doc: improved text on certifications

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

diff --git a/doc/cha-support.texi b/doc/cha-support.texi
index 9ae104f64139cd392dc79b755380717a996ac786..bc664a1a215d1c5bea625623d31e9cf7068db70f 100644 (file)
--- a/doc/cha-support.texi
+++ b/doc/cha-support.texi
@@ -131,12 +131,9 @@ formatted, are extracted into Texinfo manuals and GTK-DOC web pages.
 @section Certification
 @cindex certification
 
-Many cryptographic libraries claim certifications from national or international bodies. These certifications are tied on a specific (and often restricted) version of the library or a 
-specific product using the library, and typically in the case of software they assure that the algorithms implemented are correct. The major certifications known are:
-@itemize
-@item USA's FIPS 140-2 at Level 1 which certifies that approved algorithms are used (see @url{http://en.wikipedia.org/wiki/FIPS_140-2});
-@item Common Criteria for Information Technology Security Evaluation (CC), an international standard for verification of elaborate security claims (see @url{http://en.wikipedia.org/wiki/Common_Criteria}).
-@end itemize
+There are certifications from national or international bodies which "prove"
+to an auditor that the crypto component follows some best practices, such
+as unit testing and reliance on well known crypto primitives.
 
-GnuTLS has support for FIPS 140-2 under Red Hat Enterprise Linux.
+GnuTLS has support for the FIPS 140-2 certification under Red Hat Enterprise Linux.
 See @ref{FIPS140-2 mode} for more information.