Typo fixes. Fixes bug#1093

doc/ChangeLog

@@ -1,5 +1,10 @@
 2009-07-22  Werner Koch  <wk@g10code.com>
 
+	* scdaemon.texi, instguide.texi, gpgsm.texi, sysnotes.texi
+	* glossary.texi, howto-create-a-server-cert.texi, tools.texi
+	* gpg-agent.texi, gpg.texi, debugging.texi: Typo fixes.  Reported
+	by Jeroen Schot.  Fixes bug#1093.
+
 	* gpg.texi (GPG Configuration Options): Tell what files to backup.
 	* sysnotes.texi: Remove some warning notes for W32.
 

doc/debugging.texi

@@ -10,7 +10,7 @@ there is a need to track down problems.  We call this debugging in a
 reminiscent to the moth jamming a relay in a Mark II box back in 1947.
 
 Most of the problems a merely configuration and user problems but
-nevertheless there are the most annoying ones and reponsible for many
+nevertheless there are the most annoying ones and responsible for many
 gray hairs.  We try to give some guidelines here on how to identify and
 solve the problem at hand.
 
@@ -36,7 +36,7 @@ and solving problems.
 @node kbxutil
 @subsection Scrutinizing a keybox file
 
-A keybox is a file fomat used to store public keys along with meta
+A keybox is a file format used to store public keys along with meta
 information and indices.  The commonly used one is the file
 @file{pubring.kbx} in the @file{.gnupg} directory. It contains all
 X.509 certificates as well as OpenPGP keys@footnote{Well, OpenPGP keys
@@ -72,10 +72,10 @@ Total number of blobs:       99
 @end example
 
 In this example you see that the keybox does not have any OpenPGP keys
-but contains 98 X.509 cerificates and a total of 17 keys or certificates
+but contains 98 X.509 certificates and a total of 17 keys or certificates
-are flagges as ephemeral, meaning that they are only temporary stored
+are flagged as ephemeral, meaning that they are only temporary stored
 (cached) in the keybox and won't get listed using the usual commands
-provided by @command{gpgsm} or @command{gpg}. 81 certifcates are stored
+provided by @command{gpgsm} or @command{gpg}. 81 certificates are stored
 in a standard way and directly available from @command{gpgsm}.
 
 @noindent
@@ -171,7 +171,7 @@ Pick the key which best matches the creation time and run the command
   /usr/local/libexec/gpg-protect-tool --p12-export ~/.gnupg/private-keys-v1.d/@var{foo} >@var{foo}.p12
 @end smallexample
 
-(Please adjust the path to @command{gpg-protect-tool} to the approriate
+(Please adjust the path to @command{gpg-protect-tool} to the appropriate
 location). @var{foo} is the name of the key file you picked (it should
 have the suffix @file{.key}).  A Pinentry box will pop up and ask you
 for the current passphrase of the key and a new passphrase to protect it
@@ -205,7 +205,7 @@ fingerprint and this flag may only be added manually to
 
 The signature is broken.  You may try the option
 @option{--extra-digest-algo SHA256} to workaround the problem.  The
-number N is the internal algorighm indentifier; for example 8 refers to
+number N is the internal algorithm identifier; for example 8 refers to
 SHA-256.
 
 

doc/glossary.texi

@@ -17,7 +17,7 @@ certificates.
 signature as the date the validation starts and in turn checks that each
 certificate has been issued within the time frame, the issuing
 certificate was valid.  This allows the verification of signatures after
-the the CA's certificate expired.  The validation test also required an
+the CA's certificate expired.  The validation test also required an
 online check of the certificate status.  The chain model is required by
 the German signature law.  See also @emph{Shell model}.
 
@@ -39,7 +39,7 @@ request is called PCKS#10.
 @item OpenPGP
       A data format used to build a PKI and to exchange encrypted or
 signed messages.  In contrast to X.509, OpenPGP also includes the
-message format but does not explicilty demand a specific PKI.  However
+message format but does not explicitly demand a specific PKI.  However
 any kind of PKI may be build upon the OpenPGP protocol.
 
 @item Keygrip
@@ -60,7 +60,7 @@ on a disk; the latter is often called a Soft-PSE.
 
 @item Shell model
 The standard model for validation of certificates under X.509.  At the
-time of the verification all certifciates must be valid and not expired.
+time of the verification all certificates must be valid and not expired.
 See also @emph{Chain mode}.
 
