11<!--
2- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.320 2005/05/20 14:53:25 momjian Exp $
2+ $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.321 2005/05/25 02:56:15 neilc Exp $
33-->
44
55<chapter Id="runtime">
@@ -4965,9 +4965,8 @@ $ <userinput>kill -INT `head -1 /usr/local/pgsql/data/postmaster.pid`</userinput
49654965 <productname>PostgreSQL</productname> offers encryption at several
49664966 levels, and provides flexibility in protecting data from disclosure
49674967 due to database server theft, unscrupulous administrators, and
4968- insecure networks. Encryption might also be required by government
4969- regulation, for example, for medical records or financial
4970- transactions.
4968+ insecure networks. Encryption might also be required to secure
4969+ sensitive data such as medical records or financial transactions.
49714970 </para>
49724971
49734972 <variablelist>
@@ -4978,12 +4977,11 @@ $ <userinput>kill -INT `head -1 /usr/local/pgsql/data/postmaster.pid`</userinput
49784977
49794978 <para>
49804979 By default, database user passwords are stored as MD5 hashes, so
4981- the administratorcan not determine the actual password assigned
4980+ the administratorcannot determine the actual password assigned
49824981 to the user. If MD5 encryption is used for client authentication,
49834982 the unencrypted password is never even temporarily present on the
4984- server because the client MD5 encrypts it before being sent across
4985- the network. MD5 is a one-way encryption --- there is no
4986- decryption algorithm.
4983+ server because the client MD5 encrypts it before being sent
4984+ across the network.
49874985 </para>
49884986 </listitem>
49894987 </varlistentry>
@@ -5025,13 +5023,13 @@ $ <userinput>kill -INT `head -1 /usr/local/pgsql/data/postmaster.pid`</userinput
50255023
50265024 <para>
50275025 This mechanism prevents unecrypted data from being read from the
5028- drives if the drives or the entire computer is stolen. This
5029- mechanism does nothing to protect against attacks while the
5030- filesystem is mounted, because when mounted, the operating system
5031- provides a unencrypted view of the data. However, to mount the
5032- filesystem, you need some way for the encryption key to be passed
5033- to the operating system, and sometimes the key is stored somewhere
5034- on the host that mounts the disk.
5026+ drives if the drives or the entire computer is stolen. This does
5027+ not protect against attacks while the filesystem is mounted,
5028+ because when mounted, the operating system provides an unencrypted
5029+ view of the data. However, to mount the filesystem, you need some
5030+ way for the encryption key to be passed to the operating system,
5031+ and sometimes the key is stored somewhere on the host that mounts
5032+ the disk.
50355033 </para>
50365034 </listitem>
50375035 </varlistentry>
@@ -5048,8 +5046,8 @@ $ <userinput>kill -INT `head -1 /usr/local/pgsql/data/postmaster.pid`</userinput
50485046 connection was made. It is this double-encrypted value that is
50495047 sent over the network to the server. Double-encryption not only
50505048 prevents the password from being discovered, it also prevents
5051- another connection fromreplaying the samedouble-encryption
5052- value in a laterconnection .
5049+ another connection fromusing the sameencrypted password to
5050+ connect to the database server at a latertime .
50535051 </para>
50545052 </listitem>
50555053 </varlistentry>
@@ -5079,9 +5077,9 @@ $ <userinput>kill -INT `head -1 /usr/local/pgsql/data/postmaster.pid`</userinput
50795077 It is possible for both the client and server to provide SSL keys
50805078 or certificates to each other. It takes some extra configuration
50815079 on each side, but this provides stronger verification of identity
5082- than the mere use of passwords. Itprevent a computer from
5080+ than the mere use of passwords. Itprevents a computer from
50835081 pretending to be the server just long enough to read the password
5084- send by the client. It also helps prevent' man in the middle"
5082+ send by the client. It also helps prevent" man in the middle"
50855083 attacks where a computer between the client and server pretends to
50865084 be the server and reads and passes all data between the client and
50875085 server.
@@ -5094,13 +5092,11 @@ $ <userinput>kill -INT `head -1 /usr/local/pgsql/data/postmaster.pid`</userinput
50945092
50955093 <listitem>
50965094 <para>
5097- If the system administratorcan not be trusted, it is necessary
5095+ If the system administratorcannot be trusted, it is necessary
50985096 for the client to encrypt the data; this way, unencrypted data
50995097 never appears on the database server. Data is encrypted on the
51005098 client before being sent to the server, and database results have
5101- to be decrypted on the client before being used. Peter Wayner's
5102- book, <citation>Translucent Databases</citation>, discusses how to
5103- do this in considerable detail.
5099+ to be decrypted on the client before being used.
51045100 </para>
51055101 </listitem>
51065102 </varlistentry>
