From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 5 Jun 2024 08:18:21 +0000 (+0200)
Subject: doh-insecure.md: expand
X-Git-Tag: curl-8_9_0~289
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=881e9a616f595d7801d31da898d2ce9534df0691;p=thirdparty%2Fcurl.git

doh-insecure.md: expand

Closes #13889
---

diff --git a/docs/cmdline-opts/doh-insecure.md b/docs/cmdline-opts/doh-insecure.md
index 684428ddf7..72f3cb7725 100644
--- a/docs/cmdline-opts/doh-insecure.md
+++ b/docs/cmdline-opts/doh-insecure.md
@@ -8,10 +8,20 @@ Category: dns tls
 Multi: boolean
 See-also:
   - doh-url
+  - insecure
+  - proxy-insecure
 Example:
   - --doh-insecure --doh-url https://doh.example $URL
 ---
 
 # `--doh-insecure`
 
-Same as --insecure but used for DoH (DNS-over-HTTPS).
+By default, every connection curl makes to a DoH server is verified to be
+secure before the transfer takes place. This option tells curl to skip the
+verification step and proceed without checking.
+
+**WARNING**: using this option makes the DoH transfer and name resolution
+insecure.
+
+This option is equivalent to --insecure and --proxy-insecure but used for DoH
+(DNS-over-HTTPS) only.