diff --git a/mu4e/mu4e-main.el b/mu4e/mu4e-main.el
index 39275d98..a577c087 100644
--- a/mu4e/mu4e-main.el
+++ b/mu4e/mu4e-main.el
@@ -147,7 +147,7 @@ clicked."
 (defun mu4e~key-val (key val &optional unit)
   "Return a key / value pair."
   (concat
-   "        * "
+   "\t* "
    (propertize (format "%-20s" key) 'face 'mu4e-header-title-face)
    ": "
    (propertize val 'face 'mu4e-header-key-face)
diff --git a/mu4e/mu4e.texi b/mu4e/mu4e.texi
index fa0b58a2..1912cbe0 100644
--- a/mu4e/mu4e.texi
+++ b/mu4e/mu4e.texi
@@ -1510,8 +1510,6 @@ requires @t{mu} to have been build with crypto-support; see the
 signatures. For signing/encrypting messages your outgoing messages, see
 @ref{Signing and encrypting}.
 
-Currently, only PGP/MIME is supported; PGP-inline and S/MIME are not.
-
 For all of this to work, @command{gpg-agent} must be running, and it
 must set the environment variable @t{GPG_AGENT_INFO}. You can check from
 Emacs with @key{M-x getenv GPG_AGENT_INFO}.
@@ -1526,6 +1524,11 @@ $ eval $(gpg-agent --daemon)
 @noindent
 This starts the daemon, and sets the environment variable.
 
+Some users have reported problems with certain S/MIME-signed messages
+where mu checks if the certificate has been revoked. This can be
+avoided by adding @t{disable-crl-checks} to @t{~/.gnupg/gpgsm.conf};
+alternatively, you could use the gnus-based viewer.
+
 @subsection Decryption
 @anchor{Decryption}