===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/ssh-keygen.1,v
retrieving revision 1.171
retrieving revision 1.172
diff -u -r1.171 -r1.172
--- src/usr.bin/ssh/ssh-keygen.1	2019/10/03 17:07:50	1.171
+++ src/usr.bin/ssh/ssh-keygen.1	2019/10/22 08:50:35	1.172
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-keygen.1,v 1.171 2019/10/03 17:07:50 jmc Exp $
+.\"	$OpenBSD: ssh-keygen.1,v 1.172 2019/10/22 08:50:35 jmc Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: October 3 2019 $
+.Dd $Mdocdate: October 22 2019 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -716,6 +716,7 @@
 The revocation file may be a KRL or a one-per-line list of public keys.
 Successful verification by an authorized signer is signalled by
 .Nm
+returning a zero exit status.
 .It Fl Y Cm check-novalidate
 Checks that a signature generated using
 .Nm
@@ -987,8 +988,8 @@
 consisting of one or more comma-separated USER@DOMAIN identity patterns
 that are accepted for signing.
 When verifying, the identity presented via the
-.Fl I option
-must match a principals pattern in order for the corresponding key to be
+.Fl I
+option must match a principals pattern in order for the corresponding key to be
 considered acceptable for verification.
 .Pp
 The options (if present) consist of comma-separated option specifications.