From 16b6b7753229a41fb3b4bf77d34873db8f3cb682 Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Thu, 5 Oct 2023 14:00:46 +0900 Subject: [PATCH] Minor style fixes. -- Signed-off-by: NIIBE Yutaka --- doc/debugging.texi | 4 +-- doc/dirmngr.texi | 32 ++++++++--------- doc/gpg-agent.texi | 24 ++++++------- doc/gpg.texi | 56 ++++++++++++++--------------- doc/gpgsm.texi | 28 +++++++-------- doc/howto-create-a-server-cert.texi | 2 +- doc/scdaemon.texi | 8 ++--- doc/specify-user-id.texi | 4 +-- doc/tools.texi | 10 +++--- doc/wks.texi | 2 +- 10 files changed, 85 insertions(+), 85 deletions(-) diff --git a/doc/debugging.texi b/doc/debugging.texi index 6639e184b..a389bdf50 100644 --- a/doc/debugging.texi +++ b/doc/debugging.texi @@ -91,7 +91,7 @@ should not occur but sometimes things go wrong), run it using @item How to find the IP address of a keyserver If a round robin URL of is used for a keyserver -(e.g. subkeys.gnupg.org); it is not easy to see what server is actually +(e.g., subkeys.gnupg.org); it is not easy to see what server is actually used. Using the keyserver debug option as in @smallexample @@ -130,7 +130,7 @@ but Dirmngr's OCSP feature has not been enabled using The far most common reason for this is that the environment variable @code{GPG_TTY} has not been set correctly. Make sure that it has been set to a real tty device and not just to @samp{/dev/tty}; -i.e. @samp{GPG_TTY=tty} is plainly wrong; what you want is +i.e., @samp{GPG_TTY=tty} is plainly wrong; what you want is @samp{GPG_TTY=`tty`} --- note the back ticks. Also make sure that this environment variable gets exported, that is you should follow up the setting with an @samp{export GPG_TTY} (assuming a Bourne style diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi index fb448752a..0d0cb018d 100644 --- a/doc/dirmngr.texi +++ b/doc/dirmngr.texi @@ -180,7 +180,7 @@ available flags the sole word "help" can be used. This option is only useful for testing; it sets the system time back or forth to @var{epoch} which is the number of seconds elapsed since the year 1970. Alternatively @var{epoch} may be given as a full ISO time string -(e.g. "20070924T154812"). +(e.g., "20070924T154812"). @item --debug-level @var{level} @opindex debug-level @@ -213,7 +213,7 @@ however carefully selected to best aid in debugging. @item --debug @var{flags} @opindex debug Set debug flags. All flags are or-ed and @var{flags} may be given in -C syntax (e.g. 0x0042) or as a comma separated list of flag names. To +C syntax (e.g., 0x0042) or as a comma separated list of flag names. To get a list of all supported flags the single word "help" can be used. This option is only useful for debugging and the behavior may change at any time without notice. @@ -374,7 +374,7 @@ there for details; here is an example: as given. Replace USERNAME, PASSWORD, and the 'dc' parts according to the instructions received from your LDAP administrator. Note that only simple authentication - (i.e. cleartext passwords) is supported and thus using ldaps is + (i.e., cleartext passwords) is supported and thus using ldaps is strongly suggested (since 2.2.28 "ldaps" defaults to port 389 and uses STARTTLS). On Windows authentication via AD can be requested by adding @code{gpgNtds=1} after the fourth question @@ -465,7 +465,7 @@ Lines starting with a @samp{#} are comments. Note that as usual all strings entered are expected to be UTF-8 encoded. Obviously this will lead to problems if the password has originally been encoded as Latin-1. There is no other solution here than to put such a -password in the binary encoding into the file (i.e. non-ascii characters +password in the binary encoding into the file (i.e., non-ascii characters won't show up readable).@footnote{The @command{gpgconf} tool might be helpful for frontends as it enables editing this configuration file using percent-escaped strings.} @@ -681,7 +681,7 @@ those certificates on startup and when given a SIGHUP. Certificates which are not readable or do not make up a proper X.509 certificate are ignored; see the log file for details. -Applications using dirmngr (e.g. gpgsm) can request these +Applications using dirmngr (e.g., gpgsm) can request these certificates to complete a trust chain in the same way as with the extra-certs directory (see below). @@ -690,7 +690,7 @@ Note that for OCSP responses the certificate specified using the option @item /etc/gnupg/extra-certs This directory may contain extra certificates which are preloaded -into the internal cache on startup. Applications using dirmngr (e.g. gpgsm) +into the internal cache on startup. Applications using dirmngr (e.g., gpgsm) can request cached certificates to complete a trust chain. This is convenient in cases you have a couple intermediate CA certificates or certificates usually used to sign OCSP responses. @@ -799,7 +799,7 @@ Enter @code{HELP} at the prompt to see a list of commands and enter @node Dirmngr Signals @section Use of signals -A running @command{dirmngr} may be controlled by signals, i.e. using +A running @command{dirmngr} may be controlled by signals, i.e., using the @command{kill} command to send a signal to the process. Here is a list of supported signals: @@ -1031,7 +1031,7 @@ includes a local certificate store as well as a list of trusted root certificates. @noindent -The return code is 0 for success; i.e. the certificate has not been +The return code is 0 for success; i.e., the certificate has not been revoked or one of the usual error codes from libgpg-error. @node Dirmngr CHECKOCSP @@ -1066,7 +1066,7 @@ of the global option @option{--ignore-ocsp-service-url}. @noindent -The return code is 0 for success; i.e. the certificate has not been +The return code is 0 for success; i.e., the certificate has not been revoked or one of the usual error codes from libgpg-error. @node Dirmngr CACHECERT @@ -1088,7 +1088,7 @@ Thus the caller is expected to return the certificate for the request as a binary blob. @noindent -The return code is 0 for success; i.e. the certificate has not been +The return code is 0 for success; i.e., the certificate has not been successfully cached or one of the usual error codes from libgpg-error. @node Dirmngr VALIDATE @@ -1188,7 +1188,7 @@ as a binary blob. @c does not yet end up in memory. @c * @code{crl_cache_insert} is called with that descriptor to @c actually read the CRL into the cache. See below for a -@c description of this function. If there is any error (e.g. read +@c description of this function. If there is any error (e.g., read @c problem, CRL not correctly signed or verification of signature @c not possible), this descriptor is rejected and we continue @c with the next name. If the CRL has been successfully loaded, @@ -1214,7 +1214,7 @@ as a binary blob. @c a) An authorityKeyIdentifier with an issuer and serialno exits: The @c certificate is retrieved using @code{find_cert_bysn}. If @c the certificate is in the certificate cache, it is directly -@c returned. Then the requester (i.e. the client who requested the +@c returned. Then the requester (i.e., the client who requested the @c CRL check) is asked via the Assuan inquiry ``SENDCERT'' whether @c he can provide this certificate. If this succeed the returned @c certificate gets cached and returned. Note, that dirmngr does not @@ -1293,7 +1293,7 @@ as a binary blob. @c expiration time of all certificates in the chain. @c @c We first check that the certificate may be used for the requested -@c purpose (i.e. OCSP or CRL signing). If this is not the case +@c purpose (i.e., OCSP or CRL signing). If this is not the case @c GPG_ERR_WRONG_KEY_USAGE is returned. @c @c The next step is to find the trust anchor (root certificate) and to @@ -1317,7 +1317,7 @@ as a binary blob. @c Now the issuer's certificate is looked up: If an @c authorityKeyIdentifier is available, this one is used to locate the @c certificate either using issuer and serialnumber or subject DN -@c (i.e. the issuer's DN) and the keyID. The functions +@c (i.e., the issuer's DN) and the keyID. The functions @c @code{find_cert_bysn) and @code{find_cert_bysubject} are used @c respectively. The have already been described above under the @c description of @code{crl_cache_insert}. If no certificate was found @@ -1331,13 +1331,13 @@ as a binary blob. @c actual certificate is checked and in case this fails the error @c #code{GPG_ERR_BAD_CERT_CHAIN} is returned. If the signature checks out, the @c maximum chain length of the issuing certificate is checked as well as -@c the capability of the certificate (i.e. whether he may be used for +@c the capability of the certificate (i.e., whether he may be used for @c certificate signing). Then the certificate is prepended to our list @c representing the certificate chain. Finally the loop is continued now @c with the issuer's certificate as the current certificate. @c @c After the end of the loop and if no error as been encountered -@c (i.e. the certificate chain has been assempled correctly), a check is +@c (i.e., the certificate chain has been assempled correctly), a check is @c done whether any certificate expired or a critical policy has not been @c met. In any of these cases the validation terminates with an @c appropriate error. diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi index 902de56f4..6d6cf97ec 100644 --- a/doc/gpg-agent.texi +++ b/doc/gpg-agent.texi @@ -72,7 +72,7 @@ the included Secure Shell Agent you may start the agent using: @c One way of enforcing this split is a per-key or per-session @c passphrase, known only by the owner, which must be supplied to the @c agent to permit the use of the secret key material. Another