diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/DETAILS | 22 | ||||
| -rw-r--r-- | doc/FAQ | 34 | ||||
| -rw-r--r-- | doc/HACKING | 10 | ||||
| -rw-r--r-- | doc/OpenPGP | 6 | ||||
| -rw-r--r-- | doc/gpg.1pod | 8 | ||||
| -rw-r--r-- | doc/manual.sgml | 8 |
6 files changed, 44 insertions, 44 deletions
diff --git a/doc/DETAILS b/doc/DETAILS index 346e809af..5e765728d 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -45,7 +45,7 @@ Format of the "--status-fd" output Every line is prefixed with "[GNUPG:] ", followed by a keyword with the type of the status line and a some arguments depending on the type (maybe none); an application should always be prepared to see -more argumnents in future versions. +more arguments in future versions. GOODSIG <long keyid> <username> @@ -57,12 +57,12 @@ more argumnents in future versions. ERRSIG It was not possible to check the signature. This may be caused by a missing public key or an unsupported algorithm. - No argumens yet. + No argument yet. VALIDSIG <fingerprint in hex> The signature with the keyid is good. This is the same as GOODSIG but has the fingerprint as the argument. Both - status lines ere emmited for a good signature. + status lines ere emitted for a good signature. TRUST_UNDEFINED TRUST_NEVER @@ -70,7 +70,7 @@ more argumnents in future versions. TRUST_FULLY TRUST_ULTIMATE For good signatures one of these status lines are emitted - to indicate how trustworthy the signatur is. No arguments yet. + to indicate how trustworthy the signature is. No arguments yet. SIGEXPIRED The signature key has expired. No arguments yet. @@ -158,7 +158,7 @@ Record type 1: 1 u32 first free record 1 u32 record number of shadow directory hash table It does not make sense to combine this table with the key table - becuase the keyid is not in every case a part of the fingerprint. + because the keyid is not in every case a part of the fingerprint. 4 bytes reserved for version extension record @@ -283,7 +283,7 @@ Record type 9: (cache record) 20 bytes rmd160 hash value over the complete keyblock This is used to detect any changes of the keyblock with all CTBs and lengths headers. Calculation is easy if the keyblock - is optained from a keyserver: simply create the hash from all + is obtained from a keyserver: simply create the hash from all received data bytes. 1 byte number of untrusted signatures. @@ -323,14 +323,14 @@ Record Type 10 (hash table) n = (reclen-2)/4 which yields 9 for the current record length of 40 bytes. - the total number of surch record which makes up the table is: + the total number of such record which makes up the table is: m = (256+n-1) / n which is 29 for a record length of 40. To look up a key we use the first byte of the fingerprint to get the recnum from this hashtable and look up the addressed record: - If this record is another hashtable, we use 2nd byte - to index this hast table and so on. + to index this hash table and so on. - if this record is a hashlist, we walk all entries until we found one a matching one. - if this record is a key record, we compare the @@ -398,12 +398,12 @@ There is one enhancement used with the old style packet headers: + + It works like this: After the CTB (with a length field of 11) a + marker field is used, which gives the length of the following datablock. -+ This is a simple 2 byte field (MSB first) containig the amount of data ++ This is a simple 2 byte field (MSB first) containing the amount of data + following this field, not including this length field. After this datablock + another length field follows, which gives the size of the next datablock. + A value of 0 indicates the end of the packet. The maximum size of a + data block is limited to 65534, thereby reserving a value of 0xffff for -+ future extensions. These length markers must be insereted into the data ++ future extensions. These length markers must be inserted into the data + stream just before writing the data out. + + This 2 byte filed is large enough, because the application must buffer @@ -416,7 +416,7 @@ There is one enhancement used with the old style packet headers: Usage of gdbm files for keyrings ================================ - The key to store the keyblokc is it's fingerpint, other records + The key to store the keyblock is it's fingerprint, other records are used for secondary keys. fingerprints are always 20 bytes where 16 bit fingerprints are appded with zero. The first byte of the key gives some information on the type of the @@ -21,7 +21,7 @@ public key, and he would only be able to decrypt it by having the secret key and putting in the password to use his secret key. - GNUPG is also usefull for signing things. Things that are encrypted with + GNUPG is also useful for signing things. Things that are encrypted with the secret key can be decrypted with the public key. To sign something, a hash is taken of the data, and then the hash is in some form encoded with the secret @@ -38,23 +38,23 @@ You can 'conventionally' encrypt something by using the option 'gpg -c'. It is encrypted using a passphrase, and does not use public and secret keys. If the person you send the data to knows that passphrase, they can - decrypt it. This is usually most usefull for encrypting things to + decrypt it. This is usually most useful for encrypting things to yourself, although you can encrypt things to your own public key in the same way. It should be used for communication with partners you know and where it is easy to exchange the passphrases (e.g. with your boy friend or - your wife). The advantage is that you can chnage the passphrase from time - to time and decrease the risk, that many old messages may be decryptted by + your wife). The advantage is that you can change the passphrase from time + to time and decrease the risk, that many old messages may be decrypted by people who accidently got your passphrase. You can add and copy keys to and from your keyring with the 'gpg --import' and 'gpg --export' option. 