apple
diff --git a/‎Sources/X509/CryptographicMessageSyntax/CMSSignerIdentifier.swift
+1-1 b/‎Sources/X509/CryptographicMessageSyntax/CMSSignerIdentifier.swift
+1-1
diff --git a/‎Sources/X509/Docs.docc/Creating Certificates.md
+9-9 b/‎Sources/X509/Docs.docc/Creating Certificates.md
+9-9
diff --git a/‎Sources/X509/Docs.docc/Examining Certificates.md
+19-19 b/‎Sources/X509/Docs.docc/Examining Certificates.md
+19-19
diff --git a/‎Sources/X509/Docs.docc/index.md
+8-8 b/‎Sources/X509/Docs.docc/index.md
+8-8
diff --git a/‎Sources/X509/Extension Types/AuthorityInformationAccess.swift
+49-51 b/‎Sources/X509/Extension Types/AuthorityInformationAccess.swift
+49-51
@@ -25,7 +25,7 @@ enum CMSSignerIdentifier: DERParseable, DERSerializable, Hashable {
     private static let skiIdentifier = ASN1Identifier(tagWithNumber: 0, tagClass: .contextSpecific)
 
     case issuerAndSerialNumber(CMSIssuerAndSerialNumber)
-    case subjectKeyIdentifier(Certificate.Extensions.SubjectKeyIdentifier)
+    case subjectKeyIdentifier(SubjectKeyIdentifier)
 
     init(derEncoded node: ASN1Node) throws {
         switch node.identifier {
 
@@ -84,22 +84,22 @@ certificate. For self-signed certificates, the issuer and the subject are identi
 The bulk of the semantic information in a certificate is contained in its extensions. For our case, we care about only a small
 few.
 
-We need ``Certificate/Extensions-swift.struct/BasicConstraints-swift.enum`` to be present, and set to
-`isCertificateAuthority`. We also need ``Certificate/Extensions-swift.struct/KeyUsage-swift.struct`` with the appropriate bits
-set. Finally, we want to set ``Certificate/Extensions-swift.struct/SubjectAlternativeNames-swift.struct`` to include the domain
+We need ``BasicConstraints`` to be present, and set to
+`isCertificateAuthority`. We also need ``KeyUsage`` with the appropriate bits
+set. Finally, we want to set ``SubjectAlternativeNames`` to include the domain
 name we're going to be self-signing for, which in this case we'll set to `localhost`.
 
 We can use the helpful builder syntax for this:
 
 ```swift
 let extensions = try Certificate.Extensions {
     Critical(
-        Certificate.Extensions.BasicConstraints.isCertificateAuthority(maxPathLength: nil)
+        BasicConstraints.isCertificateAuthority(maxPathLength: nil)
     )
     Critical(
-        Certificate.Extensions.KeyUsage(digitalSignature: true, keyCertSign: true)
+        KeyUsage(digitalSignature: true, keyCertSign: true)
     )
-    Certificate.Extensions.SubjectAlternativeNames([.dNSName("localhost")])
+    SubjectAlternativeNames([.dNSName("localhost")])
 }
 ```
 
@@ -152,12 +152,12 @@ let now = Date()
 
 let extensions = try Certificate.Extensions {
     Critical(
-        Certificate.Extensions.BasicConstraints.isCertificateAuthority(maxPathLength: nil)
+        BasicConstraints.isCertificateAuthority(maxPathLength: nil)
     )
     Critical(
-        Certificate.Extensions.KeyUsage(keyCertSign: true)
+        KeyUsage(keyCertSign: true)
     )
-    Certificate.Extensions.SubjectAlternativeNames([.dNSName("localhost")])
+    SubjectAlternativeNames([.dNSName("localhost")])
 }
 
 let certificate = try Certificate(
 
@@ -99,22 +99,22 @@ bytes in an extension, as well as wrap themselves back into the opaque ``Certifi
 
 Out of the box, ``X509`` ships support for the following extension types:
 
-- ``Certificate/Extensions-swift.struct/AuthorityInformationAccess-swift.struct``
-- ``Certificate/Extensions-swift.struct/AuthorityKeyIdentifier-swift.struct``
-- ``Certificate/Extensions-swift.struct/BasicConstraints-swift.enum``
-- ``Certificate/Extensions-swift.struct/ExtendedKeyUsage-swift.struct``
-- ``Certificate/Extensions-swift.struct/KeyUsage-swift.struct``
-- ``Certificate/Extensions-swift.struct/NameConstraints-swift.struct``
-- ``Certificate/Extensions-swift.struct/SubjectAlternativeNames-swift.struct``
-- ``Certificate/Extensions-swift.struct/SubjectKeyIdentifier-swift.struct``
+- ``AuthorityInformationAccess``
+- ``AuthorityKeyIdentifier``
+- ``BasicConstraints``
+- ``ExtendedKeyUsage``
+- ``KeyUsage``
+- ``NameConstraints``
+- ``SubjectAlternativeNames``
+- ``SubjectKeyIdentifier``
 
 To decode an extension usually requires examining its ``Certificate/Extension/oid`` field. For example, to search
-for the ``Certificate/Extensions-swift.struct/SubjectAlternativeNames-swift.struct``, the typical code would be:
+for the ``SubjectAlternativeNames``, the typical code would be:
 
 ```swift
 let opaqueSANExtension = certificate.extensions.first(where: { $0.oid == .X509ExtensionID.subjectAlternativeName })
 if let opaqueSanExtension {
-    let unwrappedSanExtension = try Certificate.Extensions.SubjectAlternativeName(opaqueSanExtension)
+    let unwrappedSanExtension = try SubjectAlternativeName(opaqueSanExtension)
 }
 ```
 
@@ -123,21 +123,21 @@ to search for a specific extension. The above code could be replaced by:
 
 ```swift
 if let opaqueSanExtension = certificate.extensions[oid: .X509ExtensionID.subjectAlternativeName] {
-    let unwrappedSanExtension = try Certificate.Extensions.SubjectAlternativeName(opaqueSanExtension)
+    let unwrappedSanExtension = try SubjectAlternativeName(opaqueSanExtension)
 }
 ```
 
 This pattern is itself still somewhat repetitive, so ``Certificate/Extensions-swift.struct`` offers a number of helper properties
 that can be used to get a specific typed extension:
 
-- ``Certificate/Extensions-swift.struct/authorityInformationAccess-swift.property``
-- ``Certificate/Extensions-swift.struct/authorityKeyIdentifier-swift.property``
-- ``Certificate/Extensions-swift.struct/basicConstraints-swift.property``
-- ``Certificate/Extensions-swift.struct/extendedKeyUsage-swift.property``
-- ``Certificate/Extensions-swift.struct/keyUsage-swift.property``
-- ``Certificate/Extensions-swift.struct/nameConstraints-swift.property``
-- ``Certificate/Extensions-swift.struct/subjectAlternativeNames-swift.property``
-- ``Certificate/Extensions-swift.struct/subjectKeyIdentifier-swift.property``
+- ``Certificate/Extensions-swift.struct/authorityInformationAccess``
+- ``Certificate/Extensions-swift.struct/authorityKeyIdentifier``
+- ``Certificate/Extensions-swift.struct/basicConstraints``
+- ``Certificate/Extensions-swift.struct/extendedKeyUsage``
+- ``Certificate/Extensions-swift.struct/keyUsage``
+- ``Certificate/Extensions-swift.struct/nameConstraints``
+- ``Certificate/Extensions-swift.struct/subjectAlternativeNames``
+- ``Certificate/Extensions-swift.struct/subjectKeyIdentifier``
 
 This lets us reduce the above code to a single line:
 
 
@@ -47,14 +47,14 @@ certificate authorities, authenticating peers, and more.
 
