Apply suggestions from code review

RoRoJ · nerda-codes · RoRoJ · commit d8e6b19ffa9c · 2025-07-07T13:46:32.000+02:00
Co-authored-by: Néda &lt;87707325+nerda-codes@users.noreply.github.com&gt;
diff --git a/pages/site-to-site-vpn/reference-content/security-proposals.mdx b/pages/site-to-site-vpn/reference-content/security-proposals.mdx
@@ -46,7 +46,7 @@ When defining your Site-to-Site VPN security proposal, you must define the algor
 | Protocol        | Element         | Description                                        | User must define?  |
 |-----------------|-----------------|----------------------------------------------------|----------------------------|
 | **ESP**         | **Encryption**  | Algorithm to encrypt traffic's data payloads  | ✅ Yes                       |
-| **ESP**         | **Integrity**   | HMAC-based algorithm to verify data payloads have not been tampered with. <br/><br/>Only set an HMAC integrity algorithm if **not** using an AEAD algorithm for ESP encryption (see below). Otherwise, integrity is built in, and you do not need to set an ESP integrity algorithm. | ❓ Depends                         |
+| **ESP**         | **Integrity**   | HMAC-based algorithm to verify data payloads have not been tampered with. <br/><br/> Only set an HMAC integrity algorithm if **not** using an AEAD algorithm for ESP encryption (see below). Otherwise, integrity is built in, and you do not need to set an ESP integrity algorithm. | ❓ Depends                         |
 | **ESP**         | **Key Exchange Method**   | DH group to define strength of key exchange         | ❌ No                         |
 
 ## Encryption algorithms
@@ -74,7 +74,7 @@ Integrity is based on **H**ash-based **M**essage **A**uthentication **C**ode (HM
 | Algorithm               | Output Size (bits)| Security Level   | Notes                                                   | Recommended?        |
 |-------------------------|--------------------|-----------------|---------------------------------------------------------|---------------------|
 | `sha512`                | 512                |  ✅ Very Strong | Suitable for high security environments. Use for long term security. | ✅ Recommended      |
-| `sha384`                | 384                |  ✅ Strong      | Balanced security/performance. Good alternative to `sha-512`                        | ✅ Recommended      |
+| `sha384`                | 384                |  ✅ Strong      | Balanced security/performance. Good alternative to `sha-512`.                        | ✅ Recommended      |
 | `sha256`                | 256                |  ✅ Strong      | Default for most VPNs. Recommended baseline.            | ✅ Recommended      |
 
 ## Key exchange methods
@@ -83,13 +83,13 @@ Key exchange is **D**iffie-**H**ellman-based. The following DH groups can be set
 
 | DH Group               | Bit Size  | Security Level  | Use Case                                                         | Recommended?     |
 |------------------------|-----------|-----------------|------------------------------------------------------------------|------------------|
-| `ecp521`               | 521       |  ✅ Very Strong | Suitable for high security environments. May be overkill (lowers performance) |👍 Acceptable     |
+| `ecp521`               | 521       |  ✅ Very Strong | Suitable for high security environments. May be overkill (lowers performance). |👍 Acceptable     |
 | `ecp384`               | 384       |  ✅ Strong      | Both strong and fast. **Our top choice for modern VPNs.**        |✅ Recommended    |
 | `ecp256`               | 256       |  ✅ Strong      | Suitable for performance-sensitive VPNs.                                      |✅ Recommended    |
 | `curve25519` (X25519)  | 256       |  ✅ Very Strong | Both strong and fast. **Our top choice for performance**.        |✅ Recommended    |
 | `modp4096`             | 4096      |  ✅ Strong      | Strong but slow. May be suitable for legacy VPNs.                |👍 Acceptable     |
 | `modp3072`             | 3072      |  ✅ Medium-Strong | May be suitable for legacy VPNs.                               |👍 Acceptable     |
-| `modp2048`             | 2048      |  ⚠️ Minimum      | Use for older VPNs only if absolutely needed                     |⚠️ Use with caution |
+| `modp2048`             | 2048      |  ⚠️ Minimum      | Use for older VPNs only if absolutely needed.                    |⚠️ Use with caution |
 
 ## Standard recommendation
 
diff --git a/pages/site-to-site-vpn/reference-content/understanding-s2svpn.mdx b/pages/site-to-site-vpn/reference-content/understanding-s2svpn.mdx
@@ -172,8 +172,3 @@ Use [Network ACLs](/vpc/reference-content/understanding-nacls/) if you want to l
 - You cannot modify the Private Network that a VPN is connected to after creation
 - You must use the auto-generated pre-shared key (PSK) for a VPN connection: you cannot currently define your own PSK
 - We cannot currently provide a configuration file for customer gateway devices
-
-
-
-
-
