From 324bf2fd369232a134de44837d121ece087c2f60 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 8 Mar 2017 09:15:53 +0100
Subject: [PATCH] insecure.d: clarify that this is for server connections

Assisted-by: Ray Satiro
Bug: https://curl.haxx.se/mail/lib-2017-03/0002.html
---
 docs/cmdline-opts/insecure.d | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/docs/cmdline-opts/insecure.d b/docs/cmdline-opts/insecure.d
index 1dd0fa8c0..49b0a4322 100644
--- a/docs/cmdline-opts/insecure.d
+++ b/docs/cmdline-opts/insecure.d
@@ -1,12 +1,16 @@
 Long: insecure
 Short: k
-Help: Allow insecure connections when using SSL
+Help: Allow insecure server connections when using SSL
 Protocols: TLS
+See-also: proxy-insecure cacert
 ---
-This option explicitly allows curl to perform "insecure" SSL connections and
-transfers. All SSL connections are attempted to be made secure by using the CA
-certificate bundle installed by default. This makes all connections considered
-\&"insecure" fail unless --insecure is used.
+
+By default, every SSL connection curl makes is verified to be secure. This
+option allows curl to proceed and operate even for server connections
+otherwise considered insecure.
+
+The server connection is verified by making sure the server's certificate
+contains the right name and verifies successfully using the cert store.
 
 See this online resource for further details:
  https://curl.haxx.se/docs/sslcerts.html