a few more doc changes to gcm tag info

commit: 048d6cb43a0757f3b4cca385e788d30173ebcb17 [log] [tgz]
author: Paul Kehrer <paul.l.kehrer@gmail.com> Sat Dec 21 18:53:19 2013 -0600
committer: Paul Kehrer <paul.l.kehrer@gmail.com> Sat Dec 21 18:53:19 2013 -0600
tree: e0674a1a5af226ce1f1c5ddff17797a906d50712
parent: fc73e2d04315e21011869fbd925df9e7a99d21ae [diff]
diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst
index f009bb7..6e3c102 100644
--- a/docs/hazmat/primitives/symmetric-encryption.rst
+++ b/docs/hazmat/primitives/symmetric-encryption.rst

@@ -357,9 +357,10 @@
         Cryptography will emit a 128-bit tag when finalizing encryption.
         You can shorten a tag by truncating it to the desired length, but this
         is **not recommended** as it lowers the security margins of the
-        authentication (`NIST SP-800-38D`_ recommends 96-bit or greater).
+        authentication (`NIST SP-800-38D`_ recommends 96-bits or greater).
         If you must shorten the tag the minimum allowed length is 4 bytes
-        (32 bit).
+        (32-bits). Applications **must** verify the tag is the expected length
+        to guarantee the expected security margin.
 
     :param bytes tag: The tag bytes to verify during decryption. When encrypting
                       this must be None.
commit	048d6cb43a0757f3b4cca385e788d30173ebcb17	[log] [tgz]
author	Paul Kehrer <paul.l.kehrer@gmail.com>	Sat Dec 21 18:53:19 2013 -0600
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	Sat Dec 21 18:53:19 2013 -0600
tree	e0674a1a5af226ce1f1c5ddff17797a906d50712
parent	fc73e2d04315e21011869fbd925df9e7a99d21ae [diff]