way is -@c with an out-of-band permission mechanism (e.g. a button or GUI +@c with an out-of-band permission mechanism (e.g@:. a button or GUI @c interface that the owner has access to, but the supplicant does not). @c @c The rationale for this separation is that it allows access to the @@ -111,8 +111,8 @@ Please make sure that a proper pinentry program has been installed under the default filename (which is system dependent) or use the option @option{pinentry-program} to specify the full name of that program. It is often useful to install a symbolic link from the actual used -pinentry (e.g. @file{@value{BINDIR}/pinentry-gtk}) to the expected -one (e.g. @file{@value{BINDIR}/pinentry}). +pinentry (e.g., @file{@value{BINDIR}/pinentry-gtk}) to the expected +one (e.g., @file{@value{BINDIR}/pinentry}). @manpause @noindent @@ -178,7 +178,7 @@ If in @file{common.conf} the option @option{no-autostart} is set, any start attempts will be ignored. In --supervised mode, different file descriptors can be provided for -use as different socket types (e.g. ssh, extra) as long as they are +use as different socket types (e.g., ssh, extra) as long as they are identified in the environment variable @code{LISTEN_FDNAMES} (see sd_listen_fds(3) on some Linux distributions for more information on this convention). @@ -259,7 +259,7 @@ however carefully selected to best aid in debugging. @item --debug @var{flags} @opindex debug Set debug flags. All flags are or-ed and @var{flags} may be given -in C syntax (e.g. 0x0042) or as a comma separated list of flag names. +in C syntax (e.g., 0x0042) or as a comma separated list of flag names. To get a list of all supported flags the single word "help" can be used. This option is only useful for debugging and the behavior may change at any time without notice. @@ -345,7 +345,7 @@ specify the logging output. @anchor{option --no-allow-mark-trusted} @item --no-allow-mark-trusted @opindex no-allow-mark-trusted -Do not allow clients to mark keys as trusted, i.e. put them into the +Do not allow clients to mark keys as trusted, i.e., put them into the @file{trustlist.txt} file. This makes it harder for users to inadvertently accept Root-CA keys. @@ -705,7 +705,7 @@ The order in which keys are presented to ssh are: Editing the "Use-for-ssh" values can be done with an editor or using @command{gpg-connect-agent} and "KEYATTR" (Remember to append a colon -to the key; i.e. use "Use-for-ssh:"). +to the key; i.e., use "Use-for-ssh:"). @anchor{option --ssh-fingerprint-digest} @@ -713,7 +713,7 @@ to the key; i.e. use "Use-for-ssh:"). @opindex ssh-fingerprint-digest Select the digest algorithm used to compute ssh fingerprints that are -communicated to the user, e.g. in pinentry dialogs. OpenSSH has +communicated to the user, e.g., in pinentry dialogs. OpenSSH has transitioned from using MD5 to the more secure SHA256. @@ -819,7 +819,7 @@ It might even be advisable to change the permissions to read-only so that this file can't be changed inadvertently. As a special feature a line @code{include-default} will include a global -list of trusted certificates (e.g. @file{@value{SYSCONFDIR}/trustlist.txt}). +list of trusted certificates (e.g., @file{@value{SYSCONFDIR}/trustlist.txt}). This global list is also used if the local list is not available; the @ref{option --no-user-trustlist} enforces the use of only this global list. @@ -881,7 +881,7 @@ The keygrip may be prefixed with a @code{!} to disable an entry. The following example lists exactly one key. Note that keys available through a OpenPGP smartcard in the active smartcard reader are -implicitly added to this list; i.e. there is no need to list them. +implicitly added to this list; i.e., there is no need to list them. @cartouche @smallexample @@ -914,7 +914,7 @@ a small helper script is provided to create these files (@pxref{addgnupghome}). @mansect signals @node Agent Signals @section Use of some signals -A running @command{gpg-agent} may be controlled by signals, i.e. using +A running @command{gpg-agent} may be controlled by signals, i.e., using the @command{kill} command to send a signal to the process. Here is a list of supported signals: @@ -1396,7 +1396,7 @@ convention either the hexified fingerprint of the key shall be used for calling application and a colon: Like @code{gpg:somestring}. @var{error_message} is either a single @code{X} for no error message or -a string to be shown as an error message like (e.g. "invalid +a string to be shown as an error message like (e.g., "invalid passphrase"). Blanks must be percent escaped or replaced by @code{+}'. @var{prompt} is either a single @code{X} for a default prompt or the diff --git a/doc/gpg.texi b/doc/gpg.texi index ce72afbf5..b5a9ccc51 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -330,21 +330,21 @@ The status of the verification