From 3bc708529f6a64cbfe472f485c697aeff380ea9d Mon Sep 17 00:00:00 2001
From: Zooko O'Whielacronx
In general, the Tub will generate its own identity, the TubID, by
-creating an SSL private key certificate and hashing it into a suitably-long
+creating an SSL public key certificate and hashing it into a suitably-long
random-looking string. This is the primary identifier of the Tub: everything
else is just a location hint that suggests how the Tub might be
-reached. The fact that the TubID is tied to the private key allows FURLs to
+reached. The fact that the TubID is tied to the public key allows FURLs to
be secure
references (meaning that no third party can cause you to
connect to the wrong reference). You can also create a Tub with a
pre-existing certificate, which is how Tubs can retain a persistent identity
@@ -236,7 +236,7 @@ application.
The Tub uses a TLS private-key certificate as the base of all its +
The Tub uses a TLS public-key certificate as the base of all its cryptographic operations. If you don't give it one when you create the Tub, it will generate a brand-new one.
-- 2.45.2