[Openvpn-devel] New man page corrections - encryption-options.rst

Message ID 20200626142947.12776-1-tincanteksup@gmail.com
State New
Delegated to: David Sommerseth
Headers show
Series
  • [Openvpn-devel] New man page corrections - encryption-options.rst
Related show

Commit Message

tincanteksup June 26, 2020, 2:29 p.m.
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
---
 doc/man-sections/encryption-options.rst | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

Comments

tincanteksup June 26, 2020, 2:34 p.m. | #1
Comment inline:

On 26/06/2020 15:29, Richard Bonhomme wrote:
> Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
> ---
>   doc/man-sections/encryption-options.rst | 8 ++++----
>   1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/doc/man-sections/encryption-options.rst b/doc/man-sections/encryption-options.rst
> index 42c80eb8..076b5fd3 100644
> --- a/doc/man-sections/encryption-options.rst
> +++ b/doc/man-sections/encryption-options.rst
> @@ -86,5 +86,5 @@ Generating key material
>   
>     * Generating *TLS Crypt v2 Server key*
> -    Generate a ``--tls-crypt-v2`` key tp be used by an OpenVPN server.
> +    Generate a ``--tls-crypt-v2`` key to be used by an OpenVPN server.
>       The key is stored in ``keyfile``.
>   
> @@ -127,7 +127,7 @@ Generating key material
>   
>       *Note:*
> -       This file should be kept secret to the server as anyone that
> -       access to this file will be to generate auth tokens that the OpenVPN
> -       server will accept as valid.
> +       This file should be kept secret to the server as anyone that has

I don't know if this is correct or if it should read:
        This file should be kept secret from the server ..

> +       access to this file will be able to generate auth tokens that the
> +       OpenVPN server will accept as valid.
>   
>   .. include:: renegotiation.rst
>
Arne Schwabe June 26, 2020, 2:41 p.m. | #2
Am 26.06.20 um 16:34 schrieb tincanteksup:
> Comment inline:
> 
> On 26/06/2020 15:29, Richard Bonhomme wrote:
>> Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
>> ---
>>   doc/man-sections/encryption-options.rst | 8 ++++----
>>   1 file changed, 4 insertions(+), 4 deletions(-)
>>
>> diff --git a/doc/man-sections/encryption-options.rst
>> b/doc/man-sections/encryption-options.rst
>> index 42c80eb8..076b5fd3 100644
>> --- a/doc/man-sections/encryption-options.rst
>> +++ b/doc/man-sections/encryption-options.rst
>> @@ -86,5 +86,5 @@ Generating key material
>>       * Generating *TLS Crypt v2 Server key*
>> -    Generate a ``--tls-crypt-v2`` key tp be used by an OpenVPN server.
>> +    Generate a ``--tls-crypt-v2`` key to be used by an OpenVPN server.
>>       The key is stored in ``keyfile``.
>>   @@ -127,7 +127,7 @@ Generating key material
>>         *Note:*
>> -       This file should be kept secret to the server as anyone that
>> -       access to this file will be to generate auth tokens that the
>> OpenVPN
>> -       server will accept as valid.
>> +       This file should be kept secret to the server as anyone that has
> 
> I don't know if this is correct or if it should read:
>        This file should be kept secret from the server ..

No, it is correct but maybe not correct English. Basically I wanted to
say that the file should be only kept on the server and not anywhere
else like a private server key.

> 
>> +       access to this file will be able to generate auth tokens that the
>> +       OpenVPN server will accept as valid.
>>     .. include:: renegotiation.rst
>>
> 
> 
> _______________________________________________
> Openvpn-devel mailing list
> Openvpn-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-devel
David Sommerseth June 26, 2020, 2:45 p.m. | #3
On 26/06/2020 16:34, tincanteksup wrote:
> Comment inline:
> 
> On 26/06/2020 15:29, Richard Bonhomme wrote:
>> Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
>> ---
>>   doc/man-sections/encryption-options.rst | 8 ++++----
>>   1 file changed, 4 insertions(+), 4 deletions(-)
>>
>> diff --git a/doc/man-sections/encryption-options.rst
>> b/doc/man-sections/encryption-options.rst
>> index 42c80eb8..076b5fd3 100644
>> --- a/doc/man-sections/encryption-options.rst
>> +++ b/doc/man-sections/encryption-options.rst
>> @@ -86,5 +86,5 @@ Generating key material
>>       * Generating *TLS Crypt v2 Server key*
>> -    Generate a ``--tls-crypt-v2`` key tp be used by an OpenVPN server.
>> +    Generate a ``--tls-crypt-v2`` key to be used by an OpenVPN server.
>>       The key is stored in ``keyfile``.
>>   @@ -127,7 +127,7 @@ Generating key material
>>         *Note:*
>> -       This file should be kept secret to the server as anyone that
>> -       access to this file will be to generate auth tokens that the OpenVPN
>> -       server will accept as valid.
>> +       This file should be kept secret to the server as anyone that has
> 
> I don't know if this is correct or if it should read:
>        This file should be kept secret from the server ..

It wouldn't make sense to keep a (shared) private key used for encryption
"secret from the server"; that would make it a bit difficult to use :)

I think what was meant was:

   "This file should be kept secret *on* the server ..."

Patch

diff --git a/doc/man-sections/encryption-options.rst b/doc/man-sections/encryption-options.rst
index 42c80eb8..076b5fd3 100644
--- a/doc/man-sections/encryption-options.rst
+++ b/doc/man-sections/encryption-options.rst
@@ -86,5 +86,5 @@  Generating key material
 
   * Generating *TLS Crypt v2 Server key*
-    Generate a ``--tls-crypt-v2`` key tp be used by an OpenVPN server.
+    Generate a ``--tls-crypt-v2`` key to be used by an OpenVPN server.
     The key is stored in ``keyfile``.
 
@@ -127,7 +127,7 @@  Generating key material
 
     *Note:*
-       This file should be kept secret to the server as anyone that
-       access to this file will be to generate auth tokens that the OpenVPN
-       server will accept as valid.
+       This file should be kept secret to the server as anyone that has
+       access to this file will be able to generate auth tokens that the
+       OpenVPN server will accept as valid.
 
 .. include:: renegotiation.rst