'gpg --export-secret-keys' will export secret - keys. This is normally not usefull, but you can generate the key on one + keys. This is normally not useful, but you can generate the key on one machine then move it to another machine. Keys can be signed under the 'gpg --edit-key' option. When you sign a key, you are saying that you are certain that the key belongs to the person it says it comes from. You should be very sure that is really - taht person: You should verify the key fingerprint + that person: You should verify the key fingerprint gpg --fingerprint user-id @@ -69,7 +69,7 @@ Oh yeah, this is important. By default all data is encrypted in some weird binary format. If you want to have things appear in ascii text that is - readable, just add the '-a' option. But the preferred methos is to use + readable, just add the '-a' option. But the preferred method is to use a MIME aware mail reader (Mutt, Pine and many more). There is a small security glitch in the OpenPGP (and therefor GNUPG) system; @@ -80,7 +80,7 @@ Q: What is the recommended key size? A: 1024 bit for DSA signatures; even for plain ElGamal signatures this is sufficient as the size of the hash - is probably the weakest link if the keyssize is larger + is probably the weakest link if the keysize is larger than 1024 bits. Encryption keys may have greater sizes, but you should than check the fingerprint of this key. @@ -100,7 +100,7 @@ at least for decryption). To be better interoperable, GNUPG (starting with version 0.3.3) now also uses type 16 for the ElGamal subkey which is created if the default key algorithm - is choosen. You may add an type 16 ElGamal key to your public + is chosen. You may add an type 16 ElGamal key to your public key which is easy as your key signatures are still valid. Q: Why is PGP 5.x not able to verify my messages. @@ -109,14 +109,14 @@ data. Use the option "--force-v3-sigs" to generate V3 signatures for data. - Q: I can't delete a user id because it is already deleted on my + Q: I can't delete an user id because it is already deleted on my public keyring. A: Because you can only select from the public key ring, there is no direct way to do this. However it is not so complicated do to it anyway: Create a new user id with exactly the same name, you will notice that there are two identical user ids on the secret ring now. Now select this user id and delete it; both - user ids from the secret ring will be remoed. + user ids from the secret ring will be removed. Q: How can I encrypt a message in way pgp 2.x is able to decrypt it later? A: You can't do that because pgp 2.x normally uses IDEA which is not @@ -175,7 +175,7 @@ trustdb which holds a list of valid key signatures. If you are not running in batch mode you will be asked to assign a trust parameter (ownertrust) to a key. I have plans to use a cache for calculated - trust values to speed up calcualtion. + trust values to speed up calculation. You can see the validity (calculated trust value) using this command: @@ -202,19 +202,19 @@ the assigned value: - = No Ownertrust value yet assigned. - n = Never trust this keyholder to correctly verifiy others signatures. + n = Never trust this keyholder to correctly verify others signatures. m = Have marginal trust in the keyholders capability to sign other keys. f = Assume that the key holder really knows how to sign keys. u = No need to trust ourself because we have the secret key. - Please keep these values confidential, as they express some opiones of + Please keep these values confidential, as they express some opinions of you about others. PGP does store these information with the keyring, so it is not a good idea to publish the keyring instead of exporting the keyring - gnupg stores the trust in the trust-DB and therefor it is okay to give the keyring away (but we have a --export command too). - Q: What is the differenc between options and commands? + Q: What is the difference between options and commands? A: If you do a "gpg --help", you will get two separate lists. The first is a list of commands. The second is a list of options. Whenever you run GPG, you *must* pick exactly one command (**with one exception, see below). You *may* pick one @@ -266,7 +266,7 @@ Q: What kind of output is this: "key C26EE891.298, uid 09FB: ...."