Index: doc/cryptography.html
==================================================================
--- doc/cryptography.html
+++ doc/cryptography.html
@@ -136,11 +136,11 @@
 </dl>
 
 <dl>
     <dt><a name="-info"><strong>-info</strong> <em>string</em></a></dt>
     <dd>Optional context and application specific information. Can be a binary
-    or text string. </dd>
+    or text string. Max length is 1024 bytes for OpenSSL 1.1 and 2048 bytes for 3.0.</dd>
 </dl>
 
 <dl>
     <dt><a name="-iterations"><strong>-iterations</strong> <em>count</em></a></dt>
     <dd>Number (integer &gt; 0) of iterations to use in deriving the encryption
@@ -149,11 +149,12 @@
 </dl>
 
 <dl>
     <dt><a name="-iv"><strong>-iv</strong> <em>string</em></a></dt>
     <dd>Initialization vector (IV) to use. Required for some ciphers and GMAC.
-    Cipher modes CBC, CFB, and OFB all need an IV while ECB and CTR modes do not.
+    Other MACs use a fixed IV.
+    Cipher modes CBC, CFB, and OFB all need an IV, while ECB and CTR modes do not.
     A new, random IV should be created for each use. Think of the IV as a nonce
     (number used once), it's public but random and unpredictable. See the
    <a href="#tls::cipher"><b>tls::cipher</b></a> for iv_length and when
    required (length > 0). Max is 16 bytes. If not set, it will default to \x00
    fill data.</dd>
@@ -327,11 +328,13 @@
 <p>The following commands provide access to the OpenSSL cryptography functions.</p>
 
 <dl>
 
 <h4><a name="Info">Info Commands</a></h4>
-
+These commands provide information about the available ciphers, digests, etc. and their properties.
+<br>
+<br>
     <dt><a name="tls::cipher"><strong>tls::cipher</strong> <em>name</em></a></dt>
     <dd>Returns a list of property name and value pairs describing cipher
 	<i>name</i>. Properties are:</dd>
     <blockquote><table>
 	<tr><td><b>nid</b></td><td>Internal id of cipher. This is the same as <i>name</i>.<td></tr>
@@ -391,11 +394,13 @@
     <dd>Returns the OpenSSL version string.</dd>
 
 <br>
 
 <h4><a name="MD_MAC">Message Digest (MD) and Message Authentication Code (MAC) Commands</a></h4>
-
+These commands calculate a message digest or message authentication code for data.
+<br>
+<br>
     <dt><a name="tls::cmac"><strong>tls::cmac</strong>
 	<em>?</em><b>-cipher</b><em>? name</em>
 	<b>-key</b> <em>key ?</em>
 	<b>-bin</b>|<b>-hex</b>
 	<em>?[</em><b>-chan</b> <em>channelId |</em> <b>-command</b> <em>cmdName |</em>
@@ -461,11 +466,13 @@
     <dd>Removes the top level cryptographic transform from channel <em>channelId</em>.</dd>
 
 <br>
 
 <h4><a name="Cipher">Encryption and Decryption Commands</a></h4>
-
+These commands encrypt plaintext into ciphertext or vice versa.
+<br>
+<br>
     <dt><a name="tls::encrypt"><strong>tls::encrypt</strong>
 	<em>?</em><b>-cipher</b><em>? name</em>
 	<b>-digest</b> <em>name</em>
 	<b>-key</b> <em>key ?</em>
 	<b>-iv</b> <em>string?</em>
@@ -548,11 +555,11 @@
     </table></blockquote>
 
 <br>
 
 <h4><a name="RAND">Random Bytes Commands</a></h4>
-These commands provide randomly generated byte strings.
+These commands provide randomly generated byte strings for use when random data is needed.
 <br>
 <br>
     <dt><a name="tls::random"><strong>tls::random</strong>
 	<em>?</em><b>-private</b><em>? length</em></a></dt>
     <dd>Generate <i>length</i> random bytes using a cryptographically secure