#use wml::debian::template title="LDAP Gateway"
The LDAP directory has a PGP secured mail gateway that
-allows users to safely and conviently effect changes to their entries. It
-makes use of PGP signed input messages to positivly identify the user and
+allows users to safely and conveniently effect changes to their entries. It
+makes use of PGP signed input messages to positively identify the user and
to confirm the validity of the request. Furthermore it implements a replay
cache that prevents the gateway from accepting the same message more than
once.
<p>
-There are three functions logically split into 3 sperate email addresses
+There are three functions logically split into 3 seperate email addresses
that are implemented by the gateway: <b>ping</b>, <b>new password</b> and
<b>changes</b>. The function to act on is the first argument to the program.
read error message, but it does have all the relevent information.
<h1>Ping</h1>
-The ping command simply returns the users public record. It is usefull for
+The ping command simply returns the users public record. It is useful for
testing the gateway and for the requester to get a basic dump of their
record. In future this address might 'freshen' the record to indicate the
user is alive. Any PGP signed message will produce a reply.
feature is with
<pre>echo "Please change my Debian password" | gpg --clearsign | mail chpasswd@db.debian.org</pre>
After validating the request the daemon will generate a new random password,
-set it in the directory and respond with an ecrpyted message containing the
+set it in the directory and respond with an encrpyted message containing the
new password. The password can be changed using one of the other interface
methods.
<h1>Changes</h1>
-An address is provided for making almost arbitary changes to the contents of
-the record. The daemon parse its input line by line and acts on each line in
-a command oriented manner. Anything, except for passwords, can be changed
-using this mechanism. Note however that because this is a mail gateway it
-does stringent checking on its input. The other tools allow fields to be set
-to virtually anything, the gateway requires specific field formats to be met.
+An address (changes@db.debian.org) is provided for making almost arbitary
+changes to the contents of the record. The daemon parses its input line by
+line and acts on each line in a command oriented manner. Anything, except for
+passwords, can be changed using this mechanism. Note however that because
+this is a mail gateway it does stringent checking on its input. The other
+tools allow fields to be set to virtually anything, the gateway requires
+specific field formats to be met.
<ul>
<li>A line of the form <tt>'field: value'</tt> will change the contents of
the field to value. Some simple checks are performed on value to make sure
-that it is not sent to nonsense. The values that can be changed are:
+that it is not set to nonsense. The values that can be changed are:
<b>c</b>, <b>l</b>, <b>facsimiletelephonenumber</b>, <b>telephonenumber</b>,
<b>postaladdress</b>, <b>postalcode</b>,
<b>loginshell</b>, <b>emailforward</b>, <b>ircnick</b>, <b>onvacation</b>,
midnight -0700.
<li>If the single word <b>show</b> appears on a line then a PGP encrypted version
-of the entire record will be attached to the result email.
+of the entire record will be attached to the resulting email.
</ul>
After processing the requests the daemon will generate a report which contains