1313 log from being able to access the data stored in those files.
1414 For example, when using cluster file encryption, users who have read
1515 access to the cluster directories for backup purposes will not be able
16- to decrypt the data stored inthe these files.
16+ to decrypt the data stored in these files.
1717 </para>
1818
1919 <para>
2424 Key one is used to encrypt write-ahead log (WAL) files. Two different
2525 keys are used so that primary and standby servers can use different zero
2626 (heap/index/temp) keys, but the same one (WAL) key, so that these keys
27- can eventually be rotated by switching the primary to the standby as
27+ can eventually be rotated by switching the primary to the standby
2828 and then changing the WAL key.
2929 </para>
3030
@@ -68,7 +68,7 @@ initdb -D dbname --cluster-key-command='ckey_passphrase.sh'
6868 During the <command>initdb</command> process, if
6969 <option>--cluster-key-command</option> is specified, two data-level
7070 encryption keys are created. These two keys are then encrypted with
71- the keyenryption key (KEK) supplied by the cluster key command before
71+ the keyencryption key (KEK) supplied by the cluster key command before
7272 being stored in the database directory. The key or passphrase that
7373 derives the key must be supplied from the terminal or stored in a
7474 trusted key store, such as key vault software, hardware security module.
@@ -87,7 +87,7 @@ initdb -D dbname --cluster-key-command='ckey_passphrase.sh'
8787 </para>
8888
8989 <para>
90- The data encryption keys are randomly generated and areof 128, 192,
90+ The data encryption keys are randomly generated and are 128, 192,
9191 or 256-bits in length. They are encrypted by the key encryption key
9292 (KEK) using Advanced Encryption Standard (<acronym>AES256</acronym>)
9393 encryption in Galois/Counter Mode (<acronym>GCM</acronym>), which also