diff --git a/doc/src/sgml/acronyms.sgml b/doc/src/sgml/acronyms.sgml
index 13bd819eb1..9ed148ab84 100644
--- a/doc/src/sgml/acronyms.sgml
+++ b/doc/src/sgml/acronyms.sgml
@@ -410,6 +410,17 @@
+
+ MITM
+
+
+
+ Man-in-the-middle attack
+
+
+
+
MSVC
@@ -590,6 +601,18 @@
+
+ SNI
+
+
+
+ Server Name Indication,
+ RFC 6066
+
+
+
+
SPI
diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml
index f5a753e589..03b33cfb7e 100644
--- a/doc/src/sgml/config.sgml
+++ b/doc/src/sgml/config.sgml
@@ -1378,7 +1378,7 @@ include_dir 'conf.d'
Disables anonymous cipher suites that do no authentication. Such
- cipher suites are vulnerable to man-in-the-middle attacks and
+ cipher suites are vulnerable to MITM attacks and
therefore should not be used.
diff --git a/doc/src/sgml/libpq.sgml b/doc/src/sgml/libpq.sgml
index 441cc0da3a..641970f2a6 100644
--- a/doc/src/sgml/libpq.sgml
+++ b/doc/src/sgml/libpq.sgml
@@ -1783,18 +1783,17 @@ postgresql://%2Fvar%2Flib%2Fpostgresql/dbname
By default, libpq sets the TLS extension Server Name
- Indication
(SNI) on SSL-enabled connections. See RFC 6066
- for details. By setting this parameter to 0, this is turned off.
+ Indication (SNI) on SSL-enabled connections.
+ By setting this parameter to 0, this is turned off.
The Server Name Indication can be used by SSL-aware proxies to route
connections without having to decrypt the SSL stream. (Note that this
requires a proxy that is aware of the PostgreSQL protocol handshake,
- not just any SSL proxy.) However, SNI makes the destination host name
- appear in cleartext in the network traffic, so it might be undesirable
- in some cases.
+ not just any SSL proxy.) However, SNI makes the
+ destination host name appear in cleartext in the network traffic, so
+ it might be undesirable in some cases.
@@ -8430,7 +8429,7 @@ ldap://ldap.acme.com/cn=dbserver,cn=hosts?pgconnectinfo?base?(objectclass=*)
- Man in the middle (MITM)
+ Man-in-the-middle (MITM)
If a third party can modify the data while passing between the
client and server, it can pretend to be the server and therefore see and