diff --git a/doc/dev_ref/todo.rst b/doc/dev_ref/todo.rst
index 466345ddee..e75d4365d9 100644
--- a/doc/dev_ref/todo.rst
+++ b/doc/dev_ref/todo.rst
@@ -65,12 +65,13 @@ External Providers
* Windows CryptoNG provider (ciphers, hashes)
* Extend Apple CommonCrypto provider (HMAC, CMAC, RSA, ECDSA, ECDH)
* Add support for iOS keychain access
-* Extend support for TPM 2.0 (ECC keys, PCR, NVRAM, Policies, etc)
+* Extend support for TPM 2.0 (PCR, NVRAM, Policies, etc)
TLS
----------------------------------------
* Make DTLS support optional at build time
+* Make TLS 1.2 support optional at build time
* Improve/optimize DTLS defragmentation and retransmission
* Make RSA optional at build time
* Make finite field DH optional at build time
diff --git a/readme.rst b/readme.rst
index 807c3a1e4c..629f9e6299 100644
--- a/readme.rst
+++ b/readme.rst
@@ -84,7 +84,7 @@ Transport Layer Security (TLS) Protocol
encrypt-then-mac CBC, and extended master secret.
* Supports authentication using certificates or preshared keys (PSK)
* Supports record encryption with modern AEAD modes as well as legacy CBC ciphersuites.
-* TLS 1.3 supports post-quantum key exchange with Kyber and FrodoKEM
+* TLS 1.3 supports hybrid post-quantum key exchange with ML-KEM/Kyber and FrodoKEM
Public Key Infrastructure
----------------------------------------
@@ -100,10 +100,10 @@ Public Key Cryptography
----------------------------------------
* RSA signatures and encryption
-* DH and ECDH key agreement
+* DH, ECDH, X25519 and X448 key agreement
* Signature schemes ECDSA, DSA, Ed25519, Ed448, ECGDSA, ECKCDSA, SM2, GOST 34.10
* Post-quantum signature schemes ML-DSA (Dilithium), SLH-DSA (SPHINCS+), HSS/LMS, XMSS
-* Post-quantum key agreement schemes ML-KEM (Kyber), McEliece, and FrodoKEM
+* Post-quantum key encapsulation schemes ML-KEM (Kyber), FrodoKEM, McEliece
* ElGamal encryption
* Padding schemes OAEP, PSS, PKCS #1 v1.5, X9.31
@@ -117,6 +117,7 @@ Ciphers, hashes, MACs, and checksums
* Stream ciphers (X)ChaCha20, (X)Salsa20, SHAKE-128, RC4
* Hash functions SHA-1, SHA-2, SHA-3, MD5, RIPEMD-160, BLAKE2b/BLAKE2s,
Skein-512, SM3, Streebog, Whirlpool
+* eXtendable Output Functions (XOFs) SHAKE-128, SHAKE-256
* Password hashing schemes PBKDF2, Argon2, Scrypt, bcrypt
* Authentication codes HMAC, CMAC, Poly1305, KMAC, SipHash, GMAC, X9.19 DES-MAC
* Non-cryptographic checksums Adler32, CRC24, CRC32
diff --git a/src/lib/utils/types.h b/src/lib/utils/types.h
index 4d08213425..244be848d3 100644
--- a/src/lib/utils/types.h
+++ b/src/lib/utils/types.h
@@ -61,7 +61,7 @@ namespace Botan {
* Public Key Signature Schemes
* @ref dsa.h "DSA", @ref dilithium.h "ML-DSA/Dilithium", @ref ecdsa.h "ECDSA", @ref ecgdsa.h "ECGDSA",
* @ref eckcdsa.h "ECKCDSA", @ref gost_3410.h "GOST 34.10-2001", @ref hss_lms.h "HSS/LMS", @ref sm2.h "SM2",
- @ref sphincsplus.h "SPHINCS+", @ref xmss.h "XMSS"
+ @ref sphincsplus.h "SLH-DSA/SPHINCS+", @ref xmss.h "XMSS"
* Key Agreement
* @ref dh.h "DH", @ref ecdh.h "ECDH"
* Compression