Update docs

2 files changed, 6 insertions, 3 deletions

diff --git a/api-guide/authentication.html b/api-guide/authentication.html
index 2265deb1..f8e75399 100644
--- a/api-guide/authentication.html
+++ b/api-guide/authentication.html
@@ -186,6 +186,7 @@
 <li><a href="#django-oauth-toolkit">Django OAuth Toolkit</a></li>
 <li><a href="#django-oauth2-consumer">Django OAuth2 Consumer</a></li>
 <li><a href="#json-web-token-authentication">JSON Web Token Authentication</a></li>
+<li><a href="#hawk-http-authentication">Hawk HTTP Authentication</a></li>
 <li><a href="#http-signature-authentication">HTTP Signature Authentication</a></li>
 
               <div>
@@ -268,7 +269,7 @@ def example_view(request, format=None):
 <h2 id="apache-mod_wsgi-specific-configuration">Apache mod_wsgi specific configuration</h2>
 <p>Note that if deploying to <a href="http://code.google.com/p/modwsgi/wiki/ConfigurationDirectives#WSGIPassAuthorization">Apache using mod_wsgi</a>, the authorization header is not passed through to a WSGI application by default, as it is assumed that authentication will be handled by Apache, rather than at an application level.</p>
 <p>If you are deploying to Apache, and using any non-session based authentication, you will need to explicitly configure mod_wsgi to pass the required headers through to the application.  This can be done by specifying the <code>WSGIPassAuthorization</code> directive in the appropriate context and setting it to <code>'On'</code>.</p>
-<pre class="prettyprint lang-py"><code># this can go in either server config, virtual host, directory or .htaccess 
+<pre class="prettyprint lang-py"><code># this can go in either server config, virtual host, directory or .htaccess
 WSGIPassAuthorization On
 </code></pre>
 <hr />
@@ -285,7 +286,7 @@ WSGIPassAuthorization On
 </code></pre>
 <p><strong>Note:</strong> If you use <code>BasicAuthentication</code> in production you must ensure that your API is only available over <code>https</code>.  You should also ensure that your API clients will always re-request the username and password at login, and will never store those details to persistent storage.</p>
 <h2 id="tokenauthentication">TokenAuthentication</h2>
-<p>This authentication scheme uses a simple token-based HTTP Authentication scheme.  Token authentication is appropriate for client-server setups, such as native desktop and mobile clients. </p>
+<p>This authentication scheme uses a simple token-based HTTP Authentication scheme.  Token authentication is appropriate for client-server setups, such as native desktop and mobile clients.</p>
 <p>To use the <code>TokenAuthentication</code> scheme, include <code>rest_framework.authtoken</code> in your <code>INSTALLED_APPS</code> setting:</p>
 <pre class="prettyprint lang-py"><code>INSTALLED_APPS = (
     ...
@@ -482,6 +483,8 @@ class ExampleAuthentication(authentication.BaseAuthentication):
 <p>The <a href="https://github.com/Rediker-Software/doac">Django OAuth2 Consumer</a> library from <a href="https://github.com/Rediker-Software">Rediker Software</a> is another package that provides <a href="https://github.com/Rediker-Software/doac/blob/master/docs/integrations.md#">OAuth 2.0 support for REST framework</a>.  The package includes token scoping permissions on tokens, which allows finer-grained access to your API.</p>
 <h2 id="json-web-token-authentication">JSON Web Token Authentication</h2>
 <p>JSON Web Token is a fairly new standard which can be used for token-based authentication. Unlike the built-in TokenAuthentication scheme, JWT Authentication doesn't need to use a database to validate a token. <a href="https://github.com/GetBlimp">Blimp</a> maintains the <a href="https://github.com/GetBlimp/django-rest-framework-jwt">djangorestframework-jwt</a> package which provides a JWT Authentication class as well as a mechanism for clients to obtain a JWT given the username and password.</p>
+<h2 id="hawk-http-authentication">Hawk HTTP Authentication</h2>
+<p>The <a href="http://hawkrest.readthedocs.org/en/latest/">HawkREST</a> library builds on the <a href="http://mohawk.readthedocs.org/en/latest/">Mohawk</a> library to let you work with <a href="https://github.com/hueniverse/hawk">Hawk</a> signed requests and responses in your API. <a href="https://github.com/hueniverse/hawk">Hawk</a> lets two parties securely communicate with each other using messages signed by a shared key. It is based on <a href="http://tools.ietf.org/html/draft-hammer-oauth-v2-mac-token-05">HTTP MAC access authentication</a> (which was based on parts of <a href="http://oauth.net/core/1.0a">OAuth 1.0</a>).</p>
 <h2 id="http-signature-authentication">HTTP Signature Authentication</h2>
 <p>HTTP Signature (currently a <a href="https://datatracker.ietf.org/doc/draft-cavage-http-signatures/">IETF draft</a>) provides a way to achieve origin authentication and message integrity for HTTP messages. Similar to <a href="http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html">Amazon's HTTP Signature scheme</a>, used by many of its services, it permits stateless, per-request authentication. <a href="https://github.com/etoccalino/">Elvio Toccalino</a> maintains the <a href="https://github.com/etoccalino/django-rest-framework-httpsignature">djangorestframework-httpsignature</a> package which provides an easy to use HTTP Signature Authentication mechanism.</p>
           </div><!--/span-->
diff --git a/api-guide/serializers.html b/api-guide/serializers.html
index 97cff7b8..2536b149 100644
--- a/api-guide/serializers.html
+++ b/api-guide/serializers.html
@@ -332,7 +332,7 @@ class EventSerializer(serializers.Serializer):
         """
         Check that the start is before the stop.
         """
-        if attrs['start'] &lt; attrs['finish']:
+        if attrs['start'] &gt; attrs['finish']:
             raise serializers.ValidationError("finish must occur after start")
         return attrs
 </code></pre>