From f36a1c5c8783d08926f336b71d0b8a7984406adf Mon Sep 17 00:00:00 2001
From: Adnan Maolood <me@adnano.co>
Date: Thu, 14 Jan 2021 22:34:12 -0500
Subject: [PATCH] client: Add note about TOFU

---
 client.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/client.go b/client.go
index f210f71..ba84245 100644
--- a/client.go
+++ b/client.go
@@ -19,6 +19,9 @@ type Client struct {
 	// If TrustCertificate is nil, the client will accept any certificate.
 	// If the returned error is not nil, the certificate will not be trusted
 	// and the request will be aborted.
+	//
+	// For a basic trust on first use implementation, see (*KnownHosts).TOFU
+	// in the tofu submodule.
 	TrustCertificate func(hostname string, cert *x509.Certificate) error
 
 	// Timeout specifies a time limit for requests made by this