diff --git a/include/picotls.h b/include/picotls.h
index 43cd6281..e4584dbb 100644
--- a/include/picotls.h
+++ b/include/picotls.h
@@ -919,8 +919,7 @@ struct st_ptls_context_t {
      */
     unsigned send_change_cipher_spec : 1;
     /**
-     * if set, the server requests client certificates
-     * to authenticate the client.
+     * if set, the server requests client certificates to authenticate the client
      */
     unsigned require_client_authentication : 1;
     /**
@@ -982,7 +981,8 @@ struct st_ptls_context_t {
      */
     ptls_cipher_suite_t **tls12_cipher_suites;
     /**
-     * (optional) used in CR message, must be DNs in DER format.
+     * (optional) list of CAs advertised to clients as supported in the CertificateRequest message; each item must be DNs in DER
+     * format. The values are sent to the client only when `ptls_context_t::require_client_authentication` is set to true.
      */
     struct {
         const ptls_iovec_t *list;
diff --git a/lib/picotls.c b/lib/picotls.c
index 90e77fb6..f37ff969 100644
--- a/lib/picotls.c
+++ b/lib/picotls.c
@@ -4674,10 +4674,9 @@ static int server_handle_hello(ptls_t *tls, ptls_message_emitter_t *emitter, ptl
         /* send certificate request if client authentication is activated */
         if (tls->ctx->require_client_authentication) {
             ptls_push_message(emitter, tls->key_schedule, PTLS_HANDSHAKE_TYPE_CERTIFICATE_REQUEST, {
-                /* certificate_request_context, this field SHALL be zero length, unless the certificate
-                 * request is used for post-handshake authentication.
-                 */
                 ptls_buffer_t *sendbuf = emitter->buf;
+                /* certificate_request_context: this field SHALL be zero length, unless the certificate request is used for post-
+                 * handshake authentication. */
                 ptls_buffer_push(sendbuf, 0);
                 /* extensions */
                 ptls_buffer_push_block(sendbuf, 2, {
@@ -4685,8 +4684,7 @@ static int server_handle_hello(ptls_t *tls, ptls_message_emitter_t *emitter, ptl
                         if ((ret = push_signature_algorithms(tls->ctx->verify_certificate, sendbuf)) != 0)
                             goto Exit;
                     });
-
-                    /* <optional> certificate authorities entension */
+                    /* certificate authorities entension */
                     if (tls->ctx->client_ca_names.count > 0) {
                         buffer_push_extension(sendbuf, PTLS_EXTENSION_TYPE_CERTIFICATE_AUTHORITIES, {
                             ptls_buffer_push_block(sendbuf, 2, {