Index: doc/debugging.texi =================================================================== --- doc/debugging.texi +++ doc/debugging.texi @@ -10,7 +10,7 @@ reminiscent to the moth jamming a relay in a Mark II box back in 1947. Most of the problems a merely configuration and user problems but -nevertheless there are the most annoying ones and reponsible for many +nevertheless there are the most annoying ones and responsible for many gray hairs. We try to give some guidelines here on how to identify and solve the problem at hand. @@ -36,7 +36,7 @@ @node kbxutil @subsection Scrutinizing a keybox file -A keybox is a file fomat used to store public keys along with meta +A keybox is a file format used to store public keys along with meta information and indices. The commonly used one is the file @file{pubring.kbx} in the @file{.gnupg} directory. It contains all X.509 certificates as well as OpenPGP keys@footnote{Well, OpenPGP keys @@ -72,10 +72,10 @@ @end example In this example you see that the keybox does not have any OpenPGP keys -but contains 98 X.509 cerificates and a total of 17 keys or certificates -are flagges as ephemeral, meaning that they are only temporary stored +but contains 98 X.509 certificates and a total of 17 keys or certificates +are flagged as ephemeral, meaning that they are only temporary stored (cached) in the keybox and won't get listed using the usual commands -provided by @command{gpgsm} or @command{gpg}. 81 certifcates are stored +provided by @command{gpgsm} or @command{gpg}. 81 certificates are stored in a standard way and directly available from @command{gpgsm}. @noindent @@ -137,7 +137,7 @@ SSH has no way to tell the gpg-agent what terminal or X display it is running on. So when remotely logging into a box where a gpg-agent with SSH support is running, the pinentry will get popped up on whatever -display t he gpg-agent has been started. To solve this problem you may +display the gpg-agent has been started. To solve this problem you may issue the command @smallexample @@ -171,7 +171,7 @@ /usr/local/libexec/gpg-protect-tool --p12-export ~/.gnupg/private-keys-v1.d/@var{foo} >@var{foo}.p12 @end smallexample -(Please adjust the path to @command{gpg-protect-tool} to the approriate +(Please adjust the path to @command{gpg-protect-tool} to the appropriate location). @var{foo} is the name of the key file you picked (it should have the suffix @file{.key}). A Pinentry box will pop up and ask you for the current passphrase of the key and a new passphrase to protect it @@ -205,7 +205,7 @@ The signature is broken. You may try the option @option{--extra-digest-algo SHA256} to workaround the problem. The -number N is the internal algorighm indentifier; for example 8 refers to +number N is the internal algorithm identifier; for example 8 refers to SHA-256. Index: doc/glossary.texi =================================================================== --- doc/glossary.texi +++ doc/glossary.texi @@ -17,7 +17,7 @@ signature as the date the validation starts and in turn checks that each certificate has been issued within the time frame, the issuing certificate was valid. This allows the verification of signatures after -the the CA's certificate expired. The validation test also required an +the CA's certificate expired. The validation test also required an online check of the certificate status. The chain model is required by the German signature law. See also @emph{Shell model}. @@ -39,7 +39,7 @@ @item OpenPGP A data format used to build a PKI and to exchange encrypted or signed messages. In contrast to X.509, OpenPGP also includes the -message format but does not explicilty demand a specific PKI. However +message format but does not explicitly demand a specific PKI. However any kind of PKI may be build upon the OpenPGP protocol. @item Keygrip @@ -60,7 +60,7 @@ @item Shell model The standard model for validation of certificates under X.509. At the -time of the verification all certifciates must be valid and not expired. +time of the verification all certificates must be valid and not expired. See also @emph{Chain mode}. Index: doc/gpg-agent.texi =================================================================== --- doc/gpg-agent.texi +++ doc/gpg-agent.texi @@ -61,7 +61,7 @@ sure that only one is running: @command{gpg-agent} uses an environment variable to inform clients about the communication parameters. You can write the content of this environment variable to a file so that you can -test for a running agent. Here is an example using Bourne shell synax: +test for a running agent. Here is an example using Bourne shell syntax: @smallexample gpg-agent --daemon --enable-ssh-support \ @@ -727,7 +727,7 @@ protocol. To identify a key we use a thing called keygrip which is the SHA-1 hash -of an canoncical encoded S-Expression of the the public key as used in +of an canonical encoded S-Expression of the public key as used in Libgcrypt. For the purpose of this interface the keygrip is given as a hex string. The advantage of using this and not the hash of a certificate is that it will be possible to use the same keypair for @@ -855,7 +855,7 @@ PKSIGN @end example -Options are not yet defined, but my later be used to choosen among +Options are not yet defined, but my later be used to choose among different algorithms. The agent does then some checks, asks for the passphrase and as a result the server returns the signature as an SPKI like S-expression in "D" lines: @@ -957,7 +957,7 @@ @node Agent IMPORT @subsection Importing a Secret Key -This operation is not yet supportted by GpgAgent. Specialized tools +This operation is not yet supported by GpgAgent. Specialized tools are to be used for this. There is no actual need because we can expect that secret keys @@ -976,7 +976,7 @@ Actually we do not import a Root Cert but provide a way to validate any piece of data by storing its Hash along with a description and -an identifier in the PSE. Here is the interface desription: +an identifier in the PSE. Here is the interface description: @example ISTRUSTED @@ -1017,7 +1017,7 @@ @end example The first item on a line is the hexified fingerprint where MD5 -ingerprints are @code{00} padded to the left and the second item is a +fingerprints are @code{00} padded to the left and the second item is a flag to indicate the type of key (so that gpg is able to only take care of PGP keys). P = OpenPGP, S = S/MIME. A client should ignore the rest of the line, so that we can extend the format in the future. @@ -1114,7 +1114,7 @@ @subsection Ask for confirmation This command may be used to ask for a simple confirmation by -presenting a text and 2 bottonts: Okay and Cancel. +presenting a text and 2 buttons: Okay and Cancel. @example GET_CONFIRMATION @var{description} @@ -1164,7 +1164,7 @@ @end example This command is used to interactively change the passphrase of the key -indentified by the hex string @var{keygrip}. +identified by the hex string @var{keygrip}. @node Agent UPDATESTARTUPTTY Index: doc/gpg.texi =================================================================== --- doc/gpg.texi +++ doc/gpg.texi @@ -328,7 +328,7 @@ the "sig" tag (and thus before the flags described above for @option{--list-sigs}). A "!" indicates that the signature has been successfully verified, a "-" denotes a bad signature and a "%" is used -if an error occured while checking the signature (e.g. a non supported +if an error occurred while checking the signature (e.g. a non supported algorithm). @ifclear gpgone @@ -2660,7 +2660,7 @@ The secret keyring. You should backup this file. @item ~/.gnupg/secring.gpg.lock -The lock file for teh secret keyring. +The lock file for the secret keyring. @item ~/.gnupg/pubring.gpg The public keyring. You should backup this file. @@ -2676,7 +2676,7 @@ The lock file for the trust database. @item ~/.gnupg/random_seed -A file used to preserve the state of theinternal random pool. +A file used to preserve the state of the internal random pool. @item /usr[/local]/share/gnupg/options.skel The skeleton options file. @@ -2710,7 +2710,7 @@ @item PINENTRY_USER_DATA This value is passed via gpg-agent to pinentry. It is useful to convey -extra information to a custom pinentry +extra information to a custom pinentry. @item COLUMNS @itemx LINES @@ -2719,11 +2719,11 @@ @item LANGUAGE Apart from its use by GNU, it is used in the W32 version to override the -language selection done through the Registry. If used and set to a a +language selection done through the Registry. If used and set to a valid and available language name (@var{langid}), the file with the translation is loaded from @code{@var{gpgdir}/gnupg.nls/@var{langid}.mo}. Here @var{gpgdir} is the -directory out of which the gpg binary has been laoded. If it can't be +directory out of which the gpg binary has been loaded. If it can't be loaded the Registry is tried and as last resort the native Windows locale system is used. Index: doc/gpgsm.texi =================================================================== --- doc/gpgsm.texi +++ doc/gpgsm.texi @@ -29,7 +29,7 @@ @mansect description @command{gpgsm} is a tool similar to @command{gpg} to provide digital -encryption and signing servicesd on X.509 certificates and the CMS +encryption and signing services on X.509 certificates and the CMS protocol. It is mainly used as a backend for S/MIME mail processing. @command{gpgsm} includes a full features certificate management and complies with all rules defined for the German Sphinx project. @@ -82,7 +82,7 @@ @item --help, -h @opindex help -Print a usage message summarizing the most usefule command-line options. +Print a usage message summarizing the most useful command-line options. Note that you cannot abbreviate this command. @item --warranty @@ -123,7 +123,7 @@ @item --verify @opindex verify Check a signature file for validity. Depending on the arguments a -detached signatrue may also be checked. +detached signature may also be checked. @item --server @opindex server @@ -134,7 +134,7 @@ Behave as a Dirmngr client issuing the request @var{command} with the optional list of @var{args}. The output of the Dirmngr is printed stdout. Please note that file names given as arguments should have an -absulte file name (i.e. commencing with @code{/} because they are +absolute file name (i.e. commencing with @code{/} because they are passed verbatim to the Dirmngr and the working directory of the Dirmngr might not be the same as the one of this client. Currently it is not possible to pass data via stdin to the Dirmngr. @var{command} @@ -219,7 +219,7 @@ @opindex keydb-clear-some-cert-flags This is a debugging aid to reset certain flags in the key database which are used to cache certain certificate stati. It is especially -useful if a bad CRL or a weird running OCSP reponder did accidently +useful if a bad CRL or a weird running OCSP responder did accidentally revoke certificate. There is no security issue with this command because @command{gpgsm} always make sure that the validity of a certificate is checked right before it is used. @@ -286,7 +286,7 @@ @node GPGSM Options @section Option Summary -@command{GPGSM} comes features a bunch ofoptions to control the exact behaviour +@command{GPGSM} comes features a bunch of options to control the exact behaviour and to change the default configuration. @menu @@ -304,7 +304,7 @@ @node Configuration Options @subsection How to change the configuration -These options are used to change the configuraton and are usually found +These options are used to change the configuration and are usually found in the option file. @table @gnupgtabopt @@ -335,7 +335,7 @@ @opindex agent-program Specify an agent program to be used for secret key operations. The default value is the @file{/usr/local/bin/gpg-agent}. This is only used -as a fallback when the envrionment variable @code{GPG_AGENT_INFO} is not +as a fallback when the environment variable @code{GPG_AGENT_INFO} is not set or a running agent can't be connected. @item --dirmngr-program @var{file} @@ -408,7 +408,7 @@ @opindex force-crl-refresh Tell the dirmngr to reload the CRL for each request. For better performance, the dirmngr will actually optimize this by suppressing -the loading for short time intervalls (e.g. 30 minutes). This option +the loading for short time intervals (e.g. 30 minutes). This option is useful to make sure that a fresh CRL is available for certificates hold in the keybox. The suggested way of doing this is by using it along with the option @option{--with-validation} for a key listing @@ -430,7 +430,7 @@ @opindex auto-issuer-key-retrieve If a required certificate is missing while validating the chain of certificates, try to load that certificate from an external location. -This usually means that Dirmngr is employed t search for the +This usually means that Dirmngr is employed to search for the certificate. Note that this option makes a "web bug" like behavior possible. LDAP server operators can see which keys you request, so by sending you a message signed by a brand new key (which you naturally @@ -537,7 +537,7 @@ When used along with --import, a validation of the certificate to import is done and only imported if it succeeds the test. Note that -this does not affect an already available cwertificate in the DB. +this does not affect an already available certificate in the DB. This option is therefore useful to simply verify a certificate. @@ -592,7 +592,7 @@ @opindex extra-digest-algo Sometimes signatures are broken in that they announce a different digest algorithm than actually used. @command{gpgsm} uses a one-pass data -processing model and thus needs to rely on the announcde digest +processing model and thus needs to rely on the announced digest algorithms to properly hash the data. As a workaround this option may be used to tell gpg to also hash the data using the algorithm @var{name}; this slows processing down a little bit but allows to verify @@ -605,7 +605,7 @@ @opindex faked-system-time This option is only useful for testing; it sets the system time back or forth to @var{epoch} which is the number of seconds elapsed since the year -1970. Alternativly @var{epoch} may be given as a full ISO time string +1970. Alternatively @var{epoch} may be given as a full ISO time string (e.g. "20070924T154812"). @item --with-ephemeral-keys @@ -662,7 +662,7 @@ trace Assuan protocol @end table -Note, that all flags set using this option may get overriden by +Note, that all flags set using this option may get overridden by @code{--debug-level}. @item --debug-all @@ -685,7 +685,7 @@ @item --debug-ignore-expiration @opindex debug-ignore-expiration This is actually not a debugging option but only useful as such. It -lets @command{gpgsm} ignore all notAfter dates, this is used by the regresssion +lets @command{gpgsm} ignore all notAfter dates, this is used by the regression tests. @item --fixed-passphrase @var{string} @@ -820,10 +820,10 @@ @c man:.RE Note that on larger installations, it is useful to put predefined files into the directory @file{/etc/skel/.gnupg/} so that newly created users -start up with a working configuration. For existing users the a small +start up with a working configuration. For existing users a small helper script is provided to create these files (@pxref{addgnupghome}). -For internal purposes gpgsm creates and maintaines a few other files; +For internal purposes gpgsm creates and maintains a few other files; they all live