-Once the initial SSL_write_early() call has completed successfully the client
-may interleave calls to L<SSL_write_ex(3)> and L<SSL_write(3)> with calls to
-SSL_read_early() as required. As noted above data sent via L<SSL_write_ex(3)> or
-L<SSL_write(3)> in this way is sent to an unauthenticated client.
-
-Servers must not call L<SSL_read_ex(3)> or L<SSL_read(3)> until SSL_read_early()
-has returned with SSL_READ_EARLY_FINISH. Once it has done so the connection to
-the client still needs to be completed. Complete the connection by calling a
-function such as L<SSL_accept(3)> or L<SSL_do_handshake(3)>. Alternatively you
-can call a standard read function such as L<SSL_read_ex(3)>, which will
-transparently complete the connection and read the requested data. Note that it
-is an error to attempt to complete the connection before SSL_read_early() has
-returned SSL_READ_EARLY_FINISH.
-
-Only servers may call SSL_read_early().
-
-Calls to SSL_read_early() may, in certain circumstances, complete the connection
-immediately without further need to call a function such as L<SSL_accept(3)>.
-Applications can test for this by calling L<SSL_is_init_finished(3)>.
-Alternatively, applications may choose to call L<SSL_accept(3)> anway. Such a
-call will successfully return immediately with no further action taken.
+Once the initial SSL_read_early_data() call has completed successfully (i.e. it
+has returned SSL_READ_EARLY_DATA_SUCCESS or SSL_READ_EARLY_DATA_FINISH) then the
+server may choose to write data immediately to the unauthenticated client using
+SSL_write_early_data(). If SSL_read_early_data() returned
+SSL_READ_EARLY_DATA_FINISH then in some situations (e.g. if the client only
+supports TLSv1.2) the handshake may have already been completed and calls
+to SSL_write_early_data() are not allowed. Call L<SSL_is_init_finished(3)> to
+determine whether the handshake has completed or not. If the handshake is still
+in progress then the server may interleave calls to SSL_write_early_data() with
+calls to SSL_read_early_data() as required.
+
+Servers must not call L<SSL_read_ex(3)>, L<SSL_read(3)>, L<SSL_write_ex(3)> or
+L<SSL_write(3)> until SSL_read_early_data() has returned with
+SSL_READ_EARLY_DATA_FINISH. Once it has done so the connection to the client
+still needs to be completed. Complete the connection by calling a function such
+as L<SSL_accept(3)> or L<SSL_do_handshake(3)>. Alternatively you can call a
+standard read function such as L<SSL_read_ex(3)>, which will transparently
+complete the connection and read the requested data. Note that it is an error to
+attempt to complete the connection before SSL_read_early_data() has returned
+SSL_READ_EARLY_DATA_FINISH.
+
+Only servers may call SSL_read_early_data().
+
+Calls to SSL_read_early_data() may, in certain circumstances, complete the
+connection immediately without further need to call a function such as
+L<SSL_accept(3)>. This can happen if the client is using a protocol version less
+than TLSv1.3. Applications can test for this by calling
+L<SSL_is_init_finished(3)>. Alternatively, applications may choose to call
+L<SSL_accept(3)> anway. Such a call will successfully return immediately with no
+further action taken.