grammar/mdoc fixes;

1 files changed, 92 insertions, 95 deletions

diff --git a/lib/libkeynote/keynote.1 b/lib/libkeynote/keynote.1
index ef1da373333..1498485c75d 100644
--- a/lib/libkeynote/keynote.1
+++ b/lib/libkeynote/keynote.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: keynote.1,v 1.27 2004/08/25 21:59:59 jmc Exp $
+.\" $OpenBSD: keynote.1,v 1.28 2005/05/05 17:07:11 jmc Exp $
 .\"
 .\" The author of this code is Angelos D. Keromytis (angelos@dsl.cis.upenn.edu)
 .\"
@@ -26,26 +26,27 @@
 .Os
 .Sh NAME
 .Nm keynote
-.Nd command line tool for
-.Xr keynote 3
-operations
+.Nd command line tool for keynote operations
 .Sh SYNOPSIS
 .Nm keynote keygen
 .Ar AlgorithmName
 .Ar KeySize
 .Ar PublicKeyFile
 .Ar PrivateKeyFile
-.Op print-offset
-.Op print-length
+.Op Ar print-offset
+.Op Ar print-length
+.Pp
 .Nm keynote sign
 .Op Fl v
 .Ar AlgorithmName
 .Ar AssertionFile
 .Ar PrivateKeyFile
-.Op print-offset
-.Op print-length
+.Op Ar print-offset
+.Op Ar print-length
+.Pp
 .Nm keynote sigver
-.Op AssertionFile
+.Op Ar AssertionFile
+.Pp
 .Nm keynote verify
 .Op Fl h
 .Op Fl e Ar file
@@ -59,195 +60,191 @@ For more details on
 .Nm KeyNote ,
 see RFC 2704.
 .Sh KEY GENERATION
-"keynote keygen" creates a public/private key of size
-.Fa KeySize ,
-(in bits) for the algorithm specified by
-.Fa AlgorithmName .
+.Nm keynote keygen
+creates a public/private key of size
+.Ar KeySize
+(in bits), for the algorithm specified by
+.Ar AlgorithmName .
 Typical keysizes are 512, 1024, or 2048 (bits).
 The minimum key size for DSA keys is 512 (bits).
 Supported
-.Fa AlgorithmName
+.Ar AlgorithmName
 identifiers are:
 .Pp
-.Bl -tag -width Dq -offset indent -compact
-.It Dq dsa-hex:
-.It Dq dsa-base64:
-.It Dq rsa-hex:
-.It Dq rsa-base64:
+.Bl -tag -width Ds -offset indent -compact
+.It dsa-hex:
+.It dsa-base64:
+.It rsa-hex:
+.It rsa-base64:
 .El
 .Pp
 Notice that the trailing colon is required.
 The resulting public key is stored in file
-.Fa PublicKeyFile .
+.Ar PublicKeyFile .
 Similarly, the resulting private key is stored in file
-.Fa PrivateKeyFile .
+.Ar PrivateKeyFile .
 Either of the filenames can be specified to be
-.Dq \- ,
+.Sq - ,
 in which case the corresponding key(s) will be printed to standard output.
 .Pp
 The optional parameters
-.Fa print-offset
+.Ar print-offset
 and
-.Fa print-length
+.Ar print-length
 specify the offset from the beginning of the line where the key
 will be printed, and the number of characters of the key that will
 be printed per line.
-.Fa print-length
+.Ar print-length
 includes
-.Fa AlgorithmName
+.Ar AlgorithmName
 for the first line and has to be longer (by at least 2) than
-.Fa AlgorithmName .
-.Fa print-length
+.Ar AlgorithmName .
+.Ar print-length
 also accounts for the line-continuation character (backslash) at
 the end of each line, and the double quotes at the beginning and end
 of the key encoding.
 Default values are 12 and 50 respectively.
 .Sh ASSERTION SIGNING
-"keynote sign" reads the assertion contained in
-.Fa AssertionFile
+.Nm keynote sign
+reads the assertion contained in
+.Ar AssertionFile
 and generates a signature specified by
-.Fa AlgorithmName
+.Ar AlgorithmName
 using the private key stored in
-.Fa PrivateKeyFile .
+.Ar PrivateKeyFile .
 The private key is expected to be of the form output by
-.Qq keynote keygen .
+.Nm keynote keygen .
 The private key algorithm and the
-.Fa AlgorithmName
+.Ar AlgorithmName
 specified as an argument are expected to match.
 There is no requirement for the internal or ASCII encodings to match.
 Valid
-.Fa AlgorithmName
+.Ar AlgorithmName
 identifiers are:
 .Pp
-.Bl -tag -width Dq -offset indent -compact
-.It Dq sig-dsa-sha1-hex:
-.It Dq sig-dsa-sha1-base64:
-.It Dq sig-rsa-sha1-hex:
-.It Dq sig-rsa-sha1-base64:
-.It Dq sig-rsa-md5-hex:
-.It Dq sig-rsa-md5-base64:
-.It Dq sig-x509-sha1-hex:
-.It Dq sig-x509-sha1-base64:
+.Bl -tag -width Ds -offset indent -compact
+.It sig-dsa-sha1-hex:
+.It sig-dsa-sha1-base64:
+.It sig-rsa-sha1-hex:
+.It sig-rsa-sha1-base64:
+.It sig-rsa-md5-hex:
+.It sig-rsa-md5-base64:
+.It sig-x509-sha1-hex:
+.It sig-x509-sha1-base64:
 .El
 .Pp
 Notice that the trailing colon is required.