 

doc/gpg-agent.texi

@@ -61,7 +61,7 @@ to run multiple instance of the @command{gpg-agent}, so you should make
 sure that only one is running: @command{gpg-agent} uses an environment
 variable to inform clients about the communication parameters. You can
 write the content of this environment variable to a file so that you can
-test for a running agent.  Here is an example using Bourne shell synax:
+test for a running agent.  Here is an example using Bourne shell syntax:
 
 @smallexample
 gpg-agent --daemon --enable-ssh-support \
@@ -727,7 +727,7 @@ special command line option is required to activate the use of the
 protocol.
 
 To identify a key we use a thing called keygrip which is the SHA-1 hash
-of an canoncical encoded S-Expression of the the public key as used in
+of an canonical encoded S-Expression of the public key as used in
 Libgcrypt.  For the purpose of this interface the keygrip is given as a
 hex string.  The advantage of using this and not the hash of a
 certificate is that it will be possible to use the same keypair for
@@ -855,7 +855,7 @@ The actual signing is done using
    PKSIGN <options>
 @end example
 
-Options are not yet defined, but my later be used to choosen among
+Options are not yet defined, but my later be used to choose among
 different algorithms.  The agent does then some checks, asks for the
 passphrase and as a result the server returns the signature as an SPKI
 like S-expression in "D" lines:
@@ -957,7 +957,7 @@ Here is an example session:
 @node Agent IMPORT
 @subsection Importing a Secret Key
 
-This operation is not yet supportted by GpgAgent.  Specialized tools
+This operation is not yet supported by GpgAgent.  Specialized tools
 are to be used for this.
 
 There is no actual need because we can expect that secret keys
@@ -976,7 +976,7 @@ Should be done by an extra tool.
 
 Actually we do not import a Root Cert but provide a way to validate
 any piece of data by storing its Hash along with a description and
-an identifier in the PSE.  Here is the interface desription:
+an identifier in the PSE.  Here is the interface description:
 
 @example
     ISTRUSTED <fingerprint>
@@ -1017,7 +1017,7 @@ GpgAgent returns a list of trusted keys line by line:
 @end example
 
 The first item on a line is the hexified fingerprint where MD5
-ingerprints are @code{00} padded to the left and the second item is a
+fingerprints are @code{00} padded to the left and the second item is a
 flag to indicate the type of key (so that gpg is able to only take care
 of PGP keys).  P = OpenPGP, S = S/MIME.  A client should ignore the rest
 of the line, so that we can extend the format in the future.
@@ -1114,7 +1114,7 @@ function returns with OK even when there is no cached passphrase.
 @subsection Ask for confirmation
 
 This command may be used to ask for a simple confirmation by
-presenting a text and 2 bottonts: Okay and Cancel.
+presenting a text and 2 buttons: Okay and Cancel.
 
 @example
   GET_CONFIRMATION @var{description}
@@ -1164,7 +1164,7 @@ option given the certificates are send back.
 @end example
 
 This command is used to interactively change the passphrase of the key
-indentified by the hex string @var{keygrip}.
+identified by the hex string @var{keygrip}.
 
 
 @node Agent UPDATESTARTUPTTY

doc/gpg.texi

@@ -328,7 +328,7 @@ The status of the verification is indicated by a flag directly following
 the "sig" tag (and thus before the flags described above for
 @option{--list-sigs}).  A "!" indicates that the signature has been
 successfully verified, a "-" denotes a bad signature and a "%" is used
-if an error occured while checking the signature (e.g. a non supported
+if an error occurred while checking the signature (e.g. a non supported
 algorithm).
 
 @ifclear gpgone
@@ -2660,7 +2660,7 @@ files; They all live in in the current home directory (@pxref{option
 The secret keyring.  You should backup this file.
 
 @item ~/.gnupg/secring.gpg.lock
-The lock file for teh secret keyring.
+The lock file for the secret keyring.
 
 @item ~/.gnupg/pubring.gpg
 The public keyring.  You should backup this file.
@@ -2710,7 +2710,7 @@ value. The option @option{--gpg-agent-info} can be used to override it.
 
 @item PINENTRY_USER_DATA
 This value is passed via gpg-agent to pinentry.  It is useful to convey
-extra information to a custom pinentry
+extra information to a custom pinentry.
 
