Skip to content
This repository has been archived by the owner on Aug 24, 2023. It is now read-only.

Commit

Permalink
Fixing misspellings
Browse files Browse the repository at this point in the history
  • Loading branch information
BrianSipos committed Feb 2, 2021
1 parent 3a0a29f commit 4594ad3
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 3 deletions.
19 changes: 19 additions & 0 deletions spec/dictionary.txt
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,17 @@ Ack
ACK
acknowledgement
acknowledgements
ASN
BCP
BPSec
BPv
bundleSecurity
Burleigh
CAs
CBOR
ciphersuite
CLA
clientAuth
ClientHello
codepoints
Conv
Expand All @@ -18,15 +22,19 @@ dbus
DCCP
decodable
deconflict
digitalSignature
DNS
dod
dtn
DTN
EKU
encodings
endian
extensibility
FFF
HostName
IANA
IEC
IESG
IETF
incrementing
Expand All @@ -35,10 +43,15 @@ interoperation
IPADDR
iPAddress
IPv
iso
ITU
keepalive
Keepalive
KEEPALIVE
KEEPALIVEs
keyAgreement
keyEncipherment
kp
LLC
misconfigured
MRU
Expand All @@ -51,6 +64,7 @@ PCH
pipelining
Pipelining
PKI
pkix
PKIX
plaintext
pre
Expand All @@ -68,12 +82,15 @@ RTT
SDNV
Seg
SEGMENTs
serverAuth
SESS
SMI
SNI
SSL
STARTTLS
subjectAltName
substate
TBD
TCP
TCPCL
TCPCLOSE
Expand All @@ -88,6 +105,8 @@ uniformResourceIdentifier
untrusted
URI
UTF
wireshark
Wireshark
xEF
xF
XFER
Expand Down
6 changes: 3 additions & 3 deletions spec/draft-ietf-dtn-tcpclv4.xml
Original file line number Diff line number Diff line change
Expand Up @@ -1121,7 +1121,7 @@ Including key identifiers simplifies the work of an entity needing to assemble a
<t>
Unless prohibited by CA policy, a TCPCL end-entity certificate SHALL contain a NODE-ID which authenticates the Node ID of the peer.
When assigned one or more stable DNS names, a TCPCL end-entity certificate SHOULD contain DNS-ID which authenticates those (fully qualified) names.
When assigned one or more stable network addresss, a TCPCL end-entity certificate MAY contain IPADDR-ID which authenticates those addresses.
When assigned one or more stable network addresses, a TCPCL end-entity certificate MAY contain IPADDR-ID which authenticates those addresses.
</t>
<t>
This document defines a PKIX Extended Key Usage key purpose "id-kp-bundleSecurity" in <xref target="sec-iana-kp-oid"/> which can be used to restrict a certificate's use.
Expand Down Expand Up @@ -1221,7 +1221,7 @@ Indicating that one or more such claims are present and none match the peer iden
<name>Certificate Path and Purpose Validation</name>
<t>
For any peer end-entity certificate received during TLS handshake, the entity SHALL perform the certification path validation of <xref target="RFC5280"/> up to one of the entity's trusted CA certificates.
If enabled by local policy, the entity SHALL perform an OCSP check of each certificate providing OCSP authoritiy information in accordance with <xref target="RFC6960"/>.
If enabled by local policy, the entity SHALL perform an OCSP check of each certificate providing OCSP authority information in accordance with <xref target="RFC6960"/>.
If certificate validation fails or if security policy disallows a certificate for any reason, the entity SHALL fail the TLS handshake with a "bad_certificate" alert.
Leaving out part of the certification chain can cause the entity to fail to validate a certificate if the left-out certificates are unknown to the entity (see <xref target="sec-threat-untrust-cert"/>).
</t>
Expand Down Expand Up @@ -2421,7 +2421,7 @@ Finally, an attacker or a misconfigured entity can cause issues at the TCP conne
<name>Mandatory-to-Implement TLS</name>
<t>
Following IETF best current practice, TLS is mandatory to implement for all TCPCL implementations but TLS is optional to use for a given TCPCL session.
The recommended configuration of <xref target="sec-contact-header"/> is to always enable TLS, but entites are permitted to disable TLS based on local configration.
The recommended configuration of <xref target="sec-contact-header"/> is to always enable TLS, but entities are permitted to disable TLS based on local configuration.
The configuration to enable or disable TLS for an entity or a session is outside of the scope of this document.
The configuration to disable TLS is different from the threat of TLS stripping described in <xref target="sec-threat-tls-strip"/>.
</t>
Expand Down

0 comments on commit 4594ad3

Please sign in to comment.