From f28a053a5ddb73b2a21154a0f1294298408c9cfa Mon Sep 17 00:00:00 2001
From: "data-plane-api(Azure Pipelines)"
 <data-plane-api@users.noreply.github.com>
Date: Wed, 19 Apr 2023 00:13:06 +0000
Subject: [PATCH] fix crl docs (#26787)

Signed-off-by: Rama Chavali <rama.rao@salesforce.com>

Mirrored from https://github.com/envoyproxy/envoy @ 635289d8430b01a0e1b5a8e4905b359e1c5bbd1e
---
 envoy/extensions/transport_sockets/tls/v3/common.proto | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/envoy/extensions/transport_sockets/tls/v3/common.proto b/envoy/extensions/transport_sockets/tls/v3/common.proto
index 54d6ebcf..4780858e 100644
--- a/envoy/extensions/transport_sockets/tls/v3/common.proto
+++ b/envoy/extensions/transport_sockets/tls/v3/common.proto
@@ -357,7 +357,7 @@ message CertificateValidationContext {
   // that if a CRL is provided for any certificate authority in a trust chain, a CRL must be
   // provided for all certificate authorities in that chain. Failure to do so will result in
   // verification failure for both revoked and unrevoked certificates from that chain.
-  // The behavior of requiring all certificates to contain CRLs if any do can be altered by
+  // The behavior of requiring all certificates to contain CRLs can be altered by
   // setting :ref:`only_verify_leaf_cert_crl <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.only_verify_leaf_cert_crl>`
   // true. If set to true, only the final certificate in the chain undergoes CRL verification.
   //