From f944c40c86c8af9917a596bfb7704a6f0af36acb Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Sat, 12 Aug 2017 08:52:55 -0500
Subject: add changelog and a warning for is_signature_valid on crl (#3861)

* add changelog and a warning

* document this properly
---
 docs/x509/reference.rst | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'docs/x509/reference.rst')

diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst
index 47f76254..5e1c95c4 100644
--- a/docs/x509/reference.rst
+++ b/docs/x509/reference.rst
@@ -567,6 +567,12 @@ X.509 CRL (Certificate Revocation List) Object
 
         .. versionadded:: 2.1
 
+        .. warning::
+
+            Checking the validity of the signature on the CRL is insufficient
+            to know if the CRL should be trusted. More details are available
+            in :rfc:`5280`.
+
         Returns True if the CRL signature is correct for given public key,
         False otherwise.
 
-- 
cgit v1.2.3