 @item COLUMNS
 @itemx LINES
@@ -2719,11 +2719,11 @@ Used to size some displays to the full size of the screen.
 
 @item LANGUAGE
 Apart from its use by GNU, it is used in the W32 version to override the
-language selection done through the Registry.  If used and set to a a
+language selection done through the Registry.  If used and set to a
 valid and available language name (@var{langid}), the file with the
 translation is loaded from
 @code{@var{gpgdir}/gnupg.nls/@var{langid}.mo}.  Here @var{gpgdir} is the
-directory out of which the gpg binary has been laoded.  If it can't be
+directory out of which the gpg binary has been loaded.  If it can't be
 loaded the Registry is tried and as last resort the native Windows
 locale system is used.  
 

doc/gpgsm.texi

@@ -29,7 +29,7 @@
 
 @mansect description
 @command{gpgsm} is a tool similar to @command{gpg} to provide digital
-encryption and signing servicesd on X.509 certificates and the CMS
+encryption and signing services on X.509 certificates and the CMS
 protocol.  It is mainly used as a backend for S/MIME mail processing.
 @command{gpgsm} includes a full features certificate management and
 complies with all rules defined for the German Sphinx project.
@@ -82,7 +82,7 @@ cannot abbreviate this command.
 
 @item --help, -h
 @opindex help
-Print a usage message summarizing the most usefule command-line options.
+Print a usage message summarizing the most useful command-line options.
 Note that you cannot abbreviate this command.
 
 @item --warranty
@@ -123,7 +123,7 @@ in the keybox or those set with the @option{--local-user} option.
 @item --verify
 @opindex verify
 Check a signature file for validity.  Depending on the arguments a
-detached signatrue may also be checked.
+detached signature may also be checked.
  
 @item --server
 @opindex server
@@ -134,7 +134,7 @@ Run in server mode and wait for commands on the @code{stdin}.
 Behave as a Dirmngr client issuing the request @var{command} with the
 optional list of @var{args}.  The output of the Dirmngr is printed
 stdout.  Please note that file names given as arguments should have an
-absulte file name (i.e. commencing with @code{/} because they are
+absolute file name (i.e. commencing with @code{/} because they are
 passed verbatim to the Dirmngr and the working directory of the
 Dirmngr might not be the same as the one of this client.  Currently it
 is not possible to pass data via stdin to the Dirmngr.  @var{command}
@@ -219,7 +219,7 @@ mainly for debugging.
 @opindex keydb-clear-some-cert-flags
 This is a debugging aid to reset certain flags in the key database
 which are used to cache certain certificate stati.  It is especially
-useful if a bad CRL or a weird running OCSP reponder did accidently
+useful if a bad CRL or a weird running OCSP responder did accidentally
 revoke certificate.  There is no security issue with this command
 because @command{gpgsm} always make sure that the validity of a certificate is
 checked right before it is used.
@@ -304,7 +304,7 @@ and to change the default configuration.
 @node Configuration Options
 @subsection How to change the configuration
 
-These options are used to change the configuraton and are usually found
+These options are used to change the configuration and are usually found
 in the option file.
 
 @table @gnupgtabopt
@@ -335,7 +335,7 @@ Change the default name of the policy file to @var{filename}.
 @opindex agent-program
 Specify an agent program to be used for secret key operations.  The
 default value is the @file{/usr/local/bin/gpg-agent}.  This is only used
-as a fallback when the envrionment variable @code{GPG_AGENT_INFO} is not
+as a fallback when the environment variable @code{GPG_AGENT_INFO} is not
 set or a running agent can't be connected.
   
 @item --dirmngr-program @var{file}
@@ -408,7 +408,7 @@ line of the @file{trustlist.txt}
 @opindex force-crl-refresh
 Tell the dirmngr to reload the CRL for each request.  For better
 performance, the dirmngr will actually optimize this by suppressing
-the loading for short time intervalls (e.g. 30 minutes). This option
+the loading for short time intervals (e.g. 30 minutes). This option
 is useful to make sure that a fresh CRL is available for certificates
 hold in the keybox.  The suggested way of doing this is by using it
 along with the option @option{--with-validation} for a key listing
@@ -430,7 +430,7 @@ so you will get the error code @samp{Not supported}.
 @opindex auto-issuer-key-retrieve
 If a required certificate is missing while validating the chain of
 certificates, try to load that certificate from an external location.
-This usually means that Dirmngr is employed t search for the
+This usually means that Dirmngr is employed to search for the
 certificate.  Note that this option makes a "web bug" like behavior
 possible.  LDAP server operators can see which keys you request, so by
 sending you a message signed by a brand new key (which you naturally
@@ -537,7 +537,7 @@ requires a CRL lookup and other operations.
 
 When used along with --import, a validation of the certificate to
 import is done and only imported if it succeeds the test.  Note that
-this does not affect an already available cwertificate in the DB.
+this does not affect an already available certificate in the DB.
 This option is therefore useful to simply verify a certificate.
 
 
@@ -592,7 +592,7 @@ interoperability problems.
 @opindex extra-digest-algo
 Sometimes signatures are broken in that they announce a different digest
 algorithm than actually used.  @command{gpgsm} uses a one-pass data
-processing model and thus needs to rely on the announcde digest
+processing model and thus needs to rely on the announced digest
 algorithms to properly hash the data.  As a workaround this option may
 be used to tell gpg to also hash the data using the algorithm
 @var{name}; this slows processing down a little bit but allows to verify
@@ -605,7 +605,7 @@ with @samp{SHA256} for @var{name}.
 @opindex faked-system-time
 This option is only useful for testing; it sets the system time back or
 forth to @var{epoch} which is the number of seconds elapsed since the year
-1970.  Alternativly @var{epoch} may be given as a full ISO time string
+1970.  Alternatively @var{epoch} may be given as a full ISO time string
 (e.g. "20070924T154812").
 
 @item --with-ephemeral-keys
@@ -662,7 +662,7 @@ write hashed data to files named @code{dbgmd-000*}
 trace Assuan protocol
 @end table
 
-Note, that all flags set using this option may get overriden by
+Note, that all flags set using this option may get overridden by
 @code{--debug-level}.
 
 @item --debug-all
@@ -685,7 +685,7 @@ lets @command{gpgsm} bypass all certificate chain validation checks.
 @item --debug-ignore-expiration
 @opindex debug-ignore-expiration
 This is actually not a debugging option but only useful as such.  It
-lets @command{gpgsm} ignore all notAfter dates, this is used by the regresssion
+lets @command{gpgsm} ignore all notAfter dates, this is used by the regression
 tests.
 
 @item --fixed-passphrase @var{string}
@@ -820,10 +820,10 @@ X.509 certificates.  This global file is installed in the data directory
 @c man:.RE
 Note that on larger installations, it is useful to put predefined files
 into the directory @file{/etc/skel/.gnupg/} so that newly created users
-start up with a working configuration.  For existing users the a small
+start up with a working configuration.  For existing users a small
 helper script is provided to create these files (@pxref{addgnupghome}).
 
-For internal purposes gpgsm creates and maintaines a few other files;
+For internal purposes gpgsm creates and maintains a few other files;
 they all live in in the current home directory (@pxref{option
 --homedir}).  Only @command{gpgsm} may modify these files.
 
@@ -839,7 +839,7 @@ this file.
 @item random_seed
 @cindex random_seed
 This content of this file is used to maintain the internal state of the
-random number generator accross invocations.  The same file is used by
+random number generator across invocations.  The same file is used by
 other programs of this software too.
 
 @item S.gpg-agent
@@ -848,7 +848,7 @@ If this file exists and the environment variable @env{GPG_AGENT_INFO} is
 not set, @command{gpgsm} will first try to connect to this socket for
 accessing @command{gpg-agent} before starting a new @command{gpg-agent}
 instance.  Under Windows this socket (which in reality be a plain file
-describing a regular TCP litening port) is the standard way of
+describing a regular TCP listening port) is the standard way of
 connecting the @command{gpg-agent}.
 
