May as well reference an RFC rather than an Internet Draft where we can.

[u/mdw/putty] / doc / errors.but

diff --git a/doc/errors.but b/doc/errors.but
index 7cdda2f..cbca36b 100644 (file)
--- a/doc/errors.but
+++ b/doc/errors.but
@@ -89,7 +89,7 @@ This can easily happen if you are using Pageant and have a
 large number of keys loaded into it, since these servers count each
 offer of a public key as an authentication attempt. This can be worked
 around by specifying the key that's required for the authentication in
-the PuTTY configuration (see \k{config-ssh-privkey}; PuTTY will ignore
+the PuTTY configuration (see \k{config-ssh-privkey}); PuTTY will ignore
 any other keys Pageant may have, but will ask Pageant to do the
 authentication, so that you don't have to type your passphrase.
 
@@ -201,7 +201,7 @@ Upgrade your server, or use the workarounds described in
 \k{config-ssh-bug-ignore1} and possibly \k{config-ssh-bug-plainpw1}.
 
 \H{errors-crc} \q{Incorrect \i{CRC} received on packet} or \q{Incorrect
-MAC received on packet}
+\i{MAC} received on packet}
 
 This error occurs when PuTTY decrypts an SSH packet and its checksum
 is not correct. This probably means something has gone wrong in the
@@ -209,6 +209,14 @@ encryption or decryption process. It's difficult to tell from this
 error message whether the problem is in the client, in the server,
 or in between.
 
+In particular, if the network is corrupting data at the TCP level, it
+may only be obvious with cryptographic protocols such as SSH, which
+explicitly check the integrity of the transferred data and complain
+loudly if the checks fail. Corruption of protocols without integrity
+protection (such as HTTP) will manifest in more subtle failures (such
+as misdisplayed text or images in a web browser) which may not be
+noticed.
+
 A known server problem which can cause this error is described in
 \k{faq-openssh-bad-openssl} in the FAQ.