docs/160269: [patch] Handbook wireless section: sand off some rough edges
Garrett Cooper
yanegomi at gmail.com
Mon Aug 29 01:30:15 UTC 2011
The following reply was made to PR docs/160269; it has been noted by GNATS.
From: Garrett Cooper <yanegomi at gmail.com>
To: Warren Block <wblock at wonkity.com>
Cc: freebsd-gnats-submit at freebsd.org
Subject: Re: docs/160269: [patch] Handbook wireless section: sand off some
rough edges
Date: Sun, 28 Aug 2011 18:03:28 -0700
On Sun, Aug 28, 2011 at 5:38 PM, Warren Block <wblock at wonkity.com> wrote:
>
>>Number: =A0 =A0 =A0 =A0 160269
>>Category: =A0 =A0 =A0 docs
>>Synopsis: =A0 =A0 =A0 [patch] Handbook wireless section: sand off some ro=
ugh edges
>>Confidential: =A0 no
>>Severity: =A0 =A0 =A0 non-critical
>>Priority: =A0 =A0 =A0 low
>>Responsible: =A0 =A0freebsd-doc
>>State: =A0 =A0 =A0 =A0 =A0open
>>Quarter:
>>Keywords:
>>Date-Required:
>>Class: =A0 =A0 =A0 =A0 =A0doc-bug
>>Submitter-Id: =A0 current-users
>>Arrival-Date: =A0 Mon Aug 29 00:40:03 UTC 2011
>>Closed-Date:
>>Last-Modified:
>>Originator: =A0 =A0 Warren Block
>>Release: =A0 =A0 =A0 =A08-STABLE
>>Organization:
>>Environment:
> FreeBSD lightning 8.2-STABLE FreeBSD 8.2-STABLE #0: Fri Aug 26 13:17:14 M=
DT 2011 =A0 =A0 root at lightning:/usr/obj/usr/src/sys/LIGHTNING =A0i386
>>Description:
> Fix some wording and punctuation in the advanced networking/wireless sect=
ion of the Handbook.
>>How-To-Repeat:
> Read the later parts of the wireless section.
>>Fix:
> Apply patch.
>
> Patch attached with submission follows:
>
> --- en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml.orig =
=A0 =A0 =A0 =A02011-08-28 17:57:28.000000000 -0600
> +++ en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml =A0 =
=A0 2011-08-28 18:35:33.000000000 -0600
> @@ -1225,7 +1225,7 @@
> =A0 =A0 =A0 =A0 =A0 =A0the 802.1X authentication protocol and uses one of=
several
> =A0 =A0 =A0 =A0 =A0 =A0ciphers instead of WEP for data integrity. =A0The =
only
> =A0 =A0 =A0 =A0 =A0 =A0cipher required by WPA is TKIP (Temporary Key Inte=
grity
> - =A0 =A0 =A0 =A0 =A0 Protocol) which is a cipher that extends the basic =
RC4
> + =A0 =A0 =A0 =A0 =A0 Protocol). =A0TKIP is a cipher that extends the bas=
ic RC4
> =A0 =A0 =A0 =A0 =A0 =A0cipher used by WEP by adding integrity checking, t=
amper
> =A0 =A0 =A0 =A0 =A0 =A0detection, and measures for responding to any dete=
cted
> =A0 =A0 =A0 =A0 =A0 =A0intrusions. =A0TKIP is designed to work on legacy =
hardware
> @@ -1243,7 +1243,7 @@
> =A0 =A0 =A0 =A0 =A0 =A0station and the access point using a pre-shared se=
cret.
> =A0 =A0 =A0 =A0 =A0 =A0The former is commonly termed WPA Enterprise with =
the
> =A0 =A0 =A0 =A0 =A0 =A0latter known as WPA Personal. =A0Since most people=
will not
> - =A0 =A0 =A0 =A0 =A0 set up a RADIUS backend server for wireless network=
,
> + =A0 =A0 =A0 =A0 =A0 set up a RADIUS backend server for their wireless n=
etwork,
> =A0 =A0 =A0 =A0 =A0 =A0WPA-PSK is by far the most commonly encountered
> =A0 =A0 =A0 =A0 =A0 =A0configuration for WPA.</para>
>
> @@ -1258,7 +1258,7 @@
> =A0 =A0 =A0 =A0 =A0<sect5 id=3D"network-wireless-wpa-wpa-psk">
> =A0 =A0 =A0 =A0 =A0 =A0<title>WPA-PSK</title>
>
> - =A0 =A0 =A0 =A0 =A0 <para>WPA-PSK also known as WPA-Personal is based o=
n a
> + =A0 =A0 =A0 =A0 =A0 <para>WPA-PSK, also known as WPA-Personal, is based=
on a
> =A0 =A0 =A0 =A0 =A0 =A0 =A0pre-shared key (PSK) generated from a given pa=
ssword and
> =A0 =A0 =A0 =A0 =A0 =A0 =A0that will be used as the master key in the wir=
eless
> =A0 =A0 =A0 =A0 =A0 =A0 =A0network. =A0This means every wireless user wil=
l share the
> @@ -1289,7 +1289,7 @@
> =A0 =A0 =A0 =A0 =A0 =A0<programlisting>wlans_ath0=3D"wlan0"
> =A0ifconfig_wlan0=3D"WPA DHCP"</programlisting>
>
> - =A0 =A0 =A0 =A0 =A0 <para>Then, we can bring up the interface:</para>
> + =A0 =A0 =A0 =A0 =A0 <para>Then we can bring up the interface:</para>
>
> =A0 =A0 =A0 =A0 =A0 =A0<screen>&prompt.root; <userinput><filename>/etc/rc=
.d/netif</filename> start</userinput>
> =A0Starting wpa_supplicant.
