3 files changed, 13 insertions, 5 deletions

diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt
index 3ebc63d1..f72e0b0c 100644
--- a/docs/spelling_wordlist.txt
+++ b/docs/spelling_wordlist.txt
@@ -1,3 +1,4 @@
+accessor
 affine
 Authenticator
 backend
@@ -43,6 +44,7 @@ Google
 hazmat
 Homebrew
 hostname
+idna
 indistinguishability
 initialisms
 interoperable
diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst
index 7cc72711..c2ff0ffe 100644
--- a/docs/x509/reference.rst
+++ b/docs/x509/reference.rst
@@ -599,7 +599,7 @@ X.509 Certificate Builder
         >>> builder = builder.public_key(public_key)
         >>> builder = builder.add_extension(
         ...     x509.SubjectAlternativeName(
-        ...         [x509.DNSName(u'cryptography.io')]
+        ...         [x509.DNSName(b'cryptography.io')]
         ...     ),
         ...     critical=False
         ... )
@@ -1242,8 +1242,14 @@ General Name Classes
 
     This corresponds to a domain name. For example, ``cryptography.io``.
 
+    .. attribute:: bytes_value
+
+        :type: bytes
+
     .. attribute:: value
 
+        Deprecated accessor for the idna-decoded value of :attr:`bytes_value`
+
         :type: :term:`text`
 
 .. class:: DirectoryName(value)
diff --git a/docs/x509/tutorial.rst b/docs/x509/tutorial.rst
index d34b3504..0492c9a7 100644
--- a/docs/x509/tutorial.rst
+++ b/docs/x509/tutorial.rst
@@ -70,9 +70,9 @@ a few details:
     ... ])).add_extension(
     ...     x509.SubjectAlternativeName([
     ...         # Describe what sites we want this certificate for.
-    ...         x509.DNSName(u"mysite.com"),
-    ...         x509.DNSName(u"www.mysite.com"),
-    ...         x509.DNSName(u"subdomain.mysite.com"),
+    ...         x509.DNSName(b"mysite.com"),
+    ...         x509.DNSName(b"www.mysite.com"),
+    ...         x509.DNSName(b"subdomain.mysite.com"),
     ...     ]),
     ...     critical=False,
     ... # Sign the CSR with our private key.
@@ -142,7 +142,7 @@ Then we generate the certificate itself:
     ...     # Our certificate will be valid for 10 days
     ...     datetime.datetime.utcnow() + datetime.timedelta(days=10)
     ... ).add_extension(
-    ...     x509.SubjectAlternativeName([x509.DNSName(u"localhost")]),
+    ...     x509.SubjectAlternativeName([x509.DNSName(b"localhost")]),
     ...     critical=False,
     ... # Sign our certificate with our private key
     ... ).sign(key, hashes.SHA256(), default_backend())