certificate is signed by trusted authority, does not reveal anything
about the peer's identity. It is required to verify if the
certificate's owner is the one you expect. For more information
-consult @xcite{RFC2818} and section @ref{ex:verify} for an example.
+consult @ref{gnutls_x509_crt_check_hostname}, section @ref{ex:verify} for an example, and @xcite{RFC2818}.
@node Verifying a certificate using trust on first use authentication
@subsection Verifying a certificate using trust on first use authentication
* gnutls_certificate_set_verify_limits().
*
* Note that you must also check the peer's name in order to check if
- * the verified certificate belongs to the actual peer.
- *
- * This function uses gnutls_x509_crt_list_verify() with the CAs in
- * the credentials as trusted CAs.
+ * the verified certificate belongs to the actual peer, see gnutls_x509_crt_check_hostname().
*
* Returns: a negative error code on error and %GNUTLS_E_SUCCESS (0) on success.
**/