg>
 using either password-based mac (PBM) or a signature algorithm.
 
 In case of signature algorithm, the certificate to use for the signature check
 is preferably the one provided by a call to L<OSSL_CMP_CTX_set1_srvCert(3)>.
 If no such sender cert has been pinned then candidate sender certificates are
-taken from the list of certificates received in the C<msg> extraCerts, then any
+taken from the list of certificates received in the I<msg> extraCerts, then any
 certificates provided before via L<OSSL_CMP_CTX_set1_untrusted(3)>, and
 then all trusted certificates provided via L<OSSL_CMP_CTX_set0_trustedStore(3)>,
 where a candidate is acceptable only if has not expired, its subject DN matches
-the C<msg> sender DN (as far as present), and its subject key identifier
+the I<msg> sender DN (as far as present), and its subject key identifier
 is present and matches the senderKID (as far as the latter present).
 Each acceptable cert is tried in the given order to see if the message
 signature check succeeds and the cert and its path can be verified
@@ -37,7 +37,7 @@ using any trust store set via L<OSSL_CMP_CTX_set0_trustedStore(3)>.
 
 If the option OSSL_CMP_OPT_PERMIT_TA_IN_EXTRACERTS_FOR_IR was set by calling
 L<OSSL_CMP_CTX_set_option(3)>, for an Initialization Response (IP) message
-any self-issued certificate from the C<msg> extraCerts field may also be used
+any self-issued certificate from the I<msg> extraCerts field may also be used
 as trust anchor for the path verification of an acceptable cert if it can be
 used also to validate the issued certificate returned in the IP message. This is
 according to TS 33.310 [Network Domain Security (NDS); Authentication Framework
@@ -48,7 +48,7 @@ validating the signatures of subsequent messages in the same transaction.
 
 OSSL_CMP_validate_cert_path() attempts to validate the given certificate and its
 path using the given store of trusted certs (possibly including CRLs and a cert
-verification callback) and non-trusted intermediate certs from the B<ctx>.
+verification callback) and non-trusted intermediate certs from the I<ctx>.
 
 =head1 NOTES