Re: Request for review: fwknop package

To: debian-l10n-english@lists.debian.org
Cc: Franck Joncourt <franck.mail@dthconnex.com>
Subject: Re: Request for review: fwknop package
From: Justin B Rye <jbr@edlug.org.uk>
Date: Wed, 17 Sep 2008 20:16:26 +0100
Message-id: <[🔎] 20080917191626.GA1512@xibalba.demon.co.uk>
Mail-followup-to: debian-l10n-english@lists.debian.org, Franck Joncourt <franck.mail@dthconnex.com>
In-reply-to: <[🔎] 48D14568.3000803@dthconnex.com>
References: <[🔎] 48D14568.3000803@dthconnex.com>

Franck Joncourt wrote:
> The templates can be found at the following url:
> 
> http://www.dthconnex.com/data/fwknop-server.templates

(I'll reply with comments as if it was inline; diff attached.)

> Template: fwknop-server/easy_setup
> Type: boolean
> Default: false
> _Description: Setup fwknop to protect the ssh port ?

No space before the question mark in English.  How about:

  _Description: Configure fwknop to protect the SSH port?

(Throughout: the noun is "(a) setup", the verb is "(to) set up".)

>  The fwknopd configuration does not appear to have been setup yet.

Unless there's a significant risk of debconf guessing wrong, it can
probably afford to say that it *has not* been set up.  And instead
of overusing the words "setup" and "configuration", how about
something more informative: 

   The FireWall KNock OPerator daemon has not been set up yet.

>  Therefore
>  this install process can setup fwknopd in order to protect your ssh port with
>  an easily configured Rijndael shared key, but it is recommended to move to a
>  GnuPG configuration.

Reorganising it:

   This install process can configure fwknopd to protect the SSH port with a
   simple Rijndael shared key, but moving to a GnuPG setup is recommended.

>  Setting up GnuPG for SPA communications involves a few
>  manual steps that are described in the fwknop documentation. In the meantime,
>  using Rjindael for SPA encryption and decryption provides decent security.

Well, I didn't know what SPA was, but I'm not the one installing
fwknop-server.  This looks okay.

> Template: fwknop-server/hostname
> Type: string
> _Description: Machine hostname:
>  The fwknop-server needs to know the machine hostname.

(What, and it can't access /bin/hostname?)

> Template: fwknop-server/pcap_iface
> Type: string
> _Description: Sniffing interface:
>  By default, fwknop-server runs with the PCAP strategy, and then needs to know 
>  which ethernet interface has to be put in promiscuous mode.

If I'm understanding "with the PCAP strategy" correctly,

   By default, fwknop-server uses libpcap, and needs to know which Ethernet
   interface should be put in promiscuous mode.

> Template: fwknop-server/key
> Type: string
> _Description: Encryption key to use:
>  By default, SPA packets are encrypted with the Rijndael block cipher which 
>  requires an encryption key ; This password must be at least eight characters
>  in length.

s/ which/, which/ and s/ ;/. /
-- 
JBR	with qualifications in linguistics, experience as a Debian
	sysadmin, and probably no clue about this particular package

--- fwknop-server.templates.old	2008-09-17 19:11:56.000000000 +0100
+++ fwknop-server.templates	2008-09-17 20:05:33.000000000 +0100
@@ -1,13 +1,13 @@
 Template: fwknop-server/easy_setup
 Type: boolean
 Default: false
-_Description: Setup fwknop to protect the ssh port ?
- The fwknopd configuration does not appear to have been setup yet. Therefore,
- this install process can setup fwknopd in order to protect your ssh port with
- an easily configured Rijndael shared key, but it is recommended to move to a
- GnuPG configuration. Setting up GnuPG for SPA communications involves a few
- manual steps that are described in the fwknop documentation. In the meantime,
- using Rjindael for SPA encryption and decryption provides decent security.
+_Description: Configure fwknop to protect the SSH port?
+ The FireWall KNock OPerator daemon has not been set up yet. This install
+ process can configure fwknopd to protect the SSH port with a simple Rijndael
+ shared key, but moving to a GnuPG setup is recommended. Setting up GnuPG for
+ SPA communications involves a few manual steps that are described in the
+ fwknop documentation. In the meantime, using Rjindael for SPA encryption and
+ decryption provides decent security.
 
 Template: fwknop-server/hostname
 Type: string
@@ -17,12 +17,12 @@
 Template: fwknop-server/pcap_iface
 Type: string
 _Description: Sniffing interface:
- By default, fwknop-server runs with the PCAP strategy, and then needs to know 
- which ethernet interface has to be put in promiscuous mode.
+ By default, fwknop-server uses libpcap, and needs to know which Ethernet
+ interface should be put in promiscuous mode.
 
 Template: fwknop-server/key
 Type: string
 _Description: Encryption key to use:
- By default, SPA packets are encrypted with the Rijndael block cipher which 
- requires an encryption key ; This password must be at least eight characters
+ By default, SPA packets are encrypted with the Rijndael block cipher, which 
+ requires an encryption key. This password must be at least eight characters
  in length.

Reply to:

Follow-Ups:
- Re: Request for review: fwknop package
  - From: Franck Joncourt <franck.mail@dthconnex.com>

References:
- Request for review: fwknop package
  - From: Franck Joncourt <franck.mail@dthconnex.com>

Prev by Date: Request for review: fwknop package
Next by Date: Re: Request for review: fwknop package
Previous by thread: Request for review: fwknop package
Next by thread: Re: Request for review: fwknop package
Index(es):
- Date
- Thread