diff --git a/doc/src/sgml/libpq.sgml b/doc/src/sgml/libpq.sgml
index fe661b8..1606a56 100644
*** /tmp/pgdiff.4616/aPwGCb_libpq.sgml	Mon Jan 17 21:29:06 2011
--- doc/src/sgml/libpq.sgml	Mon Jan 17 21:04:29 2011
*************** ldap://ldap.acme.com/cn=dbserver,cn=host
*** 6641,6647 ****
    </para>
  
   <sect2 id="libq-ssl-certificates">
!   <title>Certificate verification</title>
  
    <para>
     By default, <productname>PostgreSQL</> will not perform any verification of
--- 6641,6647 ----
    </para>
  
   <sect2 id="libq-ssl-certificates">
!   <title>Client Verification of Server Certificates</title>
  
    <para>
     By default, <productname>PostgreSQL</> will not perform any verification of
*************** ldap://ldap.acme.com/cn=dbserver,cn=host
*** 6696,6702 ****
   </sect2>
  
   <sect2 id="libpq-ssl-clientcert">
!   <title>Client certificates</title>
  
    <para>
     If the server requests a trusted client certificate,
--- 6696,6702 ----
   </sect2>
  
   <sect2 id="libpq-ssl-clientcert">
!   <title>Client Certificates</title>
  
    <para>
     If the server requests a trusted client certificate,
*************** ldap://ldap.acme.com/cn=dbserver,cn=host
*** 6738,6744 ****
   </sect2>
  
   <sect2 id="libpq-ssl-protection">
!   <title>Protection provided in different modes</title>
  
    <para>
     The different values for the <literal>sslmode</> parameter provide different
--- 6738,6744 ----
   </sect2>
  
   <sect2 id="libpq-ssl-protection">
!   <title>Protection Provided in Different Modes</title>
  
    <para>
     The different values for the <literal>sslmode</> parameter provide different
*************** ldap://ldap.acme.com/cn=dbserver,cn=host
*** 6746,6752 ****
     protection against three types of attacks:
    </para>
    <table id="libpq-ssl-protect-attacks">
!    <title>SSL attacks</title>
     <tgroup cols="2">
      <thead>
       <row>
--- 6746,6752 ----
     protection against three types of attacks:
    </para>
    <table id="libpq-ssl-protect-attacks">
!    <title>SSL Attacks</title>
     <tgroup cols="2">
      <thead>
       <row>
*************** ldap://ldap.acme.com/cn=dbserver,cn=host
*** 6821,6827 ****
    </para>
  
    <table id="libpq-ssl-sslmode-statements">
!    <title>SSL mode descriptions</title>
     <tgroup cols="4">
      <thead>
       <row>
--- 6821,6827 ----
    </para>
  
    <table id="libpq-ssl-sslmode-statements">
!    <title>SSL Mode Descriptions</title>
     <tgroup cols="4">
      <thead>
       <row>
*************** ldap://ldap.acme.com/cn=dbserver,cn=host
*** 6912,6918 ****
   </sect2>
  
   <sect2 id="libpq-ssl-fileusage">
!   <title>SSL File Usage</title>
    <table id="libpq-ssl-file-usage">
     <title>Libpq/Client SSL File Usage</title>
     <tgroup cols="3">
--- 6912,6918 ----
   </sect2>
  
   <sect2 id="libpq-ssl-fileusage">
!   <title>SSL Client File Usage</title>
    <table id="libpq-ssl-file-usage">
     <title>Libpq/Client SSL File Usage</title>
     <tgroup cols="3">
*************** ldap://ldap.acme.com/cn=dbserver,cn=host
*** 6958,6964 ****
   </sect2>
  
   <sect2 id="libpq-ssl-initialize">
!   <title>SSL library initialization</title>
  
    <para>
     If your application initializes <literal>libssl</> and/or
--- 6958,6964 ----
   </sect2>
  
   <sect2 id="libpq-ssl-initialize">
!   <title>SSL Library Initialization</title>
  
    <para>
     If your application initializes <literal>libssl</> and/or
diff --git a/doc/src/sgml/runtime.sgml b/doc/src/sgml/runtime.sgml
index 8911e99..9b92bec 100644
*** /tmp/pgdiff.4616/QgCZ3a_runtime.sgml	Mon Jan 17 21:29:06 2011
--- doc/src/sgml/runtime.sgml	Mon Jan 17 21:18:42 2011
*************** $ <userinput>kill -INT `head -1 /usr/loc
*** 1770,1796 ****
      <tbody>
  
       <row>
!       <entry><filename>server.crt</></entry>
        <entry>server certificate</entry>
        <entry>sent to client to indicate server's identity</entry>
       </row>
  
       <row>
!       <entry><filename>server.key</></entry>
        <entry>server private key</entry>
        <entry>proves server certificate was sent by the owner; does not indicate
        certificate owner is trustworthy</entry>
       </row>
  
       <row>
!       <entry><filename>root.crt</></entry>
        <entry>trusted certificate authorities</entry>
        <entry>checks that client certificate is
        signed by a trusted certificate authority</entry>
       </row>
  
       <row>
!       <entry><filename>root.crl</></entry>
        <entry>certificates revoked by certificate authorities</entry>
        <entry>client certificate must not be on this list</entry>
       </row>
--- 1770,1796 ----
      <tbody>
  
       <row>
!       <entry><filename>$PGDATA/server.crt</></entry>
        <entry>server certificate</entry>
        <entry>sent to client to indicate server's identity</entry>
       </row>
  
       <row>
!       <entry><filename>$PGDATA/server.key</></entry>
        <entry>server private key</entry>
        <entry>proves server certificate was sent by the owner; does not indicate
        certificate owner is trustworthy</entry>
       </row>
  
       <row>
!       <entry><filename>$PGDATA/root.crt</></entry>
        <entry>trusted certificate authorities</entry>
        <entry>checks that client certificate is
        signed by a trusted certificate authority</entry>
       </row>
  
       <row>
!       <entry><filename>$PGDATA/root.crl</></entry>
        <entry>certificates revoked by certificate authorities</entry>
        <entry>client certificate must not be on this list</entry>
       </row>