diff --git a/docs/architecture/psa-migration/outcome-analysis.sh b/docs/architecture/psa-migration/outcome-analysis.sh
index 1b23acf633..6aab6bd04b 100755
--- a/docs/architecture/psa-migration/outcome-analysis.sh
+++ b/docs/architecture/psa-migration/outcome-analysis.sh
@@ -15,9 +15,9 @@
 #   justified, and a github issue is created to track it.
 #
 # WARNING: this script checks out a commit other than the head of the current
-# branch; it checks out the current branch again when running sucessfully,
+# branch; it checks out the current branch again when running successfully,
 # but while the script is running, or if it terminates early in error, you
-# should be aware that yu might be at a different commit than expected.
+# should be aware that you might be at a different commit than expected.
 #
 # NOTE: This is only an example/template script, you should make a copy and
 # edit it to suit your needs. The part that needs editing is at the top.
diff --git a/docs/architecture/psa-migration/strategy.md b/docs/architecture/psa-migration/strategy.md
index d434a0ac02..883fd42a87 100644
--- a/docs/architecture/psa-migration/strategy.md
+++ b/docs/architecture/psa-migration/strategy.md
@@ -294,12 +294,12 @@ available, and "falling back" to PSA only if it's not. The compile-time
 dependency changes from the current one (say, `MD_C` or `AES_C`) to "the
 previous dependency OR PSA Crypto with needed algorithms". When building
 without software implementation, users need to call `psa_crypto_init()` before
-calling any function from these modules. This condition does constitute a
-break of backwards compability, as it was previously impossible to build in
+calling any function from these modules. This condition does not constitute a
+break of backwards compatibility, as it was previously impossible to build in
 those configurations, and in configurations were the build was possible,
-application code keeps working unchanged. An incomplete example of applying
-this strategy, for RSA PKCS#1 v2.1, is here:
-<https://github.com/mpg/mbedtls/pull/4>.
+application code keeps working unchanged. An work-in-progress example of
+applying this strategy, for RSA PKCS#1 v2.1, is here:
+<https://github.com/Mbed-TLS/mbedtls/pull/6141>
 
 There is a problem with the modules used for the PSA RNG, as currently the RNG
 is initialized before drivers and the key store. This part will need further
@@ -354,7 +354,7 @@ It should be noted that there are currently:
 `MBEDTLS_PSA_CRYPTO_CONFIG`, `mbedtls_config.h` + `psa/crypto_config.h`).
 
 As a result, we need more families of dependency macros than we'd like to.
-This is a temporary situation until we move to a place where everthing is
+This is a temporary situation until we move to a place where everything is
 based on PSA Crypto. In the meantime, long and explicit names where chosen for
 the new macros in the hope of avoiding confusion.
 
diff --git a/library/legacy_or_psa.h b/library/legacy_or_psa.h
index 184e1390c9..e645c2431f 100644
--- a/library/legacy_or_psa.h
+++ b/library/legacy_or_psa.h
@@ -55,7 +55,7 @@
  * - feature is expressed the same way as in PSA_WANT macros, for example:
  *   KEY_TYPE_AES, ALG_SHA_256, ECC_SECP_R1_256;
  * - legacy is either LOWLEVEL or the name of the layer: MD, CIPHER;
- * - condition is ommitted if it's based on availability, else it's
+ * - condition is omitted if it's based on availability, else it's
  *   BASED_ON_USE_PSA.
  *
  * Coming back to the examples above: