From owner-freebsd-doc@FreeBSD.ORG Mon Aug 29 02:16:02 2011 Return-Path: Delivered-To: freebsd-doc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 26DAB106566B; Mon, 29 Aug 2011 02:16:02 +0000 (UTC) (envelope-from kaduk@mit.edu) Received: from dmz-mailsec-scanner-4.mit.edu (DMZ-MAILSEC-SCANNER-4.MIT.EDU [18.9.25.15]) by mx1.freebsd.org (Postfix) with ESMTP id B94FA8FC0C; Mon, 29 Aug 2011 02:16:01 +0000 (UTC) X-AuditID: 1209190f-b7b44ae000000a24-f4-4e5af5c514d4 Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) by dmz-mailsec-scanner-4.mit.edu (Symantec Messaging Gateway) with SMTP id 5B.FE.02596.5C5FA5E4; Sun, 28 Aug 2011 22:13:25 -0400 (EDT) Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id p7T2Frst025632; Sun, 28 Aug 2011 22:15:54 -0400 Received: from multics.mit.edu (MULTICS.MIT.EDU [18.187.1.73]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id p7T2FpNn015610 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Sun, 28 Aug 2011 22:15:53 -0400 (EDT) Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id p7T2FoCR007042; Sun, 28 Aug 2011 22:15:50 -0400 (EDT) Date: Sun, 28 Aug 2011 22:15:50 -0400 (EDT) From: Benjamin Kaduk To: Warren Block In-Reply-To: <201108290038.p7T0ciSk077924@red.freebsd.org> Message-ID: References: <201108290038.p7T0ciSk077924@red.freebsd.org> User-Agent: Alpine 1.10 (GSO 962 2008-03-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrHIsWRmVeSWpSXmKPExsUixCmqrHv0a5SfQccrYYtTZ7pYLVqerGa3 +HXKw4HZY8an+SweRzoeMQYwRXHZpKTmZJalFunbJXBlHG08z1bwULbiyvx9bA2M58W6GDk5 JARMJGbdn8gIYYtJXLi3nq2LkYtDSGAfo8Th140sIAkhgQ2MEvM2ikMkDjBJdF38wArhNDBK nF9/gw2kikVAW+L7t3msIDabgIrEzDcbgeIcHCICqhJ7z1iDhJkFbCX2THjCDGILC0RIPN4y gQmkhFPASuL1Bx8Qk1fAQeL/pzCItZYS1y9vBjtBVEBHYvX+KWA2r4CgxMmZT1ggJlpK/Fv7 i3UCo+AsJKlZSFILGJlWMcqm5Fbp5iZm5hSnJusWJyfm5aUW6Zro5WaW6KWmlG5iBAerJP8O xm8HlQ4xCnAwKvHwFtRG+QmxJpYVV+YeYpTkYFIS5e0GhroQX1J+SmVGYnFGfFFpTmrxIUYJ DmYlEd6+SUA53pTEyqrUonyYlDQHi5I4b+MOBz8hgfTEktTs1NSC1CKYrAwHh5IEL9s3oEbB otT01Iq0zJwShDQTByfIcB6g4UdAFvMWFyTmFmemQ+RPMSpKifPeAUkIgCQySvPgemHJ5BWj ONArwrzMICt4gIkIrvsV0GAmoMEqjuEgg0sSEVJSDYwa5yqYA+LZZTj+S91uy94Y4mU5v7jV 9EErv7ajhvt3k1d/pvlz1BTnvxEzM/fxfblTTWTaupPvNXa5N+Y83vN5QvzMtGs3rqjd3HZi ztLHyWd3dUyP3+/adSJ1R9Rbq5D28o6/Tx5e5V4t8bsy3S797qar33Wep780z/A+mrZpglNs 4ddnPGlKLMUZiYZazEXFiQCAR6lgAQMAAA== Cc: freebsd-doc@freebsd.org, freebsd-gnats-submit@freebsd.org Subject: Re: docs/160269: [patch] Handbook wireless section: sand off some rough edges X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Aug 2011 02:16:02 -0000 With all due respect to Garrett [but not his mail client's handling of whitespace], On Mon, 29 Aug 2011, Warren Block wrote: > > --- en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml.orig 2011-08-28 17:57:28.000000000 -0600 > +++ en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml 2011-08-28 18:35:33.000000000 -0600 > @@ -1380,16 +1380,16 @@ > WPA with EAP-TLS > > The second way to use WPA is with an 802.1X backend > - authentication server, in this case WPA is called > - WPA-Enterprise to make difference with the less secure > - WPA-Personal with its pre-shared key. The > - authentication in WPA-Enterprise is based on EAP > + authentication server. In this case WPA is called > + WPA-Enterprise to differentiate it from the less secure > + WPA-Personal with its pre-shared key. > + Authentication in WPA-Enterprise is based on EAP > (Extensible Authentication Protocol). This doesn't feel quite right; I would use "is based on the Extensible Authentication Protocol (EAP)." > > EAP does not come with an encryption method, it was > decided to embed EAP inside an encrypted tunnel. Many > - types of EAP authentication methods have been designed, > - the most common methods are EAP-TLS, EAP-TTLS and > + types of EAP authentication methods have been designed. > + The most common methods are EAP-TLS, EAP-TTLS and > EAP-PEAP. > > EAP-TLS (EAP with Transport Layer Security) is a > @@ -1610,9 +1610,9 @@ > certificate to authenticate clients by creating an > encrypted TLS tunnel between the client and the > authentication server, which protects the ensuing > - exchange of authentication information. In term of > + exchange of authentication information. In terms of > security the difference between EAP-TTLS and PEAP is > - that PEAP authentication broadcasts the username in > + that PEAP authentication broadcasts the username in the > clear, only the password is sent in the encrypted TLS > tunnel. EAP-TTLS will use the TLS tunnel for both As Garrett mentions, this sentence is getting pretty long. I would put a comma after "security", and a linking word before "only the password is sent ...". Maybe "meaning", or "so that". > username and password. > @@ -1661,7 +1661,7 @@ > first phase of the authentication (the TLS > tunnel). According to the authentication server > used, you will have to specify a specific label > - for the authentication. Most of time, the label > + for the authentication. Most of the time, the label I think the "the" in "the authentication" is not needed. > will be client EAP encryption which > is set by using peaplabel=0. > More information can be found in the > @@ -1861,8 +1861,8 @@ > This output displays the card capabilities; the > HOSTAP word confirms this wireless card > can act as an Access Point. Various supported ciphers are > - also mentioned: WEP, TKIP, AES, etc., these informations > - are important to know what security protocols could be set > + also mentioned: WEP, TKIP, AES, etc., this information I would change this comma to a full stop. (Maybe a semicolon, but it would be a bit odd to have colon and semicolon in such proximity.) Thanks for assembling all these fixes into a patch! -Ben Kaduk > + is important to know what security protocols could be set > on the Access Point. > > The wireless device can only be put into hostap mode