security: ValidatorConfig rule evaluates all checkers Also fix bug when target cert is not in anchors and cert cache is empty Refs #3645 Change-Id: Ifb39e474c74611897ea28a1b8f26ed70750a1990

commit: 044bb7e9e51a87013f7910d8690422580ebd054a [log] [tgz]
author: Zhiyi Zhang <dreamerbarrychang@gmail.com> Fri Jun 10 00:02:37 2016 -0700
committer: Zhiyi Zhang <dreamerbarrychang@gmail.com> Wed Jul 27 18:58:11 2016 -0700
tree: b60cbcb51febc2fa3c7a36c1d5c14b46ec0a7e39
parent: cf9c6bb8d7239c324805d939899fa2a7cbcc3ac0 [diff] [blame]
diff --git a/docs/tutorials/security-validator-config.rst b/docs/tutorials/security-validator-config.rst
index a9ec70e..aec8d7d 100644
--- a/docs/tutorials/security-validator-config.rst
+++ b/docs/tutorials/security-validator-config.rst

@@ -97,8 +97,9 @@
     **ATTENTION: A packet that satisfies all the filters may not be valid**.
 
 The property **checker** defines the conditions that a matched packet must fulfill to be
-treated as a valid packet. A rule must have at least one **checker** property, a packet is
-treated as invalid if it cannot pass none of the checkers.
+treated as a valid packet. A rule must have at least one **checker** property. A packet is
+treated as valid if it can pass at least one of the checkers and as invalid when it cannot
+pass any checkers.
 
 **filter** and **checker** have their own properties. Next, we will introduce them
 separately.
commit	044bb7e9e51a87013f7910d8690422580ebd054a	[log] [tgz]
author	Zhiyi Zhang <dreamerbarrychang@gmail.com>	Fri Jun 10 00:02:37 2016 -0700
committer	Zhiyi Zhang <dreamerbarrychang@gmail.com>	Wed Jul 27 18:58:11 2016 -0700
tree	b60cbcb51febc2fa3c7a36c1d5c14b46ec0a7e39
parent	cf9c6bb8d7239c324805d939899fa2a7cbcc3ac0 [diff] [blame]