is indicated by a flag directly following the "sig" tag (and thus before the flags described below. A "!" indicates that the signature has been successfully verified, a "-" denotes a bad signature and a "%" is used if an error occurred while -checking the signature (e.g. a non supported algorithm). Signatures +checking the signature (e.g., a non supported algorithm). Signatures where the public key is not available are not listed; to see their keyids the command @option{--list-sigs} can be used. For each signature listed, there are several flags in between the signature status flag and keyid. These flags give additional information about each key signature. From left to right, they are -the numbers 1-3 for certificate check level (see +the numbers 1--3 for certificate check level (see @option{--ask-cert-level}), "L" for a local or non-exportable signature (see @option{--lsign-key}), "R" for a nonRevocable signature (see the @option{--edit-key} command "nrsign"), "P" for a signature that contains a policy URL (see @option{--cert-policy-url}), "N" for a signature that contains a notation (see @option{--cert-notation}), "X" for an eXpired signature (see @option{--ask-cert-expire}), and the -numbers 1-9 or "T" for 10 and above to indicate trust signature levels +numbers 1--9 or "T" for 10 and above to indicate trust signature levels (see the @option{--edit-key} command "tsign"). @@ -405,7 +405,7 @@ description, please see the Card HOWTO at https://gnupg.org/documentation/howtos.html#GnuPG-cardHOWTO . Please note that the command "openpgp" can be used to switch to the OpenPGP application of cards which by default are presenting another -application (e.g. PIV). +application (e.g., PIV). @item --card-status @opindex card-status @@ -589,7 +589,7 @@ corrupted trustdb. Example: Update the trustdb with the ownertrust values stored in @code{files} (or STDIN if not given); existing values will be overwritten. In case of a severely damaged trustdb and if you have a recent backup of the -ownertrust values (e.g. in the file @file{otrust.txt}), you may re-create +ownertrust values (e.g., in the file @file{otrust.txt}), you may re-create the trustdb using these commands: @c man:.RS @example @@ -893,7 +893,7 @@ signing. @item delsig @opindex keyedit:delsig Delete a signature. Note that it is not possible to retract a signature, - once it has been send to the public (i.e. to a keyserver). In that case + once it has been send to the public (i.e., to a keyserver). In that case you better use @code{revsig}. @item revsig @@ -927,7 +927,7 @@ signing. @opindex keyedit:deluid Delete a user ID or photographic user ID. Note that it is not possible to retract a user id, once it has been send to the public - (i.e. to a keyserver). In that case you better use @code{revuid}. + (i.e., to a keyserver). In that case you better use @code{revuid}. @item revuid @opindex keyedit:revuid @@ -1047,7 +1047,7 @@ signing. @item delkey @opindex keyedit:delkey Remove a subkey (secondary key). Note that it is not possible to retract - a subkey, once it has been send to the public (i.e. to a keyserver). In + a subkey, once it has been send to the public (i.e., to a keyserver). In that case you better use @code{revkey}. Also note that this only deletes the public part of a key. @@ -1099,7 +1099,7 @@ signing. @item clean @opindex keyedit:clean Compact (by removing all signatures except the selfsig) any user ID - that is no longer usable (e.g. revoked, or expired). Then, remove any + that is no longer usable (e.g., revoked, or expired). Then, remove any signatures that are not usable by the trust calculations. Specifically, this removes any signature that does not validate, any signature that is superseded by a later signature, revoked signatures, @@ -1113,7 +1113,7 @@ signing. @item change-usage @opindex keyedit:change-usage Change the usage flags (capabilities) of the primary key or of - subkeys. These usage flags (e.g. Certify, Sign, Authenticate, + subkeys. These usage flags (e.g., Certify, Sign, Authenticate, Encrypt) are set during key creation. Sometimes it is useful to have the opportunity to change them (for example to add Authenticate) after they have been created. Please take care when @@ -1538,9 +1538,9 @@ will be expanded to a filename containing the photo. "%I" does the same, except the file will not be deleted once the viewer exits. Other flags are "%k" for the key ID, "%K" for the long key ID, "%f" for the key fingerprint, "%t" for the extension of the image type -(e.g. "jpg"), "%T" for the MIME type of the image (e.g. "image/jpeg"), +(e.g., "jpg"), "%T" for the MIME type of the image (e.g., "image/jpeg"), "%v" for the single-character calculated validity of the image being -viewed (e.g. "f"), "%V" for the calculated validity as a string (e.g. +viewed (e.g., "f"), "%V" for the calculated validity as a string (e.g., "full"), "%U" for a base32 encoded hash of the user ID, and "%%" for an actual percent sign. If neither %i or %I are present, then the photo will be supplied to the viewer on standard input. @@ -2019,7 +2019,7 @@ default), that keyserver is tried. Note that the creator of the signature uses the option @option{--sig-keyserver-url} to specify the preferred keyserver for data signatures. -3. If the signature has the Signer's UID set (e.g. using +3. If the signature has the Signer's UID set (e.g., using @option{--sender} while creating the signature) a Web Key Directory (WKD) lookup is done. This is the default configuration but can be disabled by removing WKD from the auto-key-locate list or by using the @@ -2267,7 +2267,7 @@ suppressed on the command line. @itemx --no-require-secmem @opindex require-secmem Refuse to run if GnuPG cannot get secure memory. Defaults to no -(i.e. run, but give a warning). +(i.e., run, but give a warning). @item --require-cross-certification @@ -2397,7 +2397,7 @@ id used to make the signature and embeds that user ID into the created signature (using OpenPGP's ``Signer's User ID'' subpacket). If the option is given multiple times a suitable user ID is picked. However, if the signing key was specified directly by using a mail address -(i.e. not by using a fingerprint or key ID) this option is used and +(i.e., not by using a fingerprint or key ID) this option is used and the mail address is embedded in the created signature. When verifying a signature @var{mbox} is used to restrict the @@ -2506,7 +2506,7 @@ the @option{--status-fd} line ``PROGRESS'' to provide a value for @item --key-origin @var{string}[,@var{url}] @opindex key-origin gpg can track the origin of a key. Certain origins are implicitly -known (e.g. keyserver, web key directory) and set. For a standard +known (e.g., keyserver, web key directory) and set. For a standard import the origin of the keys imported can be set with this option. To list the possible values use "help" for @var{string}. Some origins can store an optional @var{url} argument. That URL can appended to @@ -2674,13 +2674,13 @@ The available properties are: @itemx key_created_d The first is the timestamp a public key or subkey packet was created. The second is the same but given as an ISO string, - e.g. "2016-08-17". (drop-subkey) + e.g., "2016-08-17". (drop-subkey) @item key_expires @itemx key_expires_d The expiration time of a public key or subkey or 0 if it does not expire. The second is the same but given as an ISO date string or - an empty string e.g. "2038-01-19". + an empty string e.g., "2038-01-19". @item fpr The hexified fingerprint of the current subkey or primary key. @@ -2713,7 +2713,7 @@ The available properties are: @itemx sig_created_d The first is the timestamp a signature packet was created. The second is the same but given as an ISO date string, - e.g. "2016-08-17". (drop-sig) + e.g., "2016-08-17". (drop-sig) @item sig_algo A number with the public key algorithm of a signature packet. (drop-sig) @@ -2833,7 +2833,7 @@ obsolete; it does not harm to use it though. @opindex legacy-list-mode Revert to the pre-2.1 public key list mode. This only affects the human readable output and not the machine interface -(i.e. @code{--with-colons}). Note that the legacy format does not +(i.e., @code{--with-colons}). Note that the legacy format does not convey suitable information for elliptic curves. @item --with-fingerprint @@ -2969,7 +2969,7 @@ to safely override the algorithm chosen by the recipient key preferences, as GPG will only select an algorithm that is usable by all recipients. The most highly ranked digest algorithm in this list is also used when signing without encryption -(e.g. @option{--clear-sign} or @option{--sign}). +(e.g., @option{--clear-sign} or @option{--sign}). @item --personal-compress-preferences @var{string} @opindex personal-compress-preferences @@ -2980,7 +2980,7 @@ allows the user to safely override the algorithm chosen by the recipient key preferences, as GPG will only select an algorithm that is usable by all recipients. The most highly ranked compression algorithm in this list is also used when there are no recipient keys -to consider (e.g. @option{--symmetric}). +to consider (e.g., @option{--symmetric}). @item --s2k-cipher-algo @var{name} @opindex s2k-cipher-algo @@ -3006,7 +3006,7 @@ of times (see @option{--s2k-count}). Specify how many times the passphrases mangling for symmetric encryption is repeated. This value may range between 1024 and 65011712 inclusive. The default is inquired from gpg-agent. Note -that not all values in the 1024-65011712 range are legal and if an +that not all values in the 1024--65011712 range are legal and if an illegal value is selected, GnuPG will round up to the