? - A: This is the internal representaion of a user id in the trustdb. + A: This is the internal representation of an user id in the trustdb. "C26EE891" is the keyid, "298" is the local id (a record number in the trustdb) and "09FB" are the last two bytes of a ripe-md-160 hash of the user id for this key. @@ -293,7 +293,7 @@ "uid 12345678.3456/ACDE" This is about the user ID for the same key; to identify the user ID the last two bytes of a ripe-md-160 over the user ID - tring is printed. + ring is printed. "sig 12345678.3456/ACDE/9A8B7C6D" This is about the signature with key ID 9A8B7C6D for the above key and user ID, if it is a signature which is direct diff --git a/doc/HACKING b/doc/HACKING index 01627fe14..17ac7426f 100644 --- a/doc/HACKING +++ b/doc/HACKING @@ -20,7 +20,7 @@ archive use: This service is provided to help you in hunting bugs and not to deliver stable snapshots; it may happen that it even does not compile, so please don't complain. CVS may put a high load on a server, so please don't poll -poll for new updates but wait for an anouncement; to receive this you may +poll for new updates but wait for an announcement; to receive this you may want to subscribe to: @@ -80,7 +80,7 @@ Directory Layout ---------------- ./ Readme, configure ./scripts Scripts needed by configure and others - ./doc Documentaion + ./doc Documentation ./util General purpose utility function ./mpi Multi precision integer library ./cipher Cryptographic functions @@ -121,7 +121,7 @@ Logging Option parsing --------------- GNUPG does not use getopt or GNU getopt but functions of it's own. See -util/argparse.c for details. The advantage of these funtions is that +util/argparse.c for details. The advantage of these functions is that it is more easy to display and maintain the help texts for the options. The same option table is also used to parse resource files. @@ -129,7 +129,7 @@ The same option table is also used to parse resource files. What is an iobuf ---------------- -This is the data structure used for most I/O of gnupg. It is similiar +This is the data structure used for most I/O of gnupg. It is similar to System V Streams but much simpler. It should be replaced by a cleaner and faster implementation. We are doing to much copying and the semantics of "filter" removing are not very clean. EOF handling is also a problem. @@ -138,7 +138,7 @@ of "filter" removing are not very clean. EOF handling is also a problem. How to use the message digest functions --------------------------------------- -cipher/md.c implements an interface to hash (message diesgt functions). +cipher/md.c implements an interface to hash (message digest functions). a) If you have a common part of data and some variable parts and you need to hash of the concatenated parts, you can use this: diff --git a/doc/OpenPGP b/doc/OpenPGP index 1ae4fedf8..e461df78d 100644 --- a/doc/OpenPGP +++ b/doc/OpenPGP @@ -26,7 +26,7 @@ * (9.2) states that IDEA SHOULD be implemented. This is not done due to patent problems. - * (12.1) states that an implementaion MUST NOT use a symmetric + * (12.1) states that an implementation MUST NOT use a symmetric algorithm which is not in the preference list. GnuPG has an option to override this. @@ -79,8 +79,8 @@ it with a V3 keyid, and can properly use only a V3 format RSA key. - * Neither PGP 5.x nor PGP 6.0 recognize Elgamal Encrypt and Sign - keys. They only handle Elgamal Encrypt-only keys. + * Neither PGP 5.x nor PGP 6.0 recognize ElGamal Encrypt and Sign + keys. They only handle ElGamal Encrypt-only keys. Parts of this document are taken from: diff --git a/doc/gpg.1pod b/doc/gpg.1pod index d4e4ab0b0..dcd107ef7 100644 --- a/doc/gpg.1pod +++ b/doc/gpg.1pod @@ -237,7 +237,7 @@ B<--trusted-key> I<keyid> Assume that the key with the I<keyid> (which must be a full (8 byte) keyid) is as trustworthy as one of your own secret keys. This may be used to make keys - valid which are not directly ceritified by you but + valid which are not directly certified by you but by a CA you trust. The advantage of this option is that it shortens the path of certification. @@ -392,7 +392,7 @@ B<--s2k-mode> I<number> Selects how passphrases are mangled: A number of I<0> uses the plain passphrase (which is not recommended), a I<1> (default) adds a salt to the passphrase and - I<3> interates the whole process a couple of times. + I<3> iterates the whole process a couple of times. Unless -B<--rfc1991> is used, this mode is also used for conventional encryption. @@ -403,7 +403,7 @@ B<--compress-algo> I<number> The default algorithm may give better results because the window size is not limited to 8K. If this is not used the OpenPGP behavior is used; i.e. - the compression algorith is selected from the preferences. + the compression algorithm is selected from the preferences. B<--digest-algo> I<name> Use I<name> as message digest algorithm. Running the @@ -444,7 +444,7 @@ B<--rfc1991> Try to be more RFC1991 (PGP 2.x) compliant. B<--force-v3-sigs> - OpenPGP states that a implemenation should generate + OpenPGP states that a implementation should generate v4 signatures but PGP 5.x does only recognize such signatures on key material. This options forces v3 signatures for signatures on data. diff --git a/doc/manual.sgml b/doc/manual.sgml index aec6090dc..2d02caae4 100644 --- a/doc/manual.sgml +++ b/doc/manual.sgml @@ -42,8 +42,8 @@ <title>Introduction</title> <sect1 id="feedback"> <title>Feedback</title> - <para>Well, I'm german and I find it hard to express myself in - english. So if you find some phrases and/or words that I used + <para>Well, I'm German and I find it hard to express myself in + English. So if you find some phrases and/or words that I used in a wrong way (and you will find them :-) ), please send me a mail, to let me correct this. Please send me notes about typos, too.</para> @@ -51,7 +51,7 @@ <sect1 id="whatis"> - <title>What is GBUPG</title> + <title>What is GNUPG</title> <para>GNUPG is a free data encryption and signing tool. <screen> @@ -81,7 +81,7 @@ <optional><parameter>options</parameter></optional> <replaceable class="parameter">file name</replaceable> </synopsis> - <refpurpose>is the GNUU tool for signing and exncryption</> + <refpurpose>is the GNU tool for signing and encryption</> <refsect1> <title>Description</title> <para> </para> |