diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/ChangeLog | 4 | ||||
| -rw-r--r-- | doc/DETAILS | 48 | ||||
| -rw-r--r-- | doc/FAQ | 16 |
3 files changed, 36 insertions, 32 deletions
diff --git a/doc/ChangeLog b/doc/ChangeLog index a877cf5aa..59efbc95e 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,7 @@ +2000-07-03 13:59:24 Werner Koch ([email protected]) + + * DETAILS, FAQ: Typo fixes by Yosiaki IIDA. + 2000-05-12 10:57:21 Werner Koch ([email protected]) * gpg.sgml: Documented --no-tty. diff --git a/doc/DETAILS b/doc/DETAILS index ac8b577a8..14715a827 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -119,7 +119,7 @@ more arguments in future versions. The signature key has expired. No arguments yet. KEYREVOKED - The used key has been revoked by his owner. No arguments yet. + The used key has been revoked by its owner. No arguments yet. BADARMOR The ASCII armor is corrupted. No arguments yet. @@ -198,7 +198,7 @@ more arguments in future versions. BEGIN_DECRYPTION END_DECRYPTION Mark the start and end of the actual decryption process. These - are also emmited when in --list-only mode. + are also emitted when in --list-only mode. BEGIN_ENCRYPTION END_ENCRYPTION @@ -214,7 +214,7 @@ more arguments in future versions. "char" is the character displayed with no --status-fd enabled, with the linefeed replaced by an 'X'. "cur" is the current amount done and "total" is amount to be done; a "total" of 0 indicates that - the toatal amount is not known. 100/100 may be used to detect the + the total amount is not known. 100/100 may be used to detect the end of operation. SIG_CREATED <type> <pubkey algo> <hash algo> <class> <timestamp> <key fpr> @@ -263,31 +263,31 @@ Unattended key generation There is an experimental feature which allows for unattended generation of keys controlled by a parameter file. This feature is not very well tested and does only make sense for some -very special applications. Please don't complain if we decide to chnage +very special applications. Please don't complain if we decide to change the behaviour of this command. To use this feature, you use --gen-key together with --batch and feed the -parameters either form stdin or from a file given on the commandline. +parameters either from stdin or from a file given on the commandline. The format of this file is as follows: o Text only, line length is limited to about 1000 chars. - o You must use UTF-8 encoding to specifiy non-ascii characters. - o Empty lines are ignored - o Leading and trailing spaces are ignored - o A hash sign as the first non white space character indicates a comment line + o You must use UTF-8 encoding to specify non-ascii characters. + o Empty lines are ignored. + o Leading and trailing spaces are ignored. + o A hash sign as the first non white space character indicates a comment line. o Control statements are indicated by a leading percent sign, the arguments are separated by white space from the keyword. o Parameters are specified by a keyword, followed by a colon. Arguments - are speparated by white space. + are separated by white space. o The first parameter must be "Key-Type", control statements may be placed anywhere. o Key generation takes place when either the end of the parameter file is reached, the next "Key-Type" parameter is encountered or at the controlstatement "%commit" - o Control staements: + o Control statements: %echo <text> - Print <text> + Print <text>. %dry-run - Suppress actual key generation (useful for syntax checking) + Suppress actual key generation (useful for syntax checking). %commit Perform the key generation. An implicit commit is done at the next "Key-Type" parameter. @@ -302,8 +302,8 @@ The format of this file is as follows: this file is created (and overwrites an existing one). Both control statements must be given. o The order of the parameters does not matter except for "Key-Type" - which must be the first parameter. The paramtyers are only for the - generated keyblock and paramters from previous key generations are not + which must be the first parameter. The parameters are only for the + generated keyblock and parameters from previous key generations are not used. Some syntactically checks may be performed. The currently defined parameters are: Key-Type: <algo-number>|<algo-string> @@ -311,7 +311,7 @@ The format of this file is as follows: primary key. The algorithm must be capable of signing. This is a required parameter. Key-Length: <length-in-bits> - Length of the key in bits. Default is 1024 + Length of the key in bits. Default is 1024. Subkey-Type: <algo-number>|<algo-string> This generates a secondary key. Currently only one subkey can be handled. @@ -476,16 +476,16 @@ the DB is always of type 1 and this is the only record of this type. 1 u32 next next sigrec of this uid or 0 to indicate the last sigrec. 