nearest legal value. This option is only meaningful if @option{--s2k-mode} is set to the default of 3. @@ -3176,7 +3176,7 @@ however carefully selected to best aid in debugging. @item --debug @var{flags} @opindex debug Set debug flags. All flags are or-ed and @var{flags} may be given -in C syntax (e.g. 0x0042) or as a comma separated list of flag names. +in C syntax (e.g., 0x0042) or as a comma separated list of flag names. To get a list of all supported flags the single word "help" can be used. This option is only useful for debugging and the behavior may change at any time without notice. @@ -3211,7 +3211,7 @@ only useful for certain regression tests. This option is only useful for testing; it sets the system time back or forth to @var{epoch} which is the number of seconds elapsed since the year 1970. Alternatively @var{epoch} may be given as a full ISO -time string (e.g. "20070924T154812"). +time string (e.g., "20070924T154812"). If you suffix @var{epoch} with an exclamation mark (!), the system time will appear to be frozen at the specified time. @@ -3537,7 +3537,7 @@ are: @opindex no-symkey-cache Disable the passphrase cache used for symmetrical en- and decryption. This cache is based on the message specific salt value -(cf. @option{--s2k-mode}). +(cf.@: @option{--s2k-mode}). @item --request-origin @var{origin} @opindex request-origin @@ -4606,7 +4606,7 @@ If you don't give any of them, no user ID is created. @item Expire-Date: @var{iso-date}|(@var{number}[d|w|m|y]) Set the expiration date for the key (and the subkey). It may either -be entered in ISO date format (e.g. "20000815T145012") or as number of +be entered in ISO date format (e.g., "20000815T145012") or as number of days, weeks, month or years after the creation date. The special notation "seconds=N" is also allowed to specify a number of seconds since creation. Without a letter days are assumed. Note that there @@ -4631,7 +4631,7 @@ in the @option{--edit-key} menu. @item Revoker: @var{algo}:@var{fpr} [sensitive] Add a designated revoker to the generated key. Algo is the public key -algorithm of the designated revoker (i.e. RSA=1, DSA=17, etc.) +algorithm of the designated revoker (i.e., RSA=1, DSA=17, etc.) @var{fpr} is the fingerprint of the designated revoker. The optional @samp{sensitive} flag marks the designated revoker as sensitive information. Only v4 keys may be designated revokers. diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi index e976767f6..41eb08d16 100644 --- a/doc/gpgsm.texi +++ b/doc/gpgsm.texi @@ -136,7 +136,7 @@ Run in server mode and wait for commands on the @code{stdin}. Behave as a Dirmngr client issuing the request @var{command} with the optional list of @var{args}. The output of the Dirmngr is printed stdout. Please note that file names given as arguments should have an -absolute file name (i.e. commencing with @code{/}) because they are +absolute file name (i.e., commencing with @code{/}) because they are passed verbatim to the Dirmngr and the working directory of the Dirmngr might not be the same as the one of this client. Currently it is not possible to pass data via stdin to the Dirmngr. @var{command} @@ -259,7 +259,7 @@ optional @var{pattern}. Those pattern consist of a list of user ids @option{--armor} option a few informational lines are prepended before each block. There is one limitation: As there is no commonly agreed upon way to pack more than one certificate into an ASN.1 structure, -the binary export (i.e. without using @option{armor}) works only for +the binary export (i.e., without using @option{armor}) works only for the export of one certificate. Thus it is required to specify a @var{pattern} which yields exactly one certificate. Ephemeral certificate are only exported if all @var{pattern} are given as @@ -462,7 +462,7 @@ line of the @file{trustlist.txt} @opindex force-crl-refresh Tell the dirmngr to reload the CRL for each request. For better performance, the dirmngr will actually optimize this by suppressing -the loading for short time intervals (e.g. 30 minutes). This option +the loading for short time intervals (e.g., 30 minutes). This option is useful to make sure that a fresh CRL is available for certificates hold in the keybox. The suggested way of doing this is by using it along with the option @option{--with-validation} for a key listing @@ -539,7 +539,7 @@ Create PEM encoded output. Default is binary output. @item --base64 @opindex base64 -Create Base-64 encoded output; i.e. PEM without the header lines. +Create Base-64 encoded output; i.e., PEM without the header lines. @item --assume-armor @opindex assume-armor @@ -639,7 +639,7 @@ done with @code{--with-colons}. @item --no-pretty-dn @opindex no-pretty-dn By default gpgsm prints distinguished names (DNs) like the Issuer or -Subject in a more readable format (e.g. using a well defined order of +Subject in a more readable format (e.g., using a well defined order of the parts). However, this format can't be used as input strings. This option reverts printing to standard RFC-2253 format and thus avoids the need to use --dump-cert or --with-colons to get the @@ -747,7 +747,7 @@ key database clear of unneeded certificates stored on smartcards. This option is only useful for testing; it sets the system time back or forth to @var{epoch} which is the number of seconds elapsed since the year 1970. Alternatively @var{epoch} may be given as a full ISO time string -(e.g. "20070924T154812"). +(e.g., "20070924T154812"). @item --with-ephemeral-keys @opindex with-ephemeral-keys @@ -794,7 +794,7 @@ however carefully selected to best aid in debugging. @item --debug @var{flags} @opindex debug Set debug flags. All flags are or-ed and @var{flags} may be given -in C syntax (e.g. 0x0042) or as a comma separated list of flag names. +in C syntax (e.g., 0x0042) or as a comma separated list of flag names. To get a list of all supported flags the single word "help" can be used. This option is only useful for debugging and the behavior may change at any time without notice. @@ -967,9 +967,9 @@ This is plain text file with a few help entries used with @command{gpg} and @command{gpgsm}. The standard file has English help texts; to install localized versions use filenames like @file{help.LL.txt} with LL denoting the locale. GnuPG comes with a set of predefined help -files in the data directory (e.g. @file{@value{DATADIR}/gnupg/help.de.txt}) +files in the data directory (e.g., @file{@value{DATADIR}/gnupg/help.de.txt}) and allows overriding of any help item by help files stored in the -system configuration directory (e.g. @file{@value{SYSCONFDIR}/help.de.txt}). +system configuration directory (e.g., @file{@value{SYSCONFDIR}/help.de.txt}). For a reference of the help file's syntax, please see the installed @file{help.txt} file. @@ -980,7 +980,7 @@ This file is a collection of common certificates used to populated a newly created @file{pubring.kbx}. An administrator may replace this file with a custom one. The format is a concatenation of PEM encoded X.509 certificates. This global file is installed in the data directory -(e.g. @file{@value{DATADIR}/com-certs.pem}). +(e.g., @file{@value{DATADIR}/com-certs.pem}). @end table @@ -1093,7 +1093,7 @@ of a transfer error, a program error or tampering with the message). @end table @item Error verifying a signature -For some reason the signature could not be verified, i.e. it cannot be +For some reason the signature could not be verified, i.e., it cannot be decided whether the signature is valid or invalid. A common reason for this is a missing certificate. @@ -1274,7 +1274,7 @@ provides a regular command line interface which exhibits a full client to this protocol (but uses internal linking). To start @command{gpgsm} as a server the command line the option @code{--server} must be used. Additional options are provided to -select the communication method (i.e. the name of the socket). +select the communication method (i.e., the name of the socket). We assume that the connection has already been established; see the Assuan manual for details. @@ -1338,7 +1338,7 @@ correct. OUTPUT FD[=@var{n}] [--armor|--base64] @end example -Set the file descriptor to be used for the output (i.e. the encrypted +Set the file descriptor to be used for the output (i.e., the encrypted message). Obviously the pipe must be open at that point, the server establishes its own end. If the server returns an error the client should consider this session failed. @@ -1382,7 +1382,7 @@ The decryption is done by using the command @end example It performs the decrypt operation after doing some check on the internal -state (e.g. that all needed data has been set). Because it utilizes +state (e.g., that all needed data has been set). Because it utilizes the GPG-Agent for the session key decryption, there is no need to ask the client for a protecting passphrase - GpgAgent takes care of this by requesting this from the user. diff --git a/doc/howto-create-a-server-cert.texi b/doc/howto-create-a-server-cert.texi index 30e28bdd0..de5a9470f 100644 --- a/doc/howto-create-a-server-cert.texi +++ b/doc/howto-create-a-server-cert.texi @@ -80,7 +80,7 @@ would anyway ignore such a request. Thus just hit enter. If you want to create a client certificate for email encryption, this would be the place to enter your mail address -(e.g. @email{joe@@example.org}). You may enter as many addresses as you like, +(e.g., @email{joe@@example.org}). You may enter as many addresses as you like, however the CA may not accept them all or reject the entire request. @cartouche diff --git a/doc/scdaemon.texi b/doc/scdaemon.texi index 6f56585e6..2c5444e40 