diff mbox series

[Openvpn-devel] New man page corrections - protocol-options.rst

Message ID 20200701224031.15113-1-tincanteksup@gmail.com
State Accepted, archived
Delegated to: David Sommerseth
Headers show
Series [Openvpn-devel] New man page corrections - protocol-options.rst | expand

Commit Message

tincanteksup July 1, 2020, 12:40 p.m. UTC 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
---
 doc/man-sections/protocol-options.rst | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)
diff mbox series

Patch

diff --git a/doc/man-sections/protocol-options.rst b/doc/man-sections/protocol-options.rst
index 5bc072af..a5a1253a 100644
--- a/doc/man-sections/protocol-options.rst
+++ b/doc/man-sections/protocol-options.rst
@@ -1,7 +1,7 @@ 
 Protocol options
 ----------------
-Options in this section affects features available in the OpenVPN wire
-protocol.  Many of these options also defines the encryption options
+Options in this section affect features available in the OpenVPN wire
+protocol.  Many of these options also define the encryption options
 of the data channel in the OpenVPN wire protocol.  These options must be
 configured in a compatible way between both the local and remote side.
 
@@ -9,15 +9,15 @@  configured in a compatible way between both the local and remote side.
   Authenticate data channel packets and (if enabled) ``tls-auth`` control
   channel packets with HMAC using message digest algorithm ``alg``. (The
   default is ``SHA1`` ). HMAC is a commonly used message authentication
-  algorithm (MAC) that uses a data string, a secure hash algorithm, and a
-  key, to produce a digital signature.
+  algorithm (MAC) that uses a data string, a secure hash algorithm and a
+  key to produce a digital signature.
 
   The OpenVPN data channel protocol uses encrypt-then-mac (i.e. first
-  encrypt a packet, then HMAC the resulting ciphertext), which prevents
+  encrypt a packet then HMAC the resulting ciphertext), which prevents
   padding oracle attacks.
 
-  If an AEAD cipher mode (e.g. GCM) is chosen, the specified ``--auth``
-  algorithm is ignored for the data channel, and the authentication method
+  If an AEAD cipher mode (e.g. GCM) is chosen then the specified ``--auth``
+  algorithm is ignored for the data channel and the authentication method
   of the AEAD cipher is used instead. Note that ``alg`` still specifies
   the digest used for ``tls-auth``.
 
@@ -55,7 +55,7 @@  configured in a compatible way between both the local and remote side.
 
 --compress algorithm
   **DEPRECATED** Enable a compression algorithm.  Compression is generally
-  not recommended.  VPN tunnels which uses compression are suspectible to
+  not recommended.  VPN tunnels which use compression are susceptible to
   the VORALCE attack vector.
 
   The ``algorithm`` parameter may be :code:`lzo`, :code:`lz4`, or empty.
@@ -161,7 +161,7 @@  configured in a compatible way between both the local and remote side.
   either specify ``--cipher BF-CBC`` or ``--cipher AES-256-CBC`` and both
   will work.
 
-  Note, for using NCP with a OpenVPN 2.4 peer this list must include the
+  Note for using NCP with an OpenVPN 2.4 peer: This list must include the
   :code:`AES-256-GCM` and :code:`AES-128-GCM` ciphers.
 
   This list is restricted to be 127 chars long after conversion to OpenVPN