6 times - 1 u32 Local_id of signators dir or shadow dir record + 1 u32 Local_id of signatures dir or shadow dir record 1 byte Flag: Bit 0 = checked: Bit 1 is valid (we have a real directory record for this) - 1 = valid is set (but my be revoked) + 1 = valid is set (but may be revoked) Record type 8: (shadow directory record) -------------- - This record is used to reserved a LID for a public key. We + This record is used to reserve a LID for a public key. We need this to create the sig records of other keys, even if we do not yet have the public key of the signature. This record (the record number to be more precise) will be reused @@ -614,7 +614,7 @@ There is one enhancement used with the old style packet headers: + future extensions. These length markers must be inserted into the data + stream just before writing the data out. + -+ This 2 byte filed is large enough, because the application must buffer ++ This 2 byte field is large enough, because the application must buffer + this amount of data to prepend the length marker before writing it out. + Data block sizes larger than about 32k doesn't make any sense. Note + that this may also be used for compressed data streams, but we must use @@ -633,8 +633,8 @@ GNU protection mode - 1000. Defined modes are: Usage of gdbm files for keyrings ================================ - The key to store the keyblock is it's fingerprint, other records - are used for secondary keys. fingerprints are always 20 bytes + The key to store the keyblock is its fingerprint, other records + are used for secondary keys. Fingerprints are always 20 bytes where 16 bit fingerprints are appended with zero. The first byte of the key gives some information on the type of the key. @@ -742,11 +742,11 @@ The keyserver also recognizes http-POSTs to /pks/add. Use this to upload keys. -A better way to to this would be a request like: +A better way to do this would be a request like: /pks/lookup/<gnupg_formatierte_user_id>?op=<operation> -this can be implemented using Hurd's translator mechanism. +This can be implemented using Hurd's translator mechanism. However, I think the whole key server stuff has to be re-thought; I have some ideas and probably create a white paper. @@ -126,7 +126,7 @@ gpg --rfc1991 --cipher-algo 3des ... Please don't pipe the data to encrypt to gpg but give it as a filename; - other wise, pgp 2 will not be able to handle it. + otherwise, pgp 2 will not be able to handle it. Q: How can I conventional encrypt a message, so that PGP can decrypt it? A: You can't do this for PGP 2. For PGP 5 you should use this: @@ -145,7 +145,7 @@ we (on Linux the /dev/random device) must collect some random data. It is really not easy to fill the Linux internal entropy buffer; I talked to Ted Ts'o and he commented that the best way to fill the buffer - is to play with your keyboard. Good security has it's price. What I do + is to play with your keyboard. Good security has its price. What I do is to hit several times on the shift, control, alternate, and capslock keys, because these keys do not produce output to the screen. This way you get your keys really fast (it's the same thing pgp2 does). @@ -187,7 +187,7 @@ q = Undefined (no value assigned) n = Don't trust this key at all m = There is marginal trust in this key - f = The key is full trusted. + f = The key is full trusted u = The key is ultimately trusted; this is only used for keys for which the secret key is also available. @@ -282,7 +282,7 @@ other keys. "validity", or calculated trust, is a value which says how much GnuPG thinks a key is valid (that it really belongs to the one who claims to be the owner of the key). - For more see the chapter "The Web of Trust" in the Manual + For more see the chapter "The Web of Trust" in the Manual. Q: How do I interpret some of the informational outputs? A: While checking the validity of a key, GnuPG sometimes prints @@ -342,7 +342,7 @@ where pgpkeyring is the original keyring and not the GnuPG one you might have created in the first step. - Q: Are the headerlines of a cleartext signater part of the signed + Q: Are the headerlines of a cleartext signature part of the signed material? A: No. For example you can add or remove "Comment:" lines. They have a purpose like the mail header lines. However a "Hash:" @@ -357,7 +357,7 @@ Q: PGP 5.x, 6.x does not like my secret key. A: PGP probably bails out on some private comment packets used by GnuPG. These packets are fully in compliance with OpenPGP; however PGP is not - really OpenPGP aware. A workaround is to eport the secret keys with + really OpenPGP aware. A workaround is to export the secret keys with this command: gpg --export-secret-keys --no-comment -a your-key-id @@ -376,7 +376,7 @@ A: You should use the option --batch and don't use passphrases as there is usually no way to store it more secure than the secret keyring itself. The suggested way to create the keys for the - automated envirionment ist: + automated environment is: On a secure machine: 1. If you want to do automatic signing, create a signing subkey for your key (edit menu, choose "addkey" and the DSA). @@ -384,7 +384,7 @@ implementation) 3. gpg --export-secret-subkeys --no-comment foo >secring.auto 4. Copy secring.auto and the public keyring to a test directory. - 5. Cd to this diectory + 5. Cd to this directory. 6. gpg --homedir . --edit foo and use "passwd" to remove the passphrase from the subkeys. You may also want to remove all unused subkeys. |