 @end table
@@ -894,7 +894,7 @@ but may also be used in the standard operation mode by using the
 
 It is very important to understand the semantics used with signature
 verification.  Checking a signature is not as simple as it may sound and
-so the ooperation si a bit complicated.  In mosted cases it is required
+so the operation is a bit complicated.  In most cases it is required
 to look at several status lines.  Here is a table of all cases a signed
 message may have:
 
@@ -919,7 +919,7 @@ these status codes:
 
 @item The signature is invalid
 This means that the signature verification failed (this is an indication
-of af a transfer error, a programm error or tampering with the message).
+of af a transfer error, a program error or tampering with the message).
 @command{gpgsm} issues one of these status codes sequences:
   @table @code
   @item  @code{BADSIG}
@@ -971,7 +971,7 @@ Assuan manual for details.
 @node GPGSM ENCRYPT
 @subsection Encrypting a Message
 
-Before encrytion can be done the recipient must be set using the
+Before encryption can be done the recipient must be set using the
 command:
 
 @example
@@ -1086,7 +1086,7 @@ Sign the data set with the INPUT command and write it to the sink set by
 OUTPUT.  With @code{--detached}, a detached signature is created
 (surprise).
 
-The key used for signining is the default one or the one specified in
+The key used for signing is the default one or the one specified in
 the configuration file.  To get finer control over the keys, it is
 possible to use the command
 
@@ -1226,7 +1226,7 @@ To import certificates into the internal key database, the command
 @end example
 
 is used.  The data is expected on the file descriptor set with the
-@code{INPUT} command.  Certain checks are performend on the
+@code{INPUT} command.  Certain checks are performed on the
 certificate.  Note that the code will also handle PKCS#12 files and
 import private keys; a helper program is used for that.
 

doc/howto-create-a-server-cert.texi

@@ -251,7 +251,7 @@ which a private key is available.  To see more details, you may use
 
 
 To make actual use of the certificate you need to install it on your
-server. Server software usally expects a PKCS\#12 file with key and
+server. Server software usually expects a PKCS\#12 file with key and
 certificate. To create such a file, run:
 
 @cartouche

doc/instguide.texi

@@ -36,15 +36,15 @@ to get certificates into this list:
 @itemize
 @item
 Use the list which comes with GnuPG. However this list only
-contains a few root certifciates.  Most installations will need more.
+contains a few root certificates.  Most installations will need more.
 
 @item
 Let @command{gpgsm} ask you whether you want to insert a new root
 certificate.  To enable this feature you need to set the option
 @option{allow-mark-trusted} into @file{gpg-agent.conf}.  In general it
 is not a good idea to do it this way.  Checking whether a root
-certificate is really trustworthy requires a decsions, which casual
+certificate is really trustworthy requires decisions, which casual
-usuers are not up to.  Thus, by default this option is not enabled.
+users are not up to.  Thus, by default this option is not enabled.
 
 @item 
 Manually maintain the list of trusted root certificates. For a multi

doc/scdaemon.texi

@@ -69,7 +69,7 @@ abbreviate this command.
 
 @item --help, -h
 @opindex help
-Print a usage message summarizing the most usefule command-line options.
+Print a usage message summarizing the most useful command-line options.
 Not that you can abbreviate this command.
 
 @item --dump-options
@@ -91,7 +91,7 @@ may be used to get the name of that extra socket.
 @item --daemon
 @opindex daemon
 Run the program in the background.  This option is required to prevent
-it from being accidently running in the background.
+it from being accidentally running in the background.
 
 @end table
 
@@ -267,7 +267,7 @@ accessing the card takes longer and that the user needs to enter the
 PIN again after the next power up.
 
 Note that with the current version of Scdaemon the card is powered
-down immediatley at the next timer tick for any value of @var{n} other
+down immediately at the next timer tick for any value of @var{n} other
 than 0.
 
 
@@ -342,7 +342,7 @@ the German signature law and its bylaws (SigG and SigV).
 @node PKCS#15 Card
 @subsection The PKCS#15 card application ``p15''
 
-This is common fraqmework for smart card applications.  It is used by
+This is common framework for smart card applications.  It is used by
 @command{gpgsm}.
 
 @node Geldkarte Card
@@ -413,7 +413,7 @@ $ scdaemon --server -v
 
 The SC-Daemon should be started by the system to provide access to
 external tokens.  Using Smartcards on a multi-user system does not
-make much sense expcet for system services, but in this case no
+make much sense expect for system services, but in this case no
 regular user accounts are hosted on the machine.
 
 A client connects to the SC-Daemon by connecting to the socket named
@@ -421,7 +421,7 @@ A client connects to the SC-Daemon by connecting to the socket named
 @var{/etc/scdaemon.conf}
 
 Each connection acts as one session, SC-Daemon takes care of
-syncronizing access to a token between sessions.
+synchronizing access to a token between sessions.
 
