Fix the evp_test Ctrl keyword processing

[oweals/openssl.git] / doc / apps / cms.pod

diff --git a/doc/apps/cms.pod b/doc/apps/cms.pod
index 2552f220ba27827365fb6bf71b133e94118e558f..d5529bea6bc91ea8fdcc100600be57acc6b8af66 100644 (file)
--- a/doc/apps/cms.pod
+++ b/doc/apps/cms.pod
@@ -122,6 +122,9 @@ encrypt mail for the given recipient certificates. Input file is the message
 to be encrypted. The output file is the encrypted mail in MIME format. The
 actual CMS type is <B>EnvelopedData<B>.
 
+Note that no revocation check is done for the recipient cert, so if that
+key has been compromised, others may be able to decrypt the text.
+
 =item B<-decrypt>
 
 decrypt mail using the supplied certificate and private key. Expects an
@@ -499,7 +502,7 @@ a blank line. Piping the mail directly to sendmail is one way to
 achieve the correct format.
 
 The supplied message to be signed or encrypted must include the
-necessary MIME headers or many S/MIME clients wont display it
+necessary MIME headers or many S/MIME clients won't display it
 properly (if at all). You can use the B<-text> option to automatically
 add plain text headers.
 
@@ -722,8 +725,6 @@ to OpenSSL 1.1.0.
 
 The -no_alt_chains options was first added to OpenSSL 1.1.0.
 
-=cut
-
 =head1 COPYRIGHT
 
 Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.