Date: Mon, 29 Aug 2011 01:30:15 GMT From: Garrett Cooper <yanegomi@gmail.com> To: freebsd-doc@FreeBSD.org Subject: Re: docs/160269: [patch] Handbook wireless section: sand off some rough edges Message-ID: <201108290130.p7T1UFLj020449@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR docs/160269; it has been noted by GNATS. From: Garrett Cooper <yanegomi@gmail.com> To: Warren Block <wblock@wonkity.com> Cc: freebsd-gnats-submit@freebsd.org Subject: Re: docs/160269: [patch] Handbook wireless section: sand off some rough edges Date: Sun, 28 Aug 2011 18:03:28 -0700 On Sun, Aug 28, 2011 at 5:38 PM, Warren Block <wblock@wonkity.com> wrote: > >>Number: =A0 =A0 =A0 =A0 160269 >>Category: =A0 =A0 =A0 docs >>Synopsis: =A0 =A0 =A0 [patch] Handbook wireless section: sand off some ro= ugh edges >>Confidential: =A0 no >>Severity: =A0 =A0 =A0 non-critical >>Priority: =A0 =A0 =A0 low >>Responsible: =A0 =A0freebsd-doc >>State: =A0 =A0 =A0 =A0 =A0open >>Quarter: >>Keywords: >>Date-Required: >>Class: =A0 =A0 =A0 =A0 =A0doc-bug >>Submitter-Id: =A0 current-users >>Arrival-Date: =A0 Mon Aug 29 00:40:03 UTC 2011 >>Closed-Date: >>Last-Modified: >>Originator: =A0 =A0 Warren Block >>Release: =A0 =A0 =A0 =A08-STABLE >>Organization: >>Environment: > FreeBSD lightning 8.2-STABLE FreeBSD 8.2-STABLE #0: Fri Aug 26 13:17:14 M= DT 2011 =A0 =A0 root@lightning:/usr/obj/usr/src/sys/LIGHTNING =A0i386 >>Description: > Fix some wording and punctuation in the advanced networking/wireless sect= ion of the Handbook. >>How-To-Repeat: > Read the later parts of the wireless section. >>Fix: > Apply patch. > > Patch attached with submission follows: > > --- en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml.orig = =A0 =A0 =A0 =A02011-08-28 17:57:28.000000000 -0600 > +++ en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml =A0 = =A0 2011-08-28 18:35:33.000000000 -0600 > @@ -1225,7 +1225,7 @@ > =A0 =A0 =A0 =A0 =A0 =A0the 802.1X authentication protocol and uses one of= several > =A0 =A0 =A0 =A0 =A0 =A0ciphers instead of WEP for data integrity. =A0The = only > =A0 =A0 =A0 =A0 =A0 =A0cipher required by WPA is TKIP (Temporary Key Inte= grity > - =A0 =A0 =A0 =A0 =A0 Protocol) which is a cipher that extends the basic = RC4 > + =A0 =A0 =A0 =A0 =A0 Protocol). =A0TKIP is a cipher that extends the bas= ic RC4 > =A0 =A0 =A0 =A0 =A0 =A0cipher used by WEP by adding integrity checking, t= amper > =A0 =A0 =A0 =A0 =A0 =A0detection, and measures for responding to any dete= cted > =A0 =A0 =A0 =A0 =A0 =A0intrusions. =A0TKIP is designed to work on legacy = hardware > @@ -1243,7 +1243,7 @@ > =A0 =A0 =A0 =A0 =A0 =A0station and the access point using a pre-shared se= cret. > =A0 =A0 =A0 =A0 =A0 =A0The former is commonly termed WPA Enterprise with = the > =A0 =A0 =A0 =A0 =A0 =A0latter known as WPA Personal. =A0Since most people= will not > - =A0 =A0 =A0 =A0 =A0 set up a RADIUS backend server for wireless network= , > + =A0 =A0 =A0 =A0 =A0 set up a RADIUS backend server for their wireless n= etwork, > =A0 =A0 =A0 =A0 =A0 =A0WPA-PSK is by far the most commonly encountered > =A0 =A0 =A0 =A0 =A0 =A0configuration for WPA.</para> > > @@ -1258,7 +1258,7 @@ > =A0 =A0 =A0 =A0 =A0<sect5 id=3D"network-wireless-wpa-wpa-psk"> > =A0 =A0 =A0 =A0 =A0 =A0<title>WPA-PSK</title> > > - =A0 =A0 =A0 =A0 =A0 <para>WPA-PSK also known as WPA-Personal is based o= n a > + =A0 =A0 =A0 =A0 =A0 <para>WPA-PSK, also known as WPA-Personal, is based= on a > =A0 =A0 =A0 =A0 =A0 =A0 =A0pre-shared key (PSK) generated from a given pa= ssword and > =A0 =A0 =A0 =A0 =A0 =A0 =A0that will be used as the master key in the wir= eless > =A0 =A0 =A0 =A0 =A0 =A0 =A0network. =A0This means every wireless user wil= l share the > @@ -1289,7 +1289,7 @@ > =A0 =A0 =A0 =A0 =A0 =A0<programlisting>wlans_ath0=3D"wlan0" > =A0ifconfig_wlan0=3D"WPA DHCP"</programlisting> > > - =A0 =A0 =A0 =A0 =A0 <para>Then, we can bring up the interface:</para> > + =A0 =A0 =A0 =A0 =A0 <para>Then we can bring up the interface:</para> > > =A0 =A0 =A0 =A0 =A0 =A0<screen>&prompt.root; <userinput><filename>/etc/rc= .d/netif</filename> start</userinput> > =A0Starting wpa_supplicant. > @@ -1342,16 +1342,16 @@ > =A0 =A0 =A0 wme burst roaming