 @menu
 * Scdaemon SERIALNO::     Return the serial number.
@@ -457,7 +457,7 @@ done on the same card unless he call this function.
   SERIALNO
 @end example
 
-Return the serial number of the card using a status reponse like:
+Return the serial number of the card using a status response like:
 
 @example
   S SERIALNO D27600000000000000000000 0
@@ -505,7 +505,7 @@ returned in @var{hexstring_with_keygrip}.
 
 This function is used to read a certificate identified by
 @var{hexified_certid} from the card.  With OpenPGP cards the keyid
-@code{OpenPGP.3} may be used to rad the certticate of version 2 cards.
+@code{OpenPGP.3} may be used to rad the certificate of version 2 cards.
 
 
 @node Scdaemon READKEY
@@ -584,7 +584,7 @@ TO BE WRITTEN.
   WRITEKEY [--force] @var{keyid}
 @end example
 
-This command is used to store a secret key on a a smartcard.  The
+This command is used to store a secret key on a smartcard.  The
 allowed keyids depend on the currently selected smartcard
 application. The actual keydata is requested using the inquiry
 @code{KEYDATA} and need to be provided without any protection.  With
@@ -592,7 +592,7 @@ application. The actual keydata is requested using the inquiry
 overwritten.  The key data is expected to be the usual canonical encoded
 S-expression.
 
-A PIN will be requested in most saes.  This however depends on the
+A PIN will be requested in most cases.  This however depends on the
 actual card application.
 
 
@@ -687,7 +687,7 @@ message before any data like this:
 @end example
 
 Using the option @code{--more} handles the card status word MORE_DATA
-(61xx) and concatenate all reponses to one block.
+(61xx) and concatenate all responses to one block.
 
 Using the option @code{--exlen} the returned APDU may use extended
 length up to N bytes.  If N is not given a default value is used

doc/sysnotes.texi

@@ -6,7 +6,7 @@
 @chapter Notes pertaining to certain OSes.
 
 GnuPG has been developed on GNU/Linux systems and is know to work on
-almost all Free OSes.  All modern POSIX systems should be supproted
+almost all Free OSes.  All modern POSIX systems should be supported
 right now, however there are probably a lot of smaller glitches we need
 to fix first.  The major problem areas are:
 
@@ -14,7 +14,7 @@ to fix first.  The major problem areas are:
 @item 
 For logging to sockets and other internal operations the
 @code{fopencookie} function (@code{funopen} under *BSD) is used.  This
-is a very convient function which makes it possible to create outputs in
+is a very convenient function which makes it possible to create outputs in
 a structures and easy maintainable way.  The drawback however is that
 most proprietary OSes don't support this function.  At g10@tie{}Code we
 have looked into several ways on how to overcome this limitation but no
@@ -37,12 +37,12 @@ formatted as pretty as theyshould be and @command{gpgsm}'s
 We are planning to use file descriptor passing for interprocess
 communication.  This will allow us save a lot of resources and improve
 performance of certain operations a lot.  Systems not supporting this
-won't gain these benefits but we try to keep them working the satndard
+won't gain these benefits but we try to keep them working the standard
 way as it is done today.
 
 @item
 We require more or less full POSIX compatibility.  This has been
-arround for 15 years now and thus we don't believe it makes sense to
+around for 15 years now and thus we don't believe it makes sense to
 support non POSIX systems anymore.  Well, we of course the usual
 workarounds for near POSIX systems well be applied.
 

doc/tools.texi

@@ -334,7 +334,7 @@ never contain any special characters.
 Some fields contain strings that are described to be
 @emph{percent-escaped}.  Such strings need to be de-escaped before
 their content can be presented to the user.  A percent-escaped string
-is de-escaped by replacing all occurences of @code{%XY} by the byte
+is de-escaped by replacing all occurrences of @code{%XY} by the byte
 that has the hexadecimal value @code{XY}.  @code{X} and @code{Y} are
 from the set @code{0-9a-f}.
 
@@ -477,7 +477,7 @@ dirmngr:Directory Manager:/usr/local/bin/dirmngr:
 
 The command @code{--check-programs} is similar to
 @code{--list-components} but works on backend programs and not on
-components.  It runs each program to test wether it is installed and
+components.  It runs each program to test whether it is installed and
 runnable.  This also includes a syntax check of all config file options
 of the program.
 
@@ -514,17 +514,17 @@ The @emph{boolean value} in this field indicates whether the program's
 config file is syntactically okay.
 
 @item cfgfile
-If an error occured in the configuraion file (as indicated by a false
+If an error occurred in the configuration file (as indicated by a false
 value in the field @code{okay}), this field has the name of the failing
 configuration file.  It is @emph{percent-escaped}.
 
 @item line
-If an error occured in the configuration file, this field has the line
+If an error occurred in the configuration file, this field has the line
 number of the failing statement in the configuration file.  
 It is an @emph{unsigned number}.
 
 @item error
-If an error occured in the configuration file, this field has the error
+If an error occurred in the configuration file, this field has the error
 text of the failing statement in the configuration file.  It is
 @emph{percent-escaped} and @emph{localized}.
 
@@ -747,7 +747,7 @@ no argument is given.
 @item value
 This field is defined only for options.  Its format is that of an
 @emph{option argument}.  If it is empty, then the option is not
-explicitely set in the current configuration, and the default applies
+explicitly set in the current configuration, and the default applies
 (if any).  Otherwise, it contains the current value of the option.
 Note that this field is also meaningful if the option itself does not
 take a real argument (in this case, it contains the number of times
@@ -865,7 +865,7 @@ empty string.
 @end table
 
 @noindent
-Unknown record typs should be ignored.  Note that there is intentionally
+Unknown record types should be ignored.  Note that there is intentionally
 no feature to change the global option file through @command{gpgconf}.
 
 
@@ -947,7 +947,7 @@ applygnupgdefaults
 @end ifset
 
 @mansect description
-This is a simple tool to interactivly generate a certificate request
+This is a simple tool to interactively generate a certificate request
 which will be printed to stdout.
 
 @manpause
@@ -1192,7 +1192,7 @@ Just print @var{args}.
 @item /let @var{name} @var{value}
 Set the variable @var{name} to @var{value}.  Variables are only
 substituted on the input if the @command{/subst} has been used.
-Variables are referenced by prefixing the name with a dollr sign and
+Variables are referenced by prefixing the name with a dollar sign and
 optionally include the name in curly braces.  The rules for a valid name
 are identically to those of the standard bourne shell.  This is not yet
 enforced but may be in the future.  When used with curly braces no
@@ -1237,14 +1237,14 @@ the function name.
 
 @item unpercent @var{args}
 @itemx unpercent+ @var{args}
-Remove percent style ecaping from @var{args}.  Note that @code{%00}
+Remove percent style escaping from @var{args}.  Note that @code{%00}
 terminates the string implicitly.  The string to be converted are the
 entire arguments right behind the delimiting space of the function
 name. @code{unpercent+} also maps plus signs to a spaces.
 
 @item percent @var{args}
 @itemx percent+ @var{args}
-Escape the @var{args} using percent style ecaping.  Tabs, formfeeds,
+Escape the @var{args} using percent style escaping.  Tabs, formfeeds,
 linefeeds, carriage returns and colons are escaped. @code{percent+} also
 maps spaces to plus signs.
 
@@ -1290,9 +1290,9 @@ entire line to it as command line arguments.
 
 @item /datafile @var{name}
 Write all data lines from the server to the file @var{name}.  The file
-is opened for writing and created if it does not exists.  An existsing
+is opened for writing and created if it does not exists.  An existing
 file is first truncated to 0.  The data written to the file fully
-decoded.  Using a singel dash for @var{name} writes to stdout.  The
+decoded.  Using a single dash for @var{name} writes to stdout.  The
 file is kept open until a new file is set using this command or this
 command is used without an argument.
 
@@ -1466,7 +1466,7 @@ argument @var{inputfile}, and the ciphertext will be output to STDOUT.
 For decryption vice versa.
 
 @var{CLASS} describes the calling conventions of the external tool.
-Currently it must be given as @samp{confucius}.  @var{PROGRAM} is the
+Currently it must be given as @samp{confucius}.  @var{PROGRAM} is
 the full filename of that external tool.
  
 For the class @samp{confucius} the option @option{--keyfile} is
@@ -1499,7 +1499,7 @@ Try to be as quiet as possible.
 @item --log-file @var{file}
 @opindex log-file
 Append all logging output to @var{file}.  Default is to write logging
-informaton to STDERR.
+information to STDERR.
 
 @end table