diff --git a/src/gssapi_mechanism_base.hpp b/src/gssapi_mechanism_base.hpp
index 382cde92..3bdb1a1b 100644
--- a/src/gssapi_mechanism_base.hpp
+++ b/src/gssapi_mechanism_base.hpp
@@ -30,8 +30,9 @@ namespace zmq
     class msg_t;
 
     /// Commonalities between clients and servers are captured here.
-    /// For example, clients and server both need to produce and
-    /// process INITIATE and MESSAGE commands.
+    /// For example, clients and servers both need to produce and
+    /// process context-level GSSAPI tokens (via INITIATE commands)
+    /// and per-message GSSAPI tokens (via MESSAGE commands).
     class gssapi_mechanism_base_t
     {
     public:
@@ -39,51 +40,60 @@ namespace zmq
         virtual ~gssapi_mechanism_base_t () = 0;
 
     protected:
-        /// Produce an INITIATE during security context initialization
+        //  Produce a context-level GSSAPI token (INITIATE command)
+        //  during security context initialization.
         int produce_initiate (msg_t *msg_, void *data_, size_t data_len_);
-        /// Process an INITIATE during  security context initialization
+        
+        //  Process a context-level GSSAPI token (INITIATE command)
+        //  during security context initialization.
         int process_initiate (msg_t *msg_, void **data_, size_t &data_len_);
-        /// Encode a MESSAGE using the established security context
+        
+        //  Encode a per-message GSSAPI token (MESSAGE command) using
+        //  the established security context.
         int encode_message (msg_t *msg_);
-        /// Decode a MESSAGE using the established security context
+        
+        //  Decode a per-message GSSAPI token (MESSAGE command) using
+        //  the  established security context.
         int decode_message (msg_t *msg_);
-        /// Acquire security context credentials
+        
+        //  Acquire security context credentials from the
+        //  underlying mechanism.
         static int acquire_credentials (char * service_name_,
                                         gss_cred_id_t * cred_);
 
     protected:
-        /// Opaque GSSAPI token for outgoing data
+        //  Opaque GSSAPI token for outgoing data
         gss_buffer_desc send_tok;
         
-        /// Opaque GSSAPI token for incoming data
+        //  Opaque GSSAPI token for incoming data
         gss_buffer_desc recv_tok;
         
-        /// Opaque GSSAPI representation of service_name
+        //  Opaque GSSAPI representation of service_name
         gss_name_t target_name;
         
-        /// Human-readable service principal name
+        //  Human-readable service principal name
         char * service_name;
 
-        /// Status code returned by GSSAPI functions
+        //  Status code returned by GSSAPI functions
         OM_uint32 maj_stat;
 
-        /// Status code returned by the underlying mechanism
+        //  Status code returned by the underlying mechanism
         OM_uint32 min_stat;
 
-        /// Status code returned by the underlying mechanism
-        /// during context initialization
+        //  Status code returned by the underlying mechanism
+        //  during context initialization
         OM_uint32 init_sec_min_stat;
 
-        /// Flags returned by GSSAPI (ignored)
+        //  Flags returned by GSSAPI (ignored)
         OM_uint32 ret_flags;
         
-        /// Flags returned by GSSAPI (ignored)
+        //  Flags returned by GSSAPI (ignored)
         OM_uint32 gss_flags;
         
-        /// Credentials used to establish security context
+        //  Credentials used to establish security context
         gss_cred_id_t cred;
 
-        /// Opaque GSSAPI representation of the security context
+        //  Opaque GSSAPI representation of the security context
         gss_ctx_id_t context;
     };