MANUAL</screen> > > =A0 =A0 =A0 =A0 =A0 =A0<note> > - =A0 =A0 =A0 =A0 =A0 =A0 <para>If the <filename>/etc/rc.conf</filename> = is set up > + =A0 =A0 =A0 =A0 =A0 =A0 <para>If <filename>/etc/rc.conf</filename> is s= et up > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0with the line <literal>ifconfig_wlan0=3D"D= HCP"</literal> > - =A0 =A0 =A0 =A0 =A0 =A0 =A0 then it is no need to run the > - =A0 =A0 =A0 =A0 =A0 =A0 =A0 <command>dhclient</command> command manuall= y, > + =A0 =A0 =A0 =A0 =A0 =A0 =A0 then it is not necessary to run the > + =A0 =A0 =A0 =A0 =A0 =A0 =A0 <command>dhclient</command> command manuall= y. This isn't entirely true. You can specify other options like "SYNCDHCP", "ssid <foo> DHCP", etc, and it will achieve what's described below. Manual execution of dhclient in general should be discouraged for most users. > =A0 =A0 =A0 =A0 =A0 =A0<para>EAP does not come with an encryption method,= it was > =A0 =A0 =A0 =A0 =A0 =A0 =A0decided to embed EAP inside an encrypted tunne= l. =A0Many > - =A0 =A0 =A0 =A0 =A0 =A0 types of EAP authentication methods have been d= esigned, > - =A0 =A0 =A0 =A0 =A0 =A0 the most common methods are EAP-TLS, EAP-TTLS a= nd > + =A0 =A0 =A0 =A0 =A0 =A0 types of EAP authentication methods have been d= esigned. > + =A0 =A0 =A0 =A0 =A0 =A0 The most common methods are EAP-TLS, EAP-TTLS a= nd > =A0 =A0 =A0 =A0 =A0 =A0 =A0EAP-PEAP.</para> Maybe it should say something like "There are many EAP authentication methods: the most common ones are EAP-TLS, EAP-TTLS, and EAP-PEAP" ? > =A0 =A0 =A0 =A0 =A0 =A0<para>EAP-TLS (EAP with Transport Layer Security) = is a > @@ -1555,7 +1555,7 @@ > =A0 =A0 =A0 =A0 =A0 =A0 =A0<callout arearefs=3D"co-ttls-cacert"> > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0<para>The <literal>ca_cert</literal> field= indicates > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0the pathname of the CA certificate fil= e. =A0This file > - =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 is needed to verify the server certific= at.</para> > + =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 is needed to verify the server certific= ate.</para> > =A0 =A0 =A0 =A0 =A0 =A0 =A0</callout> > > =A0 =A0 =A0 =A0 =A0 =A0 =A0<callout arearefs=3D"co-ttls-pha2"> > @@ -1599,10 +1599,10 @@ > > =A0 =A0 =A0 =A0 =A0 =A0<para>PEAP (Protected EAP) has been designed as an > =A0 =A0 =A0 =A0 =A0 =A0 =A0alternative to EAP-TTLS. =A0There are two type= s of PEAP > - =A0 =A0 =A0 =A0 =A0 =A0 methods, the most common one is PEAPv0/EAP-MSCH= APv2. =A0In > + =A0 =A0 =A0 =A0 =A0 =A0 methods; the most common one is PEAPv0/EAP-MSCH= APv2. =A0In That could be a colon instead. > =A0 =A0 =A0 =A0 =A0 =A0 =A0the rest of this document, we will use the PEA= P term to > =A0 =A0 =A0 =A0 =A0 =A0 =A0refer to that EAP method. =A0PEAP is the most = used EAP > - =A0 =A0 =A0 =A0 =A0 =A0 standard after EAP-TLS, in other words if you h= ave a > + =A0 =A0 =A0 =A0 =A0 =A0 standard after EAP-TLS. =A0In other words, if y= ou have a This could be a semicolon. > =A0 =A0 =A0 =A0 =A0 =A0 =A0network with mixed OSes, PEAP should be the mo= st > =A0 =A0 =A0 =A0 =A0 =A0 =A0supported standard after EAP-TLS.</para> > > @@ -1610,9 +1610,9 @@ > =A0 =A0 =A0 =A0 =A0 =A0 =A0certificate to authenticate clients by creatin= g an > =A0 =A0 =A0 =A0 =A0 =A0 =A0encrypted TLS tunnel between the client and th= e > =A0 =A0 =A0 =A0 =A0 =A0 =A0authentication server, which protects the ensu= ing > - =A0 =A0 =A0 =A0 =A0 =A0 exchange of authentication information. =A0In t= erm of > + =A0 =A0 =A0 =A0 =A0 =A0 exchange of authentication information. =A0In t= erms of > =A0 =A0 =A0 =A0 =A0 =A0 =A0security the difference between EAP-TTLS and P= EAP is > - =A0 =A0 =A0 =A0 =A0 =A0 that PEAP authentication broadcasts the usernam= e in > + =A0 =A0 =A0 =A0 =A0 =A0 that PEAP authentication broadcasts the usernam= e in the > =A0 =A0 =A0 =A0 =A0 =A0 =A0clear, only the password is sent in the encryp= ted TLS > =A0 =A0 =A0 =A0 =A0 =A0 =A0tunnel. This sentence is extremely wordy. The rest of the changes are good incremental improvements to the existing doc :). Thanks! -Garrett
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201108290130.p7T1UFLj020449>