 ### Supported Extension Types
 
-- ``Certificate/Extensions-swift.struct/AuthorityInformationAccess-swift.struct``
-- ``Certificate/Extensions-swift.struct/AuthorityKeyIdentifier-swift.struct``
-- ``Certificate/Extensions-swift.struct/BasicConstraints-swift.enum``
-- ``Certificate/Extensions-swift.struct/ExtendedKeyUsage-swift.struct``
-- ``Certificate/Extensions-swift.struct/KeyUsage-swift.struct``
-- ``Certificate/Extensions-swift.struct/NameConstraints-swift.struct``
-- ``Certificate/Extensions-swift.struct/SubjectAlternativeNames-swift.struct``
-- ``Certificate/Extensions-swift.struct/SubjectKeyIdentifier-swift.struct``
+- ``AuthorityInformationAccess``
+- ``AuthorityKeyIdentifier``
+- ``BasicConstraints``
+- ``ExtendedKeyUsage``
+- ``KeyUsage``
+- ``NameConstraints``
+- ``SubjectAlternativeNames``
+- ``SubjectKeyIdentifier``
 - ``Critical``
 
 ### Names
 
@@ -14,55 +14,53 @@
 
 import SwiftASN1
 
-extension Certificate.Extensions {
-    /// Provides details on how to access information about the certificate issuer.
-    ///
-    /// This extension behaves as a collection of ``Certificate/Extensions-swift.struct/AuthorityInformationAccess-swift.struct/AccessDescription`` objects.
+/// Provides details on how to access information about the certificate issuer.
+///
+/// This extension behaves as a collection of ``AuthorityInformationAccess/AccessDescription`` objects.
+///
+/// In practice this most commonly contains OCSP servers and links to the issuing CA certificate.
+public struct AuthorityInformationAccess {
+    @usableFromInline
+    var descriptions: [AccessDescription]
+
+    /// Create a new ``AuthorityInformationAccess/`` object
+    /// containing specific access descriptions.
     ///
-    /// In practice this most commonly contains OCSP servers and links to the issuing CA certificate.
-    public struct AuthorityInformationAccess {
-        @usableFromInline
-        var descriptions: [AccessDescription]
+    /// - Parameter descriptions: The descriptions to include in the AIA extension.
+    @inlinable
+    public init<Descriptions: Sequence>(_ descriptions: Descriptions) where Descriptions.Element == AccessDescription {
+        self.descriptions = Array(descriptions)
+    }
 
-        /// Create a new ``Certificate/Extensions-swift.struct/AuthorityInformationAccess-swift.struct/`` object
-        /// containing specific access descriptions.
-        ///
-        /// - Parameter descriptions: The descriptions to include in the AIA extension.
-        @inlinable
-        public init<Descriptions: Sequence>(_ descriptions: Descriptions) where Descriptions.Element == AccessDescription {
-            self.descriptions = Array(descriptions)
+    /// Create a new ``AuthorityInformationAccess`` object
+    /// by unwrapping a ``Certificate/Extension``.
+    ///
+    /// - Parameter ext: The ``Certificate/Extension`` to unwrap
+    /// - Throws: if the ``Certificate/Extension/oid`` is not equal to
+    ///     `ASN1ObjectIdentifier.X509ExtensionID.authorityInformationAccess`.
+    @inlinable
+    public init(_ ext: Certificate.Extension) throws {
+        guard ext.oid == .X509ExtensionID.authorityInformationAccess else {
+            throw CertificateError.incorrectOIDForExtension(reason: "Expected \(ASN1ObjectIdentifier.X509ExtensionID.authorityInformationAccess), got \(ext.oid)")
         }
 
