Thanks to Patrick Chkoreff.
Signed-off-by: Sergey Matveev <stargrave@stargrave.org>
@end multitable
-Also you can try it's @ref{Contacts, .onion} version.
+Also you can try its @ref{Contacts, .onion} version.
Sourceforge.net also provides mirror for the files above:
@url{http://sourceforge.net/projects/govpn/files/}.
-You can obtain it's development source code by cloning
+You can obtain its development source code by cloning
Git repository: @code{git clone https://github.com/stargrave/govpn.git}.
Pay attention that it does not contain compiled documentation and is not
recommended for porters because of that.
@item Server decrypts @code{RS}, @code{RC}, @code{SC},
@code{Sign(DSAPriv, K)}.
- @item Compares @code{RS} with it's own one sent before. Server
+ @item Compares @code{RS} with its own one sent before. Server
decrypts @code{RS}, @code{RC}, @code{SC} with key @code{K}, compares
- @code{RS} with it's own one sent before.
+ @code{RS} with its own one sent before.
@item Verifies @code{K} signature with verifier @code{DSAPub}.
@item
@itemize @bullet
@item Client decrypts @code{RC}
-@item Compares with it's own one sent before.
+@item Compares with its own one sent before.
@item Computes final session encryption key as server did.
@end itemize
@item
Ability to hide underlying packets lengths by appending noise, junk
-data during transmission. Each packet can be fill up-ed to it's
+data during transmission. Each packet can be fill up-ed to its
maximal MTU size.
@item
The very important precaution is the @strong{cryptographically good}
pseudo random number generator. GoVPN uses native operating system PRNG
-as entropy source. You have no way to check it's quality in closed
+as entropy source. You have no way to check its quality in closed
source code operating systems, so it is recommended not to use them if
you really needs security. Moreover it is possible that those OS leaks
information about possible PRNG states. And at least Apple OS X and
Microsoft Windows are already known to have weak CSPRNGs.
-GoVPN could use it's own PRNG implementation like
+GoVPN could use its own PRNG implementation like
@url{https://www.schneier.com/fortuna.html, Fortuna}, but it is
much easier to use the right OS, to use free software.
related to that key could be decrypted.
We use password (passphrase) authentication, so overall security fully
-depends on it's strength. So you should use long, high-entropy
+depends on its strength. So you should use long, high-entropy
passphrases. Also remember to keep passphrase on temporary file as
described in @ref{Verifier}.
Verifier is a derivative of the password. It is resistant to
dictionary attacks and can not be used for authentication (only
-it's verifying).
+its verifying).
@verbatim
SOURCE = PBKDF2(SALT=PeerId, PASSWORD, 1<<16, SHA512)