in in the current home directory (@pxref{option --homedir}). Only @command{gpgsm} may modify these files. @@ -839,7 +839,7 @@ @item random_seed @cindex random_seed This content of this file is used to maintain the internal state of the -random number generator accross invocations. The same file is used by +random number generator across invocations. The same file is used by other programs of this software too. @item S.gpg-agent @@ -848,7 +848,7 @@ not set, @command{gpgsm} will first try to connect to this socket for accessing @command{gpg-agent} before starting a new @command{gpg-agent} instance. Under Windows this socket (which in reality be a plain file -describing a regular TCP litening port) is the standard way of +describing a regular TCP listening port) is the standard way of connecting the @command{gpg-agent}. @end table @@ -894,7 +894,7 @@ It is very important to understand the semantics used with signature verification. Checking a signature is not as simple as it may sound and -so the ooperation si a bit complicated. In mosted cases it is required +so the operation is a bit complicated. In most cases it is required to look at several status lines. Here is a table of all cases a signed message may have: @@ -919,7 +919,7 @@ @item The signature is invalid This means that the signature verification failed (this is an indication -of af a transfer error, a programm error or tampering with the message). +of af a transfer error, a program error or tampering with the message). @command{gpgsm} issues one of these status codes sequences: @table @code @item @code{BADSIG} @@ -971,7 +971,7 @@ @node GPGSM ENCRYPT @subsection Encrypting a Message -Before encrytion can be done the recipient must be set using the +Before encryption can be done the recipient must be set using the command: @example @@ -1086,7 +1086,7 @@ OUTPUT. With @code{--detached}, a detached signature is created (surprise). -The key used for signining is the default one or the one specified in +The key used for signing is the default one or the one specified in the configuration file. To get finer control over the keys, it is possible to use the command @@ -1226,7 +1226,7 @@ @end example is used. The data is expected on the file descriptor set with the -@code{INPUT} command. Certain checks are performend on the +@code{INPUT} command. Certain checks are performed on the certificate. Note that the code will also handle PKCS#12 files and import private keys; a helper program is used for that. Index: doc/howto-create-a-server-cert.texi =================================================================== --- doc/howto-create-a-server-cert.texi +++ doc/howto-create-a-server-cert.texi @@ -251,7 +251,7 @@ To make actual use of the certificate you need to install it on your -server. Server software usally expects a PKCS\#12 file with key and +server. Server software usually expects a PKCS\#12 file with key and certificate. To create such a file, run: @cartouche Index: doc/instguide.texi =================================================================== --- doc/instguide.texi +++ doc/instguide.texi @@ -36,15 +36,15 @@ @itemize @item Use the list which comes with GnuPG. However this list only -contains a few root certifciates. Most installations will need more. +contains a few root certificates. Most installations will need more. @item Let @command{gpgsm} ask you whether you want to insert a new root certificate. To enable this feature you need to set the option @option{allow-mark-trusted} into @file{gpg-agent.conf}. In general it is not a good idea to do it this way. Checking whether a root -certificate is really trustworthy requires a decsions, which casual -usuers are not up to. Thus, by default this option is not enabled. +certificate is really trustworthy requires decisions, which casual +users are not up to. Thus, by default this option is not enabled. @item Manually maintain the list of trusted root certificates. For a multi Index: doc/scdaemon.texi =================================================================== --- doc/scdaemon.texi +++ doc/scdaemon.texi @@ -69,7 +69,7 @@ @item --help, -h @opindex help -Print a usage message summarizing the most usefule command-line options. +Print a usage message summarizing the most useful command-line options. Not that you can abbreviate this command. @item --dump-options @@ -91,7 +91,7 @@ @item --daemon @opindex daemon Run the program in the background. This option is required to prevent -it from being accidently running in the background. +it from being accidentally running in the background. @end table @@ -267,7 +267,7 @@ PIN again after the next power up. Note that with the current version of Scdaemon the card is powered -down immediatley at the next timer tick for any value of @var{n} other +down immediately at the next timer tick for any value of @var{n} other than 0. @@ -342,7 +342,7 @@ @node PKCS#15 Card @subsection The PKCS#15 card application ``p15'' -This is common fraqmework for smart card applications. It is used by +This is common framework for smart card applications. It is used by @command{gpgsm}. @node Geldkarte Card @@ -413,7 +413,7 @@ The SC-Daemon should be started by the system to provide access to external tokens. Using Smartcards on a multi-user system does not -make much sense expcet for system services, but in this case no +make much sense expect for system services, but in this case no regular user accounts are hosted on the machine. A client connects to the SC-Daemon by connecting to the socket named @@ -421,7 +421,7 @@ @var{/etc/scdaemon.conf} Each connection acts as one session, SC-Daemon takes care of -syncronizing access to a token between sessions. +synchronizing access to a token between sessions. @menu * Scdaemon SERIALNO:: Return the serial number. @@ -457,7 +457,7 @@ SERIALNO @end example -Return the serial number of the card using a status reponse like: +Return the serial number of the card using a status response like: @example S SERIALNO D27600000000000000000000 0 @@ -505,7 +505,7 @@ This function is used to read a certificate identified by @var{hexified_certid} from the card. With OpenPGP cards the keyid -@code{OpenPGP.3} may be used to rad the certticate of version 2 cards. +@code{OpenPGP.3} may be used to rad the certificate of version 2 cards. @node Scdaemon READKEY @@ -584,7 +584,7 @@ WRITEKEY [--force] @var{keyid} @end example -This command is used to store a secret key on a a smartcard. The +This command is used to store a secret key on a smartcard. The allowed keyids depend on the currently selected smartcard application. The actual keydata is requested using the inquiry @code{KEYDATA} and need to be provided without any protection. With @@ -592,7 +592,7 @@ overwritten. The key data is expected to be the usual canonical encoded S-expression. -A PIN will be requested in most saes. This however depends on the +A PIN will be requested in most cases. This however depends on the actual card application. @@ -687,7 +687,7 @@ @end example Using the option @code{--more} handles the card status word MORE_DATA -(61xx) and concatenate all reponses to one block. +(61xx) and concatenate all responses to one block. Using the option @code{--exlen} the returned APDU may use extended length up to N bytes. If N is not given a default value is used Index: doc/sysnotes.texi =================================================================== --- doc/sysnotes.texi +++ doc/sysnotes.texi @@ -6,7 +6,7 @@ @chapter Notes pertaining to certain OSes. GnuPG has been developed on GNU/Linux systems and is know to work on -almost all Free OSes. All modern POSIX systems should be supproted +almost all Free OSes. All modern POSIX systems should be supported right now, however there are probably a lot of smaller glitches we need to fix first. The major problem areas are: @@ -14,14 +14,14 @@ @item For logging to sockets and other internal operations the @code{fopencookie} function (@code{funopen} under *BSD) is used. This -is a very convient function which makes it possible to create outputs in +is a very convenient function which makes it possible to create outputs in a structures and easy maintainable way. The drawback however is that most proprietary OSes don't support this function. At g10@tie{}Code we have looked into several ways on how to overcome this limitation but no sufficiently easy and maintainable way has been found. Porting @emph{glibc} to a general POSIX system is of course an option and would make writing portable software much easier; this it has not yet been -done and the system administrator wouldneed to cope with the GNU +done and the system administrator would need to cope with the GNU specific admin things in addition to the generic ones of his system. We have now settled to use explicit stdio wrappers with a functionality @@ -30,19 +30,19 @@ This means that on systems not supporting either @code{funopen} or @code{fopencookie}, logging to a socket won't work, prompts are not -formatted as pretty as theyshould be and @command{gpgsm}'s +formatted as pretty as they should be and @command{gpgsm}'s @code{LISTKEYS} Assuan command does not work. @item We are planning to use file descriptor passing for interprocess communication. This will allow us save a lot of resources and improve performance of certain operations a lot. Systems not supporting this -won't gain these benefits but we try to keep them working the satndard +won't gain these benefits but we try to keep them working the standard way as it is done today. @item We require more or less full POSIX compatibility. This has been -arround for 15 years now and thus we don't believe it makes sense to +around for 15 years now and thus we don't believe it makes sense to support non POSIX systems anymore. Well, we of course the usual workarounds for near POSIX systems well be applied. Index: doc/tools.texi =================================================================== --- doc/tools.texi +++ doc/tools.texi @@ -334,7 +334,7 @@ Some fields contain strings that are described to be @emph{percent-escaped}. Such strings need to be de-escaped before their content can be presented to the user. A percent-escaped string -is de-escaped by replacing all occurences of @code{%XY} by the byte +is de-escaped by replacing all occurrences of @code{%XY} by the byte that has the hexadecimal value @code{XY}. @code{X} and @code{Y} are from the set @code{0-9a-f}. @@ -477,7 +477,7 @@ The command @code{--check-programs} is similar to @code{--list-components} but works on backend programs and not on -components. It runs each program to test wether it is installed and +components. It runs each program to test whether it is installed and runnable. This also includes a syntax check of all config file options of the program. @@ -514,17 +514,17 @@ config file is syntactically okay. @item cfgfile -If an error occured in the configuraion file (as indicated by a false +If an error occurred in the configuration file (as indicated by a false value in the field @code{okay}), this field has the name of the failing configuration file. It is @emph{percent-escaped}. @item line -If an error occured in the configuration file, this field has the line +If an error occurred in the configuration file, this field has the line number of the failing statement in the configuration file. It is an @emph{unsigned number}. @item error -If an error occured in the configuration file, this field has the error +If an error occurred in the configuration file, this field has the error text of the failing statement in the configuration file. It is @emph{percent-escaped} and @emph{localized}. @@ -747,7 +747,7 @@ @item value This field is defined only for options. Its format is that of an @emph{option argument}. If it is empty, then the option is not -explicitely set in the current configuration, and the default applies +explicitly set in the current configuration, and the default applies (if any). Otherwise, it contains the current value of the option. Note that this field is also meaningful if the option itself does not take a real argument (in this case, it contains the number of times @@ -865,7 +865,7 @@ @end table @noindent -Unknown record typs should be ignored. Note that there is intentionally +Unknown record types should be ignored. Note that there is intentionally no feature to change the global option file through @command{gpgconf}. @@ -947,7 +947,7 @@ @end ifset @mansect description -This is a simple tool to interactivly generate a certificate request +This is a simple tool to interactively generate a certificate request which will be printed to stdout. @manpause @@ -1089,7 +1089,7 @@ The @command{gpg-connect-agent} is a utility to communicate with a running @command{gpg-agent}. It is useful to check out the commands gpg-agent provides using the Assuan interface. It might also be useful -for scripting simple applications. Inputis expected at stdin and out +for scripting simple applications. Input is expected at stdin and out put gets printed to stdout. It is very similar to running @command{gpg-agent} in server mode; but @@ -1192,7 +1192,7 @@ @item /let @var{name} @var{value} Set the variable @var{name} to @var{value}. Variables are only substituted on the input if the @command{/subst} has been used. -Variables are referenced by prefixing the name with a dollr sign and +Variables are referenced by prefixing the name with a dollar sign and optionally include the name in curly braces. The rules for a valid name are identically to those of the standard bourne shell. This is not yet enforced but may be in the future. When used with curly braces no @@ -1237,14 +1237,14 @@ @item unpercent @var{args} @itemx unpercent+ @var{args} -Remove percent style ecaping from @var{args}. Note that @code{%00} +Remove percent style escaping from @var{args}. Note that @code{%00} terminates the string implicitly. The string to be converted are the entire arguments right behind the delimiting space of the function name. @code{unpercent+} also maps plus signs to a spaces. @item percent @var{args} @itemx percent+ @var{args} -Escape the @var{args} using percent style ecaping. Tabs, formfeeds, +Escape the @var{args} using percent style escaping. Tabs, formfeeds, linefeeds, carriage returns and colons are escaped. @code{percent+} also maps spaces to plus signs. @@ -1290,9 +1290,9 @@ @item /datafile @var{name} Write all data lines from the server to the file @var{name}. The file -is opened for writing and created if it does not exists. An existsing +is opened for writing and created if it does not exists. An existing file is first truncated to 0. The data written to the file fully -decoded. Using a singel dash for @var{name} writes to stdout. The +decoded. Using a single dash for @var{name} writes to stdout. The file is kept open until a new file is set using this command or this command is used without an argument. @@ -1466,7 +1466,7 @@ For decryption vice versa. @var{CLASS} describes the calling conventions of the external tool. -Currently it must be given as @samp{confucius}. @var{PROGRAM} is the +Currently it must be given as @samp{confucius}. @var{PROGRAM} is the full filename of that external tool. For the class @samp{confucius} the option @option{--keyfile} is @@ -1499,7 +1499,7 @@ @item --log-file @var{file} @opindex log-file Append all logging output to @var{file}. Default is to write logging -informaton to STDERR. +information to STDERR. @end table