its vs it\'s etc. From Bjorn Sandell

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22071 ec53bebd-3082-4978-b11e-865c3cabbd6b

doc/apps.texi

@@ -202,7 +202,7 @@ KeyFile.
 @subsection What is 2b ?
 
 2b is the name of the proposal that was implemented to give basic
-Kerberos 5 support to AFS in rxkad. Its not real Kerberos 5 support
+Kerberos 5 support to AFS in rxkad. It's not real Kerberos 5 support
 since it still uses fcrypt for data encryption and not Kerberos
 encryption types.
 

doc/hx509.texi

@@ -285,7 +285,7 @@ depth.
 
 @item Proxy certificates
 
-Remember that End Entity can't issue certificates by them own, its not
+Remember that End Entity can't issue certificates by them own, it's not
 really true. There there is an extension called proxy certificates,
 defined in RFC3820, that allows certificates to be issued by end entity
 certificates. The service that receives the proxy certificates must have
@@ -323,19 +323,19 @@ evaluates the policy.
 @node Setting up a CA, Creating a CA certificate, What is X.509 ?, Top
 @chapter Setting up a CA
 
-Do not let this chapter scare you off, its just to give you an idea how
+Do not let this chapter scare you off, it's just to give you an idea how
 to complicated setting up a CA can be. If you are just playing around,
 skip all this and go to the next chapter, @pxref{Creating a CA
 certificate}.
 
 Creating a CA certificate should be more the just creating a
-certificate, there is the policy of the CA. If its just you and your
+certificate, there is the policy of the CA. If it's just you and your
 friend that is playing around then it probably doesn't matter what the
 policy is. But then it comes to trust in an organisation, it will
 probably matter more whom your users and sysadmins will find it
 acceptable to trust.
 
-At the same time, try to keep thing simple, its not very hard to run a
+At the same time, try to keep thing simple, it's not very hard to run a
 Certificate authority and the process to get new certificates should
 simple.
 
@@ -599,7 +599,7 @@ The certificate may also contain a jabber identifier (JID) that, if the
 receiver allows it, authorises the server or client to use that JID.
 
 When storing a JID inside the certificate, both for server and client,
-its stored inside a UTF8String within an otherName entity inside the
+it's stored inside a UTF8String within an otherName entity inside the
 subjectAltName, using the OID id-on-xmppAddr (1.3.6.1.5.5.7.8.5).
 
 To read more about the requirements, see RFC3920, Extensible Messaging
@@ -620,7 +620,7 @@ hxtool issue-certificate \
 @chapter CMS signing and encryption
 
 CMS is the Cryptographic Message System that among other, is used by
-S/MIME (secure email) and Kerberos PK-INIT. Its an extended version of
+S/MIME (secure email) and Kerberos PK-INIT. It's an extended version of
 the RSA, Inc standard PKCS7.
 
 @node CMS background, , CMS signing and encryption, Top

doc/programming.texi

@@ -97,7 +97,7 @@ found'', the user might back ``failed to find
 host/host.example.com@@EXAMLE.COM(kvno 3) in keytab /etc/krb5.keytab
 (des-cbc-crc)''.  This improves the chance that the user find the
 cause of the error so you should use the customised error message
-whenever its available.
+whenever it's available.
 
 See also manual page for @manpage{krb5_get_error_string,3} and
 @manpage{krb5_get_err_text,3}.
@@ -141,7 +141,7 @@ reason @code{err()} is used when @code{krb5_init_context()} fails.
 First the client needs to call @code{krb5_init_context} to initialise
 the Kerberos 5 library. This is only needed once per thread
 in the program. If the function returns a non-zero value it indicates
-that either the Kerberos implementation is failing or its disabled on
+that either the Kerberos implementation is failing or it's disabled on
 this host.
 
 @example

doc/setup.texi

@@ -668,7 +668,7 @@ default encryption will be used.
 
 @item @code{afs3-salt}
 
-@code{afs3-salt} is the salt that is used with Transarc kaserver. Its
+@code{afs3-salt} is the salt that is used with Transarc kaserver. It's
 the cell name appended to the password.
 
 @end itemize
@@ -885,7 +885,7 @@ local transport. (A patch to support SASL EXTERNAL authentication is
 necessary in order to use OpenLDAP 2.1.x.)
 
 @item
-Add the hdb schema to the LDAP server, its included in the source-tree
+Add the hdb schema to the LDAP server, it's included in the source-tree
 in @file{lib/hdb/hdb.schema}. Example from slapd.conf:
 
 @example
@@ -915,7 +915,7 @@ Another option is to create an admins group and add the dn to that
 group.
 
 Since Heimdal talks to the LDAP server over a UNIX domain socket, and
-uses external sasl authentication, its not possible to require
+uses external sasl authentication, it's not possible to require
 security layer quality (ssf in cyrus-sasl lingo). So that requirement
 has to be turned off in OpenLDAP @command{slapd} configuration file
 @file{slapd.conf}.
@@ -1080,8 +1080,8 @@ PK-INIT is levering the existing PKI infrastructure to use
 certificates to get the initial ticket, that is usually the krbtgt.
 
 To use PK-INIT you must first have a PKI, so if you don't have one,
-now its time to create it. Note that you should read the whole chapter
-of the document to see the requirements on the CA sortware.
+it is time to create it. Note that you should read the whole chapter
+of the document to see the requirements on the CA software.
 
 There needs to exist a mapping between the certificate and what
 principals that certificate is allowed to use. There are several ways
@@ -1107,7 +1107,7 @@ name of the TGS of the target realm.
 
 Both of these two requirements are not required by the standard to be
 checked by the client if it have external information what the
-certificate the KDC is supposed to be used. So its in the interst of
+certificate the KDC is supposed to be used. So it's in the interest of
 minimum amount of configuration on the clients they should be included.
 
 Remember that if the client would accept any certificate as the KDC's