-        /// Create a new ``Certificate/Extensions-swift.struct/AuthorityInformationAccess-swift.struct`` object
-        /// by unwrapping a ``Certificate/Extension``.
-        ///
-        /// - Parameter ext: The ``Certificate/Extension`` to unwrap
-        /// - Throws: if the ``Certificate/Extension/oid`` is not equal to
-        ///     `ASN1ObjectIdentifier.X509ExtensionID.authorityInformationAccess`.
-        @inlinable
-        public init(_ ext: Certificate.Extension) throws {
-            guard ext.oid == .X509ExtensionID.authorityInformationAccess else {
-                throw CertificateError.incorrectOIDForExtension(reason: "Expected \(ASN1ObjectIdentifier.X509ExtensionID.authorityInformationAccess), got \(ext.oid)")
-            }
-
-            let aiaSyntax = try AuthorityInfoAccessSyntax(derEncoded: ext.value)
-            self.descriptions = aiaSyntax.descriptions.map { AccessDescription($0) }
-        }
+        let aiaSyntax = try AuthorityInfoAccessSyntax(derEncoded: ext.value)
+        self.descriptions = aiaSyntax.descriptions.map { AccessDescription($0) }
     }
 }
 
-extension Certificate.Extensions.AuthorityInformationAccess: Hashable { }
+extension AuthorityInformationAccess: Hashable { }
 
-extension Certificate.Extensions.AuthorityInformationAccess: Sendable { }
+extension AuthorityInformationAccess: Sendable { }
 
-extension Certificate.Extensions.AuthorityInformationAccess: CustomStringConvertible {
+extension AuthorityInformationAccess: CustomStringConvertible {
     public var description: String {
         return self.map { String(describing: $0) }.joined(separator: ", ")
     }
 }
 
 // TODO(cory): Probably also RangeReplaceableCollection, even though it's kinda crap.
-extension Certificate.Extensions.AuthorityInformationAccess: RandomAccessCollection {
+extension AuthorityInformationAccess: RandomAccessCollection {
     @inlinable
     public var startIndex: Int {
         self.descriptions.startIndex
@@ -85,7 +83,7 @@ extension Certificate.Extensions.AuthorityInformationAccess: RandomAccessCollect
     }
 }
 
-extension Certificate.Extensions.AuthorityInformationAccess {
+extension AuthorityInformationAccess {
     /// Describes the location and format of additional information provided
     /// by the issuer of a given certificate.
     public struct AccessDescription {
@@ -95,7 +93,7 @@ extension Certificate.Extensions.AuthorityInformationAccess {
         /// The location where the information may be found.
         public var location: GeneralName
 
-        /// Construct a new ``Certificate/Extensions-swift.struct/AuthorityInformationAccess-swift.struct/AccessDescription`` from constituent parts.
+        /// Construct a new ``AuthorityInformationAccess/AccessDescription`` from constituent parts.
         @inlinable
         public init(method: AccessMethod, location: GeneralName) {
             self.method = method
@@ -110,19 +108,19 @@ extension Certificate.Extensions.AuthorityInformationAccess {
     }
 }
 
-extension Certificate.Extensions.AuthorityInformationAccess.AccessDescription: Hashable { }
+extension AuthorityInformationAccess.AccessDescription: Hashable { }
 
-extension Certificate.Extensions.AuthorityInformationAccess.AccessDescription: Sendable { }
+extension AuthorityInformationAccess.AccessDescription: Sendable { }
 
-extension Certificate.Extensions.AuthorityInformationAccess.AccessDescription: CustomStringConvertible {
+extension AuthorityInformationAccess.AccessDescription: CustomStringConvertible {
     public var description: String {
         return "\(self.method): \(self.location)"
     }
 }
 
-extension Certificate.Extensions.AuthorityInformationAccess.AccessDescription {
+extension AuthorityInformationAccess.AccessDescription {
     /// The format and meaning of the information included in a single
-    /// ``Certificate/Extensions-swift.struct/AuthorityInformationAccess-swift.struct/AccessDescription``
+    /// ``AuthorityInformationAccess/AccessDescription``
     /// object.
     public struct AccessMethod {
         @usableFromInline
@@ -160,11 +158,11 @@ extension Certificate.Extensions.AuthorityInformationAccess.AccessDescription {
     }
 }
 
