More typo fixes

content/en/caaproblem.md

@@ -32,8 +32,8 @@ hash of the names on the cert (you can disregard), then the list of names on
 the cert. The date is when the affected cert was issued.
 
 You can download this file and look up your account id(s) (if you received an
-email, your account ids were in that email). For each certificate
-associated you will need to renew and replace it, unless you have renewed it
+email, your account ids were in that email). For each certificate listed,
+you will need to renew and replace it, unless you have renewed it
 more recently than the date listed. For instance, if you know your ACME client
 always renews certificates when they are 30 days from expiration, you can safely
 ignore any entries with a date earlier than 2020-01-02.

content/en/docs/certificates-for-localhost.md

@@ -37,7 +37,7 @@ used alongside a web site to offer extra features. For instance, the Dropbox
 and Spotify desktop apps scan for files from across your machine, which a
 web app would not be allowed to do. One common approach is for these native
 apps to offer a web service on localhost, and have the web app make requests
-to it via XMLHTTPRequest (XHR) or WebSockets. The web app almost always uses HTTPS, which
+to it via XMLHttpRequest (XHR) or WebSockets. The web app almost always uses HTTPS, which
 means that browsers will forbid it from making XHR or WebSockets requests
 to non-secure URLs. This is called Mixed Content Blocking. To communicate with
 the web app, the native app needs to provide a secure web service.

content/en/docs/dst-root-ca-x3-expiration-september-2021.md

@@ -15,7 +15,7 @@ show_lastmod: 1
 > As planned, the DST Root CA X3 cross-sign has expired, and we're now using our own ISRG Root X1 for trust on almost all devices. For more details about the plan, keep reading!
 > We have also updated our Production Chain Changes thread on our community forum - [our team and community are here and ready to help](https://community.letsencrypt.org/t/production-chain-changes/150739/4) with any questions you may have about this expiration.
 
-On September 30 2021, there will be a small change in how older browsers and devices
+On September 30, 2021, there will be a small change in how older browsers and devices
 trust Let's Encrypt certificates. If you run a typical website, you won't notice
 a difference - the vast majority of your visitors will still accept your Let's
 Encrypt certificate. If you provide an API or have to support IoT devices, you

content/en/docs/integration-guide.md

@@ -46,7 +46,7 @@ The upshot of this is that, if you are a hosting provider, you do not need to ge
 
 In ACME, it's possible to create one account and use it for all authorizations and issuances, or create one account per customer. This flexibility may be valuable. For instance, some hosting providers may want to use one account per customer, and store the account keys in different contexts, so that an account key compromise doesn't allow issuance for all of their customers.
 
-However, for most larger hosting providers we recommend using a single account and guarding the corresponding account key well. This makes it easier to identify certificates belonging to the same entity, and easier to provide rate limits adjustments if needed. We will be unable to effectively adjust rate limits if many different accounts are used.
+However, for most larger hosting providers we recommend using a single account and guarding the corresponding account key well. This makes it easier to identify certificates belonging to the same entity, and easier to provide rate limit adjustments if needed. We will be unable to effectively adjust rate limits if many different accounts are used.
 
 # Multi-domain (SAN) Certificates
 

content/en/post/2019-11-20-how-le-runs-ct-logs.md

@@ -77,7 +77,7 @@ The certificate transparency front end, or [CTFE](https://github.com/google/cert
 
 # Load Balancing
 
-Traffic enters the CT log through an Amazon ELB which is mapped to a Kubernetes Nginx ingress service. The ingress service balances traffic amongst multiple Nginx pods. The Nginx pods proxy traffic to the CTFE service which balance that traffic to CTFE pods.
+Traffic enters the CT log through an Amazon ELB which is mapped to a Kubernetes Nginx ingress service. The ingress service balances traffic amongst multiple Nginx pods. The Nginx pods proxy traffic to the CTFE service which balances that traffic to CTFE pods.
 
 We employ IP and user agent based rate limiting at this Nginx layer.
 
@@ -92,7 +92,7 @@ We developed a free and open source tool named [ct-woodpecker](https://github.co
 Here are some ways we may be able to improve the efficiency of our system in the future:
 
 * Trillian stores a copy of each certificate chain, including many duplicate copies of the same intermediate certificates. Being able to de-duplicate these in Trillian would significantly reduce storage costs. We’re planning to look into whether this is possible and reasonable.
-* See if we can successfully use a cheaper form of storage than IO1 block storage and provisioned IOPs.
+* See if we can successfully use a cheaper form of storage than IO1 block storage and provisioned IOPS.
 * See if we can reduce the Kubernetes worker EC2 instance size or use fewer EC2 instances.
 
 # Support Let’s Encrypt

content/en/post/2021-01-21-next-gen-database-servers.md

@@ -30,7 +30,7 @@ The previous generation of database hardware was powerful but it was regularly b
 	<tr>
 		<td class="p-[10px] align-top"><b>CPU</b></td>
 		<td class="p-[10px]">2x Intel Xeon E5-2650<br>Total 24 cores / 48 threads</td>
-		<td class="p-[10px]">2x <a href="https://www.amd.com/en/products/cpu/amd-epyc-7452">AMD EPYC 7542</a><br>Total 64 cores / 128 threads
+		<td class="p-[10px]">2x <a href="https://www.amd.com/en/products/cpu/amd-epyc-7542">AMD EPYC 7542</a><br>Total 64 cores / 128 threads
 </td>
 	</tr>
 	<tr>

content/en/post/2022-04-13-receiving-the-levchin-prize.html

@@ -10,7 +10,7 @@
   <em
     >On April 13, 2022, the Real World Crypto steering committee presented the
     Max Levchin Prize for Real-World Cryptography to Let’s Encrypt. The
-    following is the speech delivered by our Executive Director, Josh Aas upon
+    following is the speech delivered by our Executive Director, Josh Aas, upon
     receiving the award. We’d like to
     <a href="https://abetterinternet.org/levchin-prize"
       >thank our community for supporting us and invite you to join us</a

content/en/post/2022-05-19-nurturing-ct-log-growth.md

@@ -5,7 +5,7 @@ slug: nurturing-ct-log-growth
 title: "Nurturing Continued Growth of Our Oak CT Log"
 aliases:
   - /2022/05/19/database-to-app-tls.html
-excerpt: "Only five organizations run a Certificate Transparency log, and the Let’s Encrypt log is the only fully open source stack."
+excerpt: "Only six organizations run a Certificate Transparency log, and the Let’s Encrypt log is the only fully open source stack."
 ---
 
 Let's Encrypt has been running a Certificate Transparency (CT) log since 2019 as part of our commitment to keeping the Web PKI ecosystem healthy. CT logs have become important infrastructure for an encrypted Web [^1], but have a well-deserved reputation for being difficult to operate at high levels of trust: Only 6 organizations run logs that are currently considered to be "qualified." [^2]