Re: [RFR] templates://openvas-server/{openvas-server.templates}
Christian Perrier wrote:
> Your review should be sent as an answer to this mail.
[...]
> Template: openvas-server/califetime
> Type: string
> Default: 1460
> -_Description: CA certificate life time in days:
> - Provide the life time of the Certificate Authority used to generate
> +_Description: Certificate authority certificate life time (days):
> + Please choose the lifetime of the Certificate Authority certificate that
> + will be used to generate
> the OpenVAS daemon certificate.
>
> life time or "lifetime" ?
Always "lifetime".
> I'm unsure, though that this is something that we choose (meaning that
> a local CA certificate will be created) or provide...
In principle just as it might not be the sysadmin's computer it
might not be their job to "choose", but never mind, at least they're
choosing to do their data-entry chores properly.
> Template: openvas-server/srvlifetime
> Type: string
> Default: 365
> +_Description: Server certificate life time (days):
> + Please choose the lifetime of the OpenVAS daemon certificate.
> + .
> + Please note that the
> + OpenVAS clients will not connect to servers with expired certificates.
> + As a consequence, it is recommended to choose a duration that exceeds
> + the time you plan to run this server.
[...]
>
> The "as a consequence" sentence still has room for
> improvement. Justin...:-)
It works okay, but you've already said "please", so it can afford to
be less round-about:
OpenVAS clients will not connect to servers with expired certificates,
so you should choose a duration longer than the time you plan to run
this server.
> I use double quotes. Justin, this is contrary to what we did up to now
> but re-reading many sources and discussiong with Steve Langasek made
> me change my mind. Using double quotes is the well established
> standard for US English and we decided to stick with US English, so....
I'm happy with that; it's the style I'm used to using, especially in
ASCII contexts.
> Template: openvas-server/country
> Type: string
> -_Description: Your country (two letter code):
> - Enter your country's two letter code.
> +_Description: Country (two letter code):
> + Please enter the two letter code for the country where this server resides.
[...]
> I'm opened to suggestions. As of now, what I propose is what I find
> the best.
Looks fine, except that I'd hyphenate "two-letter". Wait, isn't
there a default/example text? (It may seem too obvious to need one,
but, well, I live in a country with two different competing
two-letter codes).
> Template: openvas-server/province
> Type: string
> -_Description: Your state or province:
> - Enter the state or provice you reside in.
> +_Description: State or province:
> + Please enter the state or province where this server resides.
>
> Removing the "Your". Where *I* live is not relevant. What's relevant
> is the location of my server or the location of my organization.
The phrase "state or province" seems to be official X.809ese, though
again it's an awkward one for Brits - does it want "Borough of North
East Lincolnshire Unitary Authority" or does it want "England"?
> Package: openvas-server
[...]
(Expand VAS somewhere.)
> +Description: remote network security auditor - server
[...]
> The OpenVAS Security Scanner is a security auditing tool. It makes
> possible to test security modules in an attempt to find vulnerable
> spots that should be fixed.
Makes _it_ possible, or preferably, boil it down a bit. But is it
trying to say it tests remote systems' "security modules", whatever
those are, or does it _use_ a system of Nessus-style modules to test
remote systems' network services? Judging by the Homepage:
The Open Vulnerability Assessment System is a modular security
auditing tool, used for testing remote systems for vulnerabilities
that should be fixed.
(It seems to me that the number one fact people need to know about
OpenVAS is that it's effectively FreeNessus, now that the Nessus3
license has gone proprietary. But even the project homepage doesn't
bother to mention that.)
> .
> It is made up of two parts: a server, and a client. The server/daemon,
> openvasd, is in charge of the attacks, whereas the client,
I was going to say that this use of openvasd but OpenVAS-Client was
inconsistent, but I see there really is a /usr/bin/OpenVAS-Client.
> + OpenVAS-Client, provides the user a X11/GTK+ interface.
