doc: daemon: clarify TLS and well-known ports

author Eric Wong <e@80x24.org>

Mon, 28 Aug 2023 21:11:54 +0000 (21:11 +0000)

committer Eric Wong <e@80x24.org>

Mon, 28 Aug 2023 21:37:02 +0000 (21:37 +0000)
author Eric Wong <e@80x24.org>
Mon, 28 Aug 2023 21:11:54 +0000 (21:11 +0000)
committer Eric Wong <e@80x24.org>
Mon, 28 Aug 2023 21:37:02 +0000 (21:37 +0000)
diff --git a/Documentation/public-inbox-daemon.pod b/Documentation/public-inbox-daemon.pod

index c5c88bdd04fa3c0c6bc18ba9b31d42f03d4d2b77..6f1e3b53513d02bc3fd11a8ee06fcdd546eb3a48 100644 (file)
--- a/Documentation/public-inbox-daemon.pod
+++ b/Documentation/public-inbox-daemon.pod
@@ -101,14 +101,11 @@ Default: 1
  The default TLS certificate for HTTPS, IMAPS, NNTPS, POP3S and/or STARTTLS
  support if the C<cert> option is not given with C<--listen>.
  
-=for comment FIXME this paragraph needs repair
-
-Well-known TCP ports automatically get TLS or STARTTLS support
-If using systemd-compatible socket activation and a TCP listener
-on port well-known ports (563 is inherited, it is automatically
-NNTPS when this option is given.  When a listener on port 119 is
-inherited and this option is given, it automatically gets
-STARTTLS support.
+With this option, well-known TCP ports automatically get TLS or STARTTLS
+support if using systemd-compatible socket activation.  That is, ports
+443, 563, 993, and 995 support HTTPS, NNTPS, IMAPS, and POP3S,
+respectively; while ports 110, 119, and 143 support STARTTLS on POP3,
+NNTP, and IMAP, respectively.
  
  =item --key /path/to/key
author	Eric Wong <e@80x24.org>
	Mon, 28 Aug 2023 21:11:54 +0000 (21:11 +0000)
committer	Eric Wong <e@80x24.org>
	Mon, 28 Aug 2023 21:37:02 +0000 (21:37 +0000)