[ca-certificates/f19] - clarification updates to manual page

Tue Jul 9 10:41:20 UTC 2013

commit 52a551389c0b28d739ace8fdd38143763a590060
Author: Kai Engert <kaie at redhat.com>
Date:   Tue Jul 9 12:40:59 2013 +0200

    - clarification updates to manual page

 ca-certificates.spec  |    5 ++++-
 update-ca-trust.8.txt |   17 ++++++-----------
 2 files changed, 10 insertions(+), 12 deletions(-)
---

diff --git a/ca-certificates.spec b/ca-certificates.spec
index 9771611..2a3fb34 100644
--- a/ca-certificates.spec
+++ b/ca-certificates.spec
@@ -27,7 +27,7 @@ Name: ca-certificates
 # because all future versions will start with 2013 or larger.)
 
 Version: 2012.87
-Release: 10.3%{?dist}
+Release: 10.4%{?dist}
 License: Public Domain
 
 Group: System Environment/Base
@@ -286,6 +286,9 @@ fi
 
 
 %changelog
+* Tue Jul 09 2013 Kai Engert <kaie at redhat.com> - 2012.87-10.4
+- clarification updates to manual page
+
 * Mon Jul 08 2013 Kai Engert <kaie at redhat.com> - 2012.87-10.3
 - added a manual page and related build requirements
 - simplify the README files now that we have a manual page
diff --git a/update-ca-trust.8.txt b/update-ca-trust.8.txt
index 32555fa..24ca456 100644
--- a/update-ca-trust.8.txt
+++ b/update-ca-trust.8.txt
@@ -147,11 +147,9 @@ directories or in any of their subdirectories, or after adding a file,
 it is necessary to run the 'update-ca-trust extract' command,
 in order to update the consolidated files in /etc/pki/ca-trust/extracted/ .
 
-Legacy applications that rely on legacy filenames benefit from configuration
-updates only if this dynamic configuration feature is in the enabled state.
-
-Applications that use the legacy PKCS#11 module libnssckbi.so with the
-configuration feature in the enabled state, and any application capable of
+Applications that load the legacy PKCS#11 module using filename libnssckbi.so 
+(which has been converted into a symbolic link pointing to the new module)
+and any application capable of 
 loading PKCS#11 modules and loading p11-kit-trust.so, will benefit from
 the dynamically merged set of certificates and trust information stored in the
 /usr/share/pki/ca-trust-source/ and /etc/pki/ca-trust/source/ directories.
@@ -218,18 +216,15 @@ FILES
 -----
 /etc/pki/tls/certs/ca-bundle.crt::
 	Legacy filename, file contains a list of CA certificates trusted for TLS server authentication usage, in the simple BEGIN/END CERTIFICATE file format, without distrust information.
-	If legacy support is disabled, this is a static file and will remain unchanged.
-	Only if the legacy support is enabled, this file is a symbolic link that refers to the consolidated output created by the update-ca-trust command.
+	This file is a symbolic link that refers to the consolidated output created by the update-ca-trust command.
 
 /etc/pki/tls/certs/ca-bundle.trust.crt::
 	Legacy filename, file contains a list of CA certificates in the extended BEGIN/END TRUSTED CERTIFICATE file format, which includes trust (and/or distrust) flags specific to certificate usage.
-	If legacy support is disabled, this is a static file and will remain unchanged.
-	Only if the legacy support is enabled, this file is a symbolic link that refers to the consolidated output created by the update-ca-trust command.
+	This file is a symbolic link that refers to the consolidated output created by the update-ca-trust command.
 
 /etc/pki/java/cacerts::
 	Legacy filename, file contains a list of CA certificates trusted for TLS server authentication usage, in the Java keystore file format, without distrust information.
-	If legacy support is disabled, this is a static file and will remain unchanged.
-	Only if the legacy support is enabled, this file is a symbolic link that refers to the consolidated output created by the update-ca-trust command.
+	This file is a symbolic link that refers to the consolidated output created by the update-ca-trust command.
 
 /usr/share/pki/ca-trust-source::
 	Contains multiple, low priority source configuration files as explained in section <<sourceconf,SOURCE CONFIGURATION>>. Please pay attention to the specific meanings of the respective subdirectories.