-extension Certificate.Extensions.AuthorityInformationAccess.AccessDescription.AccessMethod: Hashable { }
+extension AuthorityInformationAccess.AccessDescription.AccessMethod: Hashable { }
 
-extension Certificate.Extensions.AuthorityInformationAccess.AccessDescription.AccessMethod: Sendable { }
+extension AuthorityInformationAccess.AccessDescription.AccessMethod: Sendable { }
 
-extension Certificate.Extensions.AuthorityInformationAccess.AccessDescription.AccessMethod: CustomStringConvertible {
+extension AuthorityInformationAccess.AccessDescription.AccessMethod: CustomStringConvertible {
     @inlinable
     public var description: String {
         switch self.backing {
@@ -178,9 +176,9 @@ extension Certificate.Extensions.AuthorityInformationAccess.AccessDescription.Ac
     }
 }
 
-extension Certificate.Extensions.AuthorityInformationAccess.AccessDescription.AccessMethod.Backing: Hashable { }
+extension AuthorityInformationAccess.AccessDescription.AccessMethod.Backing: Hashable { }
 
-extension Certificate.Extensions.AuthorityInformationAccess.AccessDescription.AccessMethod.Backing: Sendable { }
+extension AuthorityInformationAccess.AccessDescription.AccessMethod.Backing: Sendable { }
 
 extension Certificate.Extension {
     /// Construct an opaque ``Certificate/Extension`` from this AIA extension.
@@ -189,15 +187,15 @@ extension Certificate.Extension {
     ///   - aia: The extension to wrap
     ///   - critical: Whether this extension should have the critical bit set.
     @inlinable
-    public init(_ aia: Certificate.Extensions.AuthorityInformationAccess, critical: Bool) throws {
+    public init(_ aia: AuthorityInformationAccess, critical: Bool) throws {
         let asn1Representation = AuthorityInfoAccessSyntax(aia)
         var serializer = DER.Serializer()
         try serializer.serialize(asn1Representation)
         self.init(oid: .X509ExtensionID.authorityInformationAccess, critical: critical, value: serializer.serializedBytes[...])
     }
 }
 
-extension Certificate.Extensions.AuthorityInformationAccess: CertificateExtensionConvertible {
+extension AuthorityInformationAccess: CertificateExtensionConvertible {
     public func makeCertificateExtension() throws -> Certificate.Extension {
         return try .init(self, critical: false)
     }
@@ -222,7 +220,7 @@ struct AuthorityInfoAccessSyntax: DERImplicitlyTaggable {
     var descriptions: [AIAAccessDescription]
 
     @inlinable
-    init(_ aia: Certificate.Extensions.AuthorityInformationAccess) {
+    init(_ aia: AuthorityInformationAccess) {
         self.descriptions = aia.descriptions.map { .init($0) }
     }
 
@@ -261,7 +259,7 @@ struct AIAAccessDescription: DERImplicitlyTaggable {
     }
 
     @inlinable
-    init(_ description: Certificate.Extensions.AuthorityInformationAccess.AccessDescription) {
+    init(_ description: AuthorityInformationAccess.AccessDescription) {
         self.accessMethod = ASN1ObjectIdentifier(accessMethod: description.method)
         self.accessLocation = description.location
     }
@@ -295,7 +293,7 @@ extension ASN1ObjectIdentifier {
     }
 
     @inlinable
-    public init(accessMethod: Certificate.Extensions.AuthorityInformationAccess.AccessDescription.AccessMethod) {
+    public init(accessMethod: AuthorityInformationAccess.AccessDescription.AccessMethod) {
         switch accessMethod.backing {
         case .ocspServer:
             self = .AccessMethodIdentifiers.ocspServer