minor copy edits

Author: Ed Costello

draft/administration/security.txt

@@ -6,7 +6,7 @@ Authentication and Security
 
 As with all software running in a networked environment,
 administrators of MongoDB must consider security risks and risk
-exposures for the MongoDB deployment. There are no cure-alls for risk
+exposures for a MongoDB deployment. There are no cure-alls for risk
 mitigation, and maintaining a secure MongoDB deployment is an ongoing
 process. This document takes a *Defense in Depth* approach to securing
 MongoDB deployments, and addresses a number of different methods for
@@ -41,7 +41,7 @@ strategies to control access:
 
 You may further reduce risk by: 
 
-- requiring authentication for access to MongoDB accesses.
+- requiring authentication for access to MongoDB instances.
 
 - requiring strong, complex, single purpose authentication credentials.
 

draft/administration/vulnerability-notification.txt

@@ -2,21 +2,23 @@
 Vulnerability Notification
 ==========================
 
-10gen values the privacy and security of all users of MongoDB, and we
+.. default-domain:: mongodb
+
+`10gen <http://www.10gen.com/>`_ values the privacy and security of all users of MongoDB, and we
 work very hard to ensure that MongoDB and related tools minimize risk
 exposure and increase the security and integrity of data and
 environments using MongoDB.
 
 Notification
 ------------
 
-If you believe you've discovered a vulnerability in MongoDB or a
-related product, have experienced a security incident related to
+If you believe you have discovered a vulnerability in MongoDB or a
+related product or have experienced a security incident related to
 MongoDB, please report these issues so that 10gen can respond
 appropriately and work to prevent additional issues in the
 future. All vulnerability reports should contain as much information
-as possible so that we can move easily to resolve the issue, in
-particular, include the following: 
+as possible so that we can move easily to resolve the issue.
+In particular, please include the following: 
 
 - The name of the product. 
 
@@ -59,26 +61,26 @@ You may encrypt email using our `public key
 of a any sensitive information in your vulnerability report.
 
 10gen will respond to any vulnerability notification received via
-email via email which will contain a reference number (i.e. a ticket
+email with email which will contain a reference number (i.e. a ticket
 from the SECURITY project,) Jira case posted to the `SECURITY
 <https://jira.mongodb.org/SECURITY/>`_ project.
 
 Evaluation
 ~~~~~~~~~~
 
 10gen will validate all submitted vulnerabilities. 10gen will use Jira
-to track all communication regarding the vulnerability, which may
-include requests for clarification and additional information. If
+to track all communications regarding the vulnerability, which may
+include requests for clarification and for additional information. If
 needed 10gen representatives can set up a conference call to exchange
 information regaining the vulnerability.
 
 Disclosure
 ~~~~~~~~~~
 
 10gen requests that you do *not* publicly disclose any information
-regarding the vulnerability or exploit, until 10gen has had the
+regarding the vulnerability or exploit until 10gen has had the
 opportunity to analyze the vulnerability, respond to the notification,
-and if needed to notify key users, customers, and partners.
+and to notify key users, customers, and partners if needed.
 
 The amount of time required to validate a reported vulnerability
 depends on the complexity and severity of the issue. 10gen takes all