>
> Removing "nice". That may be seen as "advertizing" (see DevRef).
It's faint praise anyway. But "provides the recipient a gift"
doesn't work; easiest fix, take out "the user":
OpenVAS-Client, provides an X11/GTK+ user interface.
Oh, and: ^
> Package: openvas-server-dev
[...]
> - This package contains the required static libraries, headers of the server.
> + This package provides the required static libraries, headers of the server.
This package provides the static libraries and headers required for
compiling the server.
--
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package
--- ../openvas-server.old/debian/openvas-server.templates 2009-01-04 13:49:21.000000000 +0000
+++ debian/openvas-server.templates 2009-01-04 15:01:34.000000000 +0000
@@ -3,46 +3,50 @@
_Description: OpenVAS daemon certificate generation
You will need to provide the relevant information to create an SSL
certificate for your OpenVAS daemon. Note that this information will
- *NOT* be sent to echo anybody (everything stays local), but anyone
+ remain local to this system, but anyone
with the ability to connect to your OpenVAS daemon will be able to
- retrieve this information.
+ see it.
Template: openvas-server/califetime
Type: string
Default: 1460
-_Description: CA certificate life time in days:
- Provide the life time of the Certificate Authority used to generate
+_Description: Certificate authority certificate lifetime (days):
+ Please choose the lifetime of the Certificate Authority certificate that
+ will be used to generate
the OpenVAS daemon certificate.
Template: openvas-server/srvlifetime
Type: string
Default: 365
-_Description: Server certificate life time in days:
- Provide the life time of the OpenVAS daemon certificate. Notice that the
- OpenVAS clients will not connect to servers with expired certificates
- so set this value for as long as you want this installation to last.
- You can always regenerate this certificate later by removing the certificate
- file stored in /var/lib/openvas/CA/ and running 'openvas-mkcert'
+_Description: Server certificate lifetime (days):
+ Please choose the lifetime of the OpenVAS daemon certificate.
+ .
+ OpenVAS clients will not connect to servers with expired certificates,
+ so you should choose a duration longer than the time you plan to run
+ this server.
+ .
+ This certificate can be regenerated later by removing the certificate
+ file stored in /var/lib/openvas/CA/ and running "openvas-mkcert".
Template: openvas-server/country
Type: string
-_Description: Your country (two letter code):
- Enter your country's two letter code.
+_Description: Country (two-letter code):
+ Please enter the two-letter code for the country where this server resides.
Template: openvas-server/province
Type: string
-_Description: Your state or province:
- Enter the state or provice you reside in.
+_Description: State or province:
+ Please enter the state or province where this server resides.
Template: openvas-server/location
Type: string
-_Description: Your location:
- Enter your location (e.g. town).
+_Description: Location:
+ Please enter the location (e.g. town) where this server resides.
Template: openvas-server/organization
Type: string
Default: OpenVAS
-_Description: Your organisation:
- Enter the name of your organization or company.
+_Description: Organisation:
+ Please enter the name of the organization this server belongs to.
--- ../openvas-server.old/debian/control 2009-01-04 13:49:21.000000000 +0000
+++ debian/control 2009-01-04 15:25:12.000000000 +0000
@@ -11,30 +11,30 @@
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}, openvas-plugins
Suggests: openvas-client
-Description: Remote network security auditor, the server
- The OpenVAS Security Scanner is a security auditing tool. It makes
- possible to test security modules in an attempt to find vulnerable
- spots that should be fixed.
+Description: remote network security auditor - server
+ The Open Vulnerability Assessment System is a modular security auditing
+ tool, used for testing remote systems for vulnerabilities that should be
+ fixed.
.
It is made up of two parts: a server, and a client. The server/daemon,
openvasd, is in charge of the attacks, whereas the client,
- OpenVAS-Client, provides the user a nice X11/GTK+ interface.
+ OpenVAS-Client, provides an X11/GTK+ user interface.
.
- This package contains the server.
+ This package provides the server.
