some docs cleanups + changelog (#3122)
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 1854203..fabc913 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -6,6 +6,8 @@
.. note:: This version is not yet released and is under active development.
+* Deprecated support for OpenSSL 1.0.0. Support will be removed in
+ ``cryptography`` 1.7.
* Added support for :class:`~cryptography.hazmat.primitives.hashes.BLAKE2b` and
:class:`~cryptography.hazmat.primitives.hashes.BLAKE2s` when using OpenSSL
1.1.0.
diff --git a/docs/hazmat/primitives/key-derivation-functions.rst b/docs/hazmat/primitives/key-derivation-functions.rst
index 558c9d1..873e0ff 100644
--- a/docs/hazmat/primitives/key-derivation-functions.rst
+++ b/docs/hazmat/primitives/key-derivation-functions.rst
@@ -178,7 +178,7 @@
long as the hash output. Worse (shorter, less entropy) salt values can
still meaningfully contribute to security. May be reused. Does not have
to be secret, but may cause stronger security guarantees if secret; see
- `RFC 5869`_ and the `HKDF paper`_ for more details. If ``None`` is
+ :rfc:`5869` and the `HKDF paper`_ for more details. If ``None`` is
explicitly passed a default salt of ``algorithm.digest_size // 8`` null
bytes will be used.
@@ -793,6 +793,5 @@
.. _`PBKDF2`: https://en.wikipedia.org/wiki/PBKDF2
.. _`scrypt`: https://en.wikipedia.org/wiki/Scrypt
.. _`key stretching`: https://en.wikipedia.org/wiki/Key_stretching
-.. _`HKDF`:
-.. _`RFC 5869`: https://tools.ietf.org/html/rfc5869
+.. _`HKDF`: https://en.wikipedia.org/wiki/HKDF
.. _`HKDF paper`: https://eprint.iacr.org/2010/264