Various syntax and wording corrections to the OpenSSL section.

Also added a <ulink> to the homepage of VeriSign.
svn path=/head/; revision=23458
2005-01-06 05:58:16 +00:00 · 2005-01-06 05:58:16 +00:00 · c64ca1e1c6 · 2020-12-08 03:00:23 +00:00
commit c64ca1e1c6
parent 7aa85c79f3
1 changed files with 11 additions and 12 deletions
--- a/en_US.ISO8859-1/books/handbook/security/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/security/chapter.sgml
@ -2989,8 +2989,7 @@ jdoe@example.org</screen>
    <para>The version of <application>OpenSSL</application> included
      in &os; supports Secure Sockets Layer v2/v3 (SSLv2/SSLv3),
      Transport Layer Security v1 (TLSv1) network security protocols
-      and can be used as a general cryptographic library for use
+      and can be used as a general cryptographic library.</para>
      with applications.</para>
    <note>
      <para>While <application>OpenSSL</application> supports the
@ -3001,14 +3000,14 @@ jdoe@example.org</screen>
 	<filename>make.conf</filename>.</para>
    </note>
-    <para>Perhaps one of the most common uses of
+    <para>One of the most common uses of
-      <application>OpenSSL</application> provide certificates for
+      <application>OpenSSL</application> is to provide certificates for
      use with software applications.  These certificates ensure
-      that the credentials of the company or individual is valid
+      that the credentials of the company or individual are valid
-      and are not fraudulent.  If the certificate in question has
+      and not fraudulent.  If the certificate in question has
-      not been verified by one of the several Certificate Authorities,
+      not been verified by one of the several <quote>Certificate Authorities</quote>,
      or <acronym>CA</acronym>s, a warning is usually produced.  A
-      Certificate Authority is a company, such as VeriSign, who will
+      Certificate Authority is a company, such as <ulink url="www.verisign.com">VeriSign</ulink>, which will
      sign certificates in order to validate credentials of individuals
      or companies.  This process has a cost associated with it and
      is definitely not a requirement for using certificates; however,
@ -3055,15 +3054,15 @@ An optional company name []:<userinput><replaceable>Another Name</replaceable></
 	<quote>Common Name</quote> prompt shows a domain name.
 	This prompt requires a server name to be entered for
 	verification purposes; placing anything	but a domain name
-	would yield a useless certificate.  Other options for
+	would yield a useless certificate.  Other options, for
 	instance expire time, alternate encryption algorithms, etc.
 	are available.  A complete list may be obtained by viewing
 	the &man.openssl.1; manual page.</para>
-      <para>A file, <filename>cert.pem</filename> should now exist in
+      <para>A <filename>cert.pem</filename> file should now exist in
 	the directory which the aforementioned command was issued.  This
-	is the certificate which may be sent to any one of the many
+	is the certificate which may be sent to any
-	<acronym>CA</acronym>s for signing.</para>
+	<acronym>CA</acronym> for signing.</para>
      <para>In cases where a signature from a <acronym>CA</acronym> is
 	not required, a self signed certificate can be created.  First,