From 6e4f0f1dd97f71cd04d7049db55358f0a09226af Mon Sep 17 00:00:00 2001
From: Trevor Vaughan <tvaughan@onyxpoint.com>
Date: Apr 11 2018 20:28:17 +0000
Subject: Updates per Feedback


Ref: #89

---

diff --git a/src/scepgen-o.c b/src/scepgen-o.c
index 8b1c4ca..6073c81 100644
--- a/src/scepgen-o.c
+++ b/src/scepgen-o.c
@@ -446,7 +446,7 @@ cm_scepgen_o_cooked(struct cm_store_ca *ca, struct cm_store_entry *entry,
 			_exit(1);
 		}
 
-		cm_log(1, "SCEP cipher authoritatively set to: '%s'\n", scep_cipher);
+		cm_log(1, "SCEP cipher set from configuration to: '%s'\n", scep_cipher);
 	}
 	else {
 		cipher = cm_prefs_nocipher;
@@ -516,11 +516,11 @@ cm_scepgen_o_cooked(struct cm_store_ca *ca, struct cm_store_entry *entry,
 			digest = cm_prefs_md5;
 		}
 		else {
-			cm_log(1, "Option 'scep_digest' must be one of AES256, AES192, AES128, DES3, or DES. Got '%s'\n", scep_digest);
+			cm_log(1, "Option 'scep_digest' must be one of SHA512, SHA384, SHA256, SHA1, or MD5. Got '%s'\n", scep_digest);
 			_exit(1);
 		}
 
-		cm_log(1, "SCEP digest authoritatively set to: '%s'\n", scep_digest);
+		cm_log(1, "SCEP digest set from configuration to: '%s'\n", scep_digest);
 	}
 	else {
 		pref_digest = cm_prefs_preferred_digest();
@@ -567,7 +567,8 @@ cm_scepgen_o_cooked(struct cm_store_ca *ca, struct cm_store_entry *entry,
 			}
 		}
 		if (digest == cm_prefs_nodigest) {
-			/* Per the latest Draft RFC */
+			/* Per SCEP RFC draft-gutmann-scep-10 - March 1, 2018 */
+			/* https://www.ietf.org/id/draft-gutmann-scep-10.txt  */
 			cm_log(1, "Could not determine supported CA capabilities, using SHA256.\n");
 			digest = cm_prefs_sha256;
 		}