Minor grammar improvements in the Signing chapter of the DNSSEC Guide

diff --git a/doc/arm/dnssec.inc.rst b/doc/arm/dnssec.inc.rst
index b0f7dee3e857884ba2e5cdcdcbd5aeeb006d92ae..99515b492b8b1664a0ca2ea747bc613b749da60a 100644 (file)
--- a/doc/arm/dnssec.inc.rst
+++ b/doc/arm/dnssec.inc.rst
@@ -147,7 +147,7 @@ This ``custom`` policy, for example:
     rotated after one year and the ZSK after 60 days.
 
 Also:
-  - The configured keys also have a lifetime set and use the ECDSAP384SHA384
+  - The configured keys have a lifetime set and use the ECDSAP384SHA384
     algorithm.
   - The last line instructs BIND to generate NSEC3 records for
     :ref:`Proof of Non-Existence <advanced_discussions_proof_of_nonexistence>`,

diff --git a/doc/dnssec-guide/signing.rst b/doc/dnssec-guide/signing.rst
index 5495be2658ff55fcbc28c44f1fdca4ee2fd3c7e5..1d199083230f2146a9a94d34757460e99ea6e0cc 100644 (file)
--- a/doc/dnssec-guide/signing.rst
+++ b/doc/dnssec-guide/signing.rst
@@ -1149,7 +1149,7 @@ ZSK, and 257 is KSK.
 The name of the file also tells us something
 about the contents. See chapter :ref:`zone_keys` for more details.
 
-Make sure these files are readable by :iscman:`named` and make sure that the
+Make sure that these files are readable by :iscman:`named` and that the
 ``.private`` files are not readable by anyone else.
 
 Alternativelly, the :iscman:`dnssec-keyfromlabel` program is used to get a key
@@ -1429,7 +1429,7 @@ and the KSK file name. This also generates a plain-text file
 to provide the parent zone administrators with the ``DNSKEY`` records (or their
 corresponding ``DS`` records) that are the secure entry point to the zone.
 
-Finally, you'll need to update :iscman:`named.conf` to load the signed version
+Finally, :iscman:`named.conf` needs to be updated to load the signed version
 of the zone, which looks something like this:
 
 .. code-block:: none