Changes for TLS-stack review comments

A number of clarifications and changes have been requested as part of the
TLS-stack document review.

Signed-off-by: Martyn Welch <martyn.welch@collabora.com>

content/concepts/tls-stack.md

@@ -7,12 +7,12 @@ outputs:
   - pdf-in
 ---
 
-The Apertis distribution is targeted towards the development of and use in
-electronic devices. In line with this goal, the Apertis project strives to
-provide software components that, where there is intent that they form part of
-the software stack on the devices themselves, are free from licensing
-constraints that may make it unsuitable in certain use cases. An example is
-software licensed under the terms of the GNU
+The Apertis distribution provides both a development environment for electronic
+devices as well as a software stack to be used on them. In line with this
+goal, the Apertis project strives to provide software components that, where
+there is intent that they form part of the software stack on the devices
+themselves, are free from licensing constraints that may make it unsuitable in
+certain use cases. An example is software licensed under the terms of the GNU
 [GPL-3](https://www.gnu.org/licenses/gpl-3.0.en.html) (General Public License)
 or [LGPL-3](https://www.gnu.org/licenses/lgpl-3.0.en.html) (Lesser General
 Public License) which are known to present a problem as they sometimes
@@ -60,7 +60,7 @@ currently provides [GnuTLS](https://www.gnutls.org/),
 - **NSS**: Apertis currently provides NSS version 3.42.1. This version
   is approximately a year and a half old, and is packaged as part of Debian
   Buster. As with OpenSSL, support for Debian Buster
-  [is expected](https://wiki.debian.org/LTS) until June 2024.
+  is expected until June 2024.
  
 Some of the packages requiring TLS support only support one of the currently
 provided TLS implementations, often due to licensing compatibility.  Other
@@ -72,14 +72,14 @@ detailed analysis in the [Appendix]({{< ref "#appendix" >}}).
 
 The TLS libraries used in Apertis today are currently supported, though this
 will not remain the case indefinitely, with Ubuntu dropping support for the
-currently used GnuTLS in 2022 and OpenSSL 1.1 losing support in 2024.
+currently used GnuTLS in 2022, NSS and OpenSSL 1.1 losing support in 2024.
 
 Future releases of Apertis would be expected to be based on newer versions of
 Debian (as covered in the [Apertis Release Flow]({{< ref
 "release-flow.md#apertis-release-flow" >}}). As could be expected, newer
 versions of Debian have integrated newer versions of these TLS libraries.
-Upgrading to newer versions of the GnuTLS or OpenSSL may present issues for
-Apertis:
+Whilst upgrading to newer versions of NSS does not appear to present any
+issues, the GnuTLS or OpenSSL may present issues for Apertis:
 
 - **GnuTLS**: Whilst GnuTLS is licensed under the
 [LGPL-2.1](https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html), it uses
@@ -376,7 +376,7 @@ to fair use laws in some jurisdictions or explicitly allowed by the GPL when it
 act of running the Program is not restricted".
 
 A further argument is that the GPL
-[states](https://www.gnu.org/licenses/old-licenses/gpl-2.0.html#section3)) "as
+[states](https://www.gnu.org/licenses/old-licenses/gpl-2.0.html#section3) "as
 a special exception, the source code distributed need not include anything that
 is normally distributed (in either source or binary form) with the major
 components (compiler, kernel, and so on) of the operating system on which the