> @@ -1342,16 +1342,16 @@
> =A0 =A0 =A0 wme burst roaming MANUAL</screen>
>
> =A0 =A0 =A0 =A0 =A0 =A0<note>
> - =A0 =A0 =A0 =A0 =A0 =A0 <para>If the <filename>/etc/rc.conf</filename> =
is set up
> + =A0 =A0 =A0 =A0 =A0 =A0 <para>If <filename>/etc/rc.conf</filename> is s=
et up
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0with the line <literal>ifconfig_wlan0=3D"D=
HCP"</literal>
> - =A0 =A0 =A0 =A0 =A0 =A0 =A0 then it is no need to run the
> - =A0 =A0 =A0 =A0 =A0 =A0 =A0 <command>dhclient</command> command manuall=
y,
> + =A0 =A0 =A0 =A0 =A0 =A0 =A0 then it is not necessary to run the
> + =A0 =A0 =A0 =A0 =A0 =A0 =A0 <command>dhclient</command> command manuall=
y.
This isn't entirely true. You can specify other options like
"SYNCDHCP", "ssid <foo> DHCP", etc, and it will achieve what's
described below. Manual execution of dhclient in general should be
discouraged for most users.
> =A0 =A0 =A0 =A0 =A0 =A0<para>EAP does not come with an encryption method,=
it was
> =A0 =A0 =A0 =A0 =A0 =A0 =A0decided to embed EAP inside an encrypted tunne=
l. =A0Many
> - =A0 =A0 =A0 =A0 =A0 =A0 types of EAP authentication methods have been d=
esigned,
> - =A0 =A0 =A0 =A0 =A0 =A0 the most common methods are EAP-TLS, EAP-TTLS a=
nd
> + =A0 =A0 =A0 =A0 =A0 =A0 types of EAP authentication methods have been d=
esigned.
> + =A0 =A0 =A0 =A0 =A0 =A0 The most common methods are EAP-TLS, EAP-TTLS a=
nd
> =A0 =A0 =A0 =A0 =A0 =A0 =A0EAP-PEAP.</para>
Maybe it should say something like "There are many EAP authentication
methods: the most common ones are EAP-TLS, EAP-TTLS, and EAP-PEAP" ?
> =A0 =A0 =A0 =A0 =A0 =A0<para>EAP-TLS (EAP with Transport Layer Security) =
is a
> @@ -1555,7 +1555,7 @@
> =A0 =A0 =A0 =A0 =A0 =A0 =A0<callout arearefs=3D"co-ttls-cacert">
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0<para>The <literal>ca_cert</literal> field=
indicates
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0the pathname of the CA certificate fil=
e. =A0This file
> - =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 is needed to verify the server certific=
at.</para>
> + =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 is needed to verify the server certific=
ate.</para>
> =A0 =A0 =A0 =A0 =A0 =A0 =A0</callout>
>
> =A0 =A0 =A0 =A0 =A0 =A0 =A0<callout arearefs=3D"co-ttls-pha2">
> @@ -1599,10 +1599,10 @@
>
> =A0 =A0 =A0 =A0 =A0 =A0<para>PEAP (Protected EAP) has been designed as an
> =A0 =A0 =A0 =A0 =A0 =A0 =A0alternative to EAP-TTLS. =A0There are two type=
s of PEAP
> - =A0 =A0 =A0 =A0 =A0 =A0 methods, the most common one is PEAPv0/EAP-MSCH=
APv2. =A0In
> + =A0 =A0 =A0 =A0 =A0 =A0 methods; the most common one is PEAPv0/EAP-MSCH=
APv2. =A0In
That could be a colon instead.
> =A0 =A0 =A0 =A0 =A0 =A0 =A0the rest of this document, we will use the PEA=
P term to
> =A0 =A0 =A0 =A0 =A0 =A0 =A0refer to that EAP method. =A0PEAP is the most =
used EAP
> - =A0 =A0 =A0 =A0 =A0 =A0 standard after EAP-TLS, in other words if you h=
ave a
> + =A0 =A0 =A0 =A0 =A0 =A0 standard after EAP-TLS. =A0In other words, if y=
ou have a
This could be a semicolon.
> =A0 =A0 =A0 =A0 =A0 =A0 =A0network with mixed OSes, PEAP should be the mo=
st
> =A0 =A0 =A0 =A0 =A0 =A0 =A0supported standard after EAP-TLS.</para>
>
> @@ -1610,9 +1610,9 @@
> =A0 =A0 =A0 =A0 =A0 =A0 =A0certificate to authenticate clients by creatin=
g an
> =A0 =A0 =A0 =A0 =A0 =A0 =A0encrypted TLS tunnel between the client and th=
e
> =A0 =A0 =A0 =A0 =A0 =A0 =A0authentication server, which protects the ensu=
ing
> - =A0 =A0 =A0 =A0 =A0 =A0 exchange of authentication information. =A0In t=
erm of
> + =A0 =A0 =A0 =A0 =A0 =A0 exchange of authentication information. =A0In t=
erms of
> =A0 =A0 =A0 =A0 =A0 =A0 =A0security the difference between EAP-TTLS and P=
EAP is
> - =A0 =A0 =A0 =A0 =A0 =A0 that PEAP authentication broadcasts the usernam=
e in
> + =A0 =A0 =A0 =A0 =A0 =A0 that PEAP authentication broadcasts the usernam=
e in the
> =A0 =A0 =A0 =A0 =A0 =A0 =A0clear, only the password is sent in the encryp=
ted TLS
> =A0 =A0 =A0 =A0 =A0 =A0 =A0tunnel.
This sentence is extremely wordy.
The rest of the changes are good incremental improvements to the
existing doc :).
Thanks!
-Garrett
More information about the freebsd-doc
mailing list