100644 --- a/doc/scdaemon.texi +++ b/doc/scdaemon.texi @@ -161,7 +161,7 @@ helpers to debug problems. @item --debug @var{flags} @opindex debug Set debug flags. All flags are or-ed and @var{flags} may be given -in C syntax (e.g. 0x0042) or as a comma separated list of flag names. +in C syntax (e.g., 0x0042) or as a comma separated list of flag names. To get a list of all supported flags the single word "help" can be used. This option is only useful for debugging and the behavior may change at any time without notice. @@ -238,7 +238,7 @@ this option only if you know what you are doing. Use @var{library} to access the smartcard reader. The current default on Unix is @file{libpcsclite.so} and on Windows @file{winscard.dll}. Instead of using this option you might also want to install a symbolic -link to the default file name (e.g. from @file{libpcsclite.so.1}). +link to the default file name (e.g., from @file{libpcsclite.so.1}). A Unicode file name may not be used on Windows. @item --ctapi-driver @var{library} @@ -505,7 +505,7 @@ will return an error when a card change has been detected and the use of this function is therefore required. Background: We want to keep the client clear of handling card changes -between operations; i.e. the client can assume that all operations are +between operations; i.e., the client can assume that all operations are done on the same card unless he call this function. @example @@ -719,7 +719,7 @@ reset the card. This is used by gpg-agent to reuse a primary pipe connection and may be used by clients to backup from a conflict in the serial -command; i.e. to select another application. +command; i.e., to select another application. diff --git a/doc/specify-user-id.texi b/doc/specify-user-id.texi index 64e354bdf..1dc91b6d8 100644 --- a/doc/specify-user-id.texi +++ b/doc/specify-user-id.texi @@ -39,7 +39,7 @@ using the option @option{--with-colons}. @item By fingerprint. This format is deduced from the length of the string and its content or the @code{0x} prefix. Note, that only the 20 byte version fingerprint -is available with @command{gpgsm} (i.e. the SHA-1 hash of the +is available with @command{gpgsm} (i.e., the SHA-1 hash of the certificate). When using @command{gpg} an exclamation mark (!) may be appended to @@ -88,7 +88,7 @@ with left and right angles. @item By partial match on an email address. This is indicated by prefixing the search string with an @code{@@}. This uses a substring search but considers only the mail address -(i.e. inside the angle brackets). +(i.e., inside the angle brackets). @cartouche @example diff --git a/doc/tools.texi b/doc/tools.texi index eefa4f9d6..9cac81e4c 100644 --- a/doc/tools.texi +++ b/doc/tools.texi @@ -124,7 +124,7 @@ $ watchgnupg --time-only @end example This waits for connections on the local socket -(e.g. @file{/var/run/user/1234/gnupg/S.log}) and shows all log +(e.g., @file{/var/run/user/1234/gnupg/S.log}) and shows all log entries. To make this work the option @option{log-file} needs to be used with all modules which logs are to be shown. The suggested entry for the configuration files is: @@ -1247,7 +1247,7 @@ Alternatively an arbitrary string may be used to identify a passphrase; it is suggested that such a string is prefixed with the name of the application (e.g @code{foo:12346}). Scripts should always use the option @option{--with-colons}, which provides the keygrip in a -"grp" line (cf. @file{doc/DETAILS})/ +"grp" line (cf.@: @file{doc/DETAILS})/ @noindent One of the following command options must be given: @@ -1728,7 +1728,7 @@ The return value of this command is @table @code @item 0 -The certificate under question is valid; i.e. there is a valid CRL +The certificate under question is valid; i.e., there is a valid CRL available and it is not listed there or the OCSP request returned that that certificate is valid. @@ -2051,9 +2051,9 @@ This option is deprecated in favor of option @option{--directory}. @item --no-compress @opindex no-compress -This option tells gpg to disable compression (i.e. using option -z0). +This option tells gpg to disable compression (i.e., using option -z0). It is useful for archiving only large files which are are already -compressed (e.g. a set of videos). +compressed (e.g., a set of videos). @item --gpg @var{gpgcmd} @opindex gpg diff --git a/doc/wks.texi b/doc/wks.texi index 26d8b96f6..1959151a1 100644 --- a/doc/wks.texi +++ b/doc/wks.texi @@ -212,7 +212,7 @@ The default is @file{openpgpkey}. @opindex blacklist This option is used to exclude certain mail addresses from a mirror operation. The format of @var{file} is one mail address (just the -addrspec, e.g. "postel@@isi.edu") per line. Empty lines and lines +addrspec, e.g., "postel@@isi.edu") per line. Empty lines and lines starting with a '#' are ignored. @item --add-revocs