Package: openvas-server-dev
Section: devel
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}
Recommends: libopenvas1-dev, libopenvasnasl1-dev
-Description: OpenVAS server static libraries and headers
- The OpenVAS Security Scanner is a security auditing tool. It makes
- possible to test security modules in an attempt to find vulnerable
- spots that should be fixed.
+Description: remote network security auditor - static libraries and headers
+ The Open Vulnerability Assessment System is a modular security auditing
+ tool, used for testing remote systems for vulnerabilities that should be
+ fixed.
.
It is made up of two parts: a server, and a client. The server/daemon,
openvasd, is in charge of the attacks, whereas the client,
- OpenVAS-Client, provides the user a nice X11/GTK+ interface.
+ OpenVAS-Client, provides an X11/GTK+ user interface.
.
- This package contains the required static libraries, headers of the server.
-
+ This package provides the static libraries and headers required for
+ compiling the server.
Template: openvas-server/certificate
Type: note
_Description: OpenVAS daemon certificate generation
You will need to provide the relevant information to create an SSL
certificate for your OpenVAS daemon. Note that this information will
remain local to this system, but anyone
with the ability to connect to your OpenVAS daemon will be able to
see it.
Template: openvas-server/califetime
Type: string
Default: 1460
_Description: Certificate authority certificate lifetime (days):
Please choose the lifetime of the Certificate Authority certificate that
will be used to generate
the OpenVAS daemon certificate.
Template: openvas-server/srvlifetime
Type: string
Default: 365
_Description: Server certificate lifetime (days):
Please choose the lifetime of the OpenVAS daemon certificate.
.
OpenVAS clients will not connect to servers with expired certificates,
so you should choose a duration longer than the time you plan to run
this server.
.
This certificate can be regenerated later by removing the certificate
file stored in /var/lib/openvas/CA/ and running "openvas-mkcert".
Template: openvas-server/country
Type: string
_Description: Country (two-letter code):
Please enter the two-letter code for the country where this server resides.
Template: openvas-server/province
Type: string
_Description: State or province:
Please enter the state or province where this server resides.
Template: openvas-server/location
Type: string
_Description: Location:
Please enter the location (e.g. town) where this server resides.
Template: openvas-server/organization
Type: string
Default: OpenVAS
_Description: Organisation:
Please enter the name of the organization this server belongs to.
Source: openvas-server
Section: admin
Priority: optional
Maintainer: Tim Brown <timb@nth-dimension.org.uk>
Uploaders: Javier Fernandez-Sanguino Pen~a <jfs@debian.org>
Build-Depends: debhelper (>= 6), autotools-dev, libgcrypt11-dev, libgnutls-dev, libopenvas1-dev (>= 2.0.0), libopenvasnasl1-dev (>= 2.0.0), libpcap0.8-dev, libwrap0-dev, po-debconf
Standards-Version: 3.7.3
Homepage: http://www.openvas.org/
Package: openvas-server
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}, openvas-plugins
Suggests: openvas-client
Description: remote network security auditor - server
The Open Vulnerability Assessment System is a modular security auditing
tool, used for testing remote systems for vulnerabilities that should be
fixed.
.
It is made up of two parts: a server, and a client. The server/daemon,
openvasd, is in charge of the attacks, whereas the client,
OpenVAS-Client, provides an X11/GTK+ user interface.
.
This package provides the server.
Package: openvas-server-dev
Section: devel
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}
Recommends: libopenvas1-dev, libopenvasnasl1-dev
Description: remote network security auditor - static libraries and headers
The Open Vulnerability Assessment System is a modular security auditing
tool, used for testing remote systems for vulnerabilities that should be
fixed.
.
It is made up of two parts: a server, and a client. The server/daemon,
openvasd, is in charge of the attacks, whereas the client,
OpenVAS-Client, provides an X11/GTK+ user interface.
.
This package provides the static libraries and headers required for
compiling the server.
Reply to: