Index: openacs-4/packages/acs-core-docs/www/security-requirements.html
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-core-docs/www/security-requirements.html,v
diff -u -r1.35.2.1 -r1.35.2.2
--- openacs-4/packages/acs-core-docs/www/security-requirements.html	9 Jun 2016 08:44:50 -0000	1.35.2.1
+++ openacs-4/packages/acs-core-docs/www/security-requirements.html	23 Jun 2016 08:32:46 -0000	1.35.2.2
@@ -9,14 +9,14 @@
 The level of personalization may be as simple as displaying the name of the
 user on certain pages or can be as sophisticated as dynamically recommending
 sections of site that the user may be interested in based on prior browsing
-history. In any case, the user's identity must be validated and made
+history. In any case, the user's identity must be validated and made
 available to the rest of the system. In addition, sites such as ecommerce
 vendors require that the user identity be securely validated. 
 </p></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a name="security-requirements-system-overview"></a>Security System Overview</h3></div></div></div><p>
 The security system consists of a number of subsystems. 
 </p><p><span class="strong"><strong>Signed Cookies</strong></span></p><p>
 Cookies play a key role in storing user information. However, since they are
-stored in plaintext on a user's system, the validity of cookies is an
+stored in plaintext on a user&#39;s system, the validity of cookies is an
 important issue in trusting cookie information. Thus, we want to be able to
 validate a cookie, but we also want to validate the cookie without a database
 hit.