 The resulting signature is printed to standard output.
 This can then be added (via cut-and-paste or some script) at the end of the
 assertion, in the
-.Fa Signature
+.Ar Signature
 field.
 .Pp
 The public key corresponding to the private key in
-.Fa PrivateKeyFile
+.Ar PrivateKeyFile
 is expected to already be included in the
-.Fa Authorizer
+.Ar Authorizer
 field of the assertion, either directly or indirectly (i.e., through
 use of a
-.Fa Local-Constants
+.Ar Local-Constants
 attribute).
 Furthermore, the assertion must have a
-.Fa Signature
+.Ar Signature
 field (even if it is empty), as the signature is computed on
 everything between the
-.Fa KeyNote-Version
+.Ar KeyNote-Version
 and
-.Fa Signature
+.Ar Signature
 keywords (inclusive), and the
-.Fa AlgorithmName
+.Ar AlgorithmName
 string.
 .Pp
 If the
 .Fl v
 flag is provided,
-.Qq keynote sign
+.Nm keynote sign
 will also verify the newly-created signature using the
-.Fa Authorizer
+.Ar Authorizer
 field key.
 .Pp
 The optional parameters
-.Fa print-offset
+.Ar print-offset
 and
-.Fa print-length
+.Ar print-length
 specify the offset from the beginning of the line where the signature
 will be printed, and the number of characters of the signature that will
 be printed per line.
-.Fa print-length
+.Ar print-length
 includes
-.Fa AlgorithmName
+.Ar AlgorithmName
 for the first line and has to be longer (by at least 2) than
-.Fa AlgorithmName .
-.Fa print-length
+.Ar AlgorithmName .
+.Ar print-length
 also accounts for the line-continuation character (backslash) at
 the end of each line, and the double quotes at the beginning and end
 of the signature encoding.
 Default values are 12 and 50 respectively.
 .Sh SIGNATURE VERIFICATION
-.Qq keynote sigver
+.Nm keynote sigver
 reads the assertions contained in
-.Fa AssertionFile
+.Ar AssertionFile
 and verifies the public-key signatures on all of them.
 .Sh QUERY TOOL
 For each operand that names a
 .Ar file ,
-.Qq keynote verify
+.Nm keynote verify
 reads the file and parses the assertions contained therein (one assertion
 per file).
 .Pp
-Files given with the
-.Fl l
-flag are assumed to contain trusted assertions (no signature
-verification is performed), and the
-.Fa Authorizer
-field can contain non-key principals.
-There should be at least one assertion with the
-.Fa POLICY
-keyword in the
-.Fa Authorizer
-field.
-.Pp
-The
-.Fl r
-flag is used to provide a comma-separated list of return values, in
-increasing order of compliance from left to right.
-.Pp
-Files given with the
-.Fl e
-flag are assumed to contain environment variables and their values,
-in the format:
+The options are as follows:
+.Bl -tag -width "retlist"
+.It Fl e Ar file
+Specify a file containing environment variables and their values,
+in the following format:
 .Pp
-.Dl  varname = \&"value\&"
+.Dl varname = \&"value\&"
 .Pp
-.Fa varname
+.Ar varname
 can begin with any letter (upper or lower case) or number,
 and can contain underscores.
-.Fa value
+.Ar value
 is a quoted string, and can contain any character, and escape
 (backslash) processing is performed, as specified in the KeyNote
 RFC.
-.Pp
-The remaining options are:
-.Bl -tag -width "-k file"
 .It Fl h
 Print a usage message and exit.
 .It Fl k Ar file
 Add a key from
-.Fa file
+.Ar file
 in the action authorizers.
+.It Fl l Ar file
+Specify a file containing trusted assertions (no signature
+verification is performed), and the
+.Ar Authorizer
+field can contain non-key principals.
+There should be at least one assertion with the
+.Ar POLICY
+keyword in the
+.Ar Authorizer
+field.
+.It Fl r Ar retlist
+Specify a comma-separated list of return values, in
+increasing order of compliance from left to right.
 .El
 .Pp
 Exactly one
 .Fl r
-and at least one of each
+and at least one each of the
 .Fl e ,
 .Fl l ,
 and
 .Fl k
 flags should be given per invocation.
 If no flags are given,
-.Qq keynote verify
+.Nm keynote verify
 prints the usage message and exits with error code \-1.
 .Pp
-.Qq keynote verify
+.Nm keynote verify
 exits with code \-1 if there was an error, and 0 on success.
 .Sh SEE ALSO
 .Xr keynote 3 ,
@@ -284,4 +281,4 @@ exits with code \-1 if there was an error, and 0 on success.
 .Sh BUGS
 None that we know of.
 If you find any, please report them at
-.Dl Aq keynote@research.att.com
+.Aq keynote@research.att.com .