From 3bc0ee2547cb2f6d3ca0889e35bd22b4cd5ffdbb Mon Sep 17 00:00:00 2001
From: Patrick McDermott <patrick.mcdermott@libiquity.com>
Date: Sat, 03 Aug 2019 19:21:42 -0400
Subject: README: Stronger by default than openssl s_client

---
diff --git a/README b/README
index d20ccb9..4438cd4 100644
--- a/README
+++ b/README
@@ -6,6 +6,19 @@ It is similar to the OpenSSL command-line tool, providing only a limited
 `s_client` TLS client command.  The primary goal is to provide enough
 functionality for use by BusyBox's wget applet.
 
+wolfssl-util's `s_client` command is designed to be stronger by default than
+openssl's, as the latter is only meant to be a "diagnostic tool".  That is, the
+following command:
+
+    $ wolfssl-util s_client -quiet -connect ${host}:${port} \
+    > -servername ${servername}
+
+is roughly equivalent to the more complicated:
+
+    $ openssl s_client -quiet -connect ${host}:${port} \
+    > -servername ${servername} -verify 9 -verify_return_error \
+    > -no_ssl3 -no_tls1 -no_tls1_1
+
 This utility is in no way authored by or affiliated with wolfSSL Inc. or its
 contributors.
 
--
cgit v0.9.1