Corrections of the migration guide from the code review.

Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>

docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md

@@ -1,9 +1,16 @@
 Deprecated functions were removed from AES
 ------------------------------------------
 
-The functions `mbedtls_aes_encrypt()` and `mbedtls_aes_decrypt()` were removed.
+The functions `mbedtls_aes_encrypt()` and `mbedtls_aes_decrypt()` were
-Please use `mbedtls_internal_aes_encrypt()` and `mbedtls_internal_aes_decrypt()`
+removed.
-respectively.
+
+If you're simply using the AES module, you should be calling the higher-level
+functions `mbedtls_aes_crypt_xxx()`.
+
+If you're providing an alternative implementation using
+`MBEDTLS_AES_ENCRYPT_ALT` or `MBEDTLS_AES_DECRYPT_ALT`, you should be
+replacing the removed functions with `mbedtls_internal_aes_encrypt()` and
+`mbedtls_internal_aes_decrypt()` respectively.
 
 Deprecated functions were removed from bignum
 ---------------------------------------------
@@ -20,7 +27,7 @@ The functions `mbedtls_cipher_auth_encrypt()` and
 `mbedtls_cipher_auth_encrypt_ext()` and `mbedtls_cipher_auth_decrypt_ext()`
 respectively which additionally support key wrapping algorithms such as
 NIST_KW.
-    
+
 Deprecated functions were removed from DRBGs
 --------------------------------------------
 
@@ -39,11 +46,11 @@ respectively.
 Deprecated functions were removed from SSL
 ------------------------------------------
 
-The functions `mbedtls_ssl_conf_dh_param()` and
+The function `mbedtls_ssl_conf_dh_param()` was removed. Please use
-`mbedtls_ssl_get_max_frag_len()` were removed. Please use
+`mbedtls_ssl_conf_dh_param_bin()` or `mbedtls_ssl_conf_dh_param_ctx()` instead.
-`mbedtls_ssl_conf_dh_param_bin()` or `mbedtls_ssl_conf_dh_param_ctx()` and
-`mbedtls_ssl_get_output_max_frag_len()` instead.
 
+The function `mbedtls_ssl_get_max_frag_len()` was removed. Please use
+`mbedtls_ssl_get_output_max_frag_len()` instead.
 
 Deprecated hex-encoded primes were removed from DHM
 ---------------------------------------------------
@@ -52,13 +59,14 @@ The macros `MBEDTLS_DHM_RFC5114_MODP_2048_P`, `MBEDTLS_DHM_RFC5114_MODP_2048_G`,
 `MBEDTLS_DHM_RFC3526_MODP_2048_P`, `MBEDTLS_DHM_RFC3526_MODP_2048_G`,
 `MBEDTLS_DHM_RFC3526_MODP_3072_P`, `MBEDTLS_DHM_RFC3526_MODP_3072_G`,
 `MBEDTLS_DHM_RFC3526_MODP_4096_P `and `MBEDTLS_DHM_RFC3526_MODP_4096_G` were
-removed. The hex-encoded primes from RFC 5114 are deprecated because their 
+removed. The primes from RFC 5114 are deprecated because their derivation is not
-derivation is not documented and therefore their usage constitutes a security 
+documented and therefore their usage constitutes a security risk; they are fully
-risk. They are removed from the library without replacement.
+removed from the library. Please use parameters from RFC3526 (still in the
+library, only in binary form) or RFC 7919 (also available in the library) or
+other trusted sources instead.
 
 Deprecated net.h file was removed
 ---------------------------------
 
 The file `include/mbedtls/net.h` was removed because its only function was to
 include `mbedtls/net_sockets.h` which now should be included directly.
-