diff --git a/envoy/admin/v2alpha/clusters.proto b/envoy/admin/v2alpha/clusters.proto
index af4d9a47..05218f81 100644
--- a/envoy/admin/v2alpha/clusters.proto
+++ b/envoy/admin/v2alpha/clusters.proto
@@ -53,7 +53,7 @@ message ClusterStatus {
 
   // The success rate threshold used in the last interval when only locally originated failures were
   // taken into account and externally originated errors were treated as success.
-  // This field should be interpretted only when
+  // This field should be interpreted only when
   // :ref:`outlier_detection.split_external_local_origin_errors<envoy_api_field_cluster.OutlierDetection.split_external_local_origin_errors>`
   // is *true*. The threshold is used to eject hosts based on their success rate.
   // See :ref:`Cluster outlier detection <arch_overview_outlier_detection>` documentation for
@@ -108,7 +108,7 @@ message HostStatus {
   // Request success rate for this host over the last calculated
   // interval when only locally originated errors are taken into account and externally originated
   // errors were treated as success.
-  // This field should be interpretted only when
+  // This field should be interpreted only when
   // :ref:`outlier_detection.split_external_local_origin_errors<envoy_api_field_cluster.OutlierDetection.split_external_local_origin_errors>`
   // is *true*.
   // See :ref:`Cluster outlier detection <arch_overview_outlier_detection>` documentation for
diff --git a/envoy/admin/v3alpha/clusters.proto b/envoy/admin/v3alpha/clusters.proto
index ca0a7aa2..607e1774 100644
--- a/envoy/admin/v3alpha/clusters.proto
+++ b/envoy/admin/v3alpha/clusters.proto
@@ -53,7 +53,7 @@ message ClusterStatus {
 
   // The success rate threshold used in the last interval when only locally originated failures were
   // taken into account and externally originated errors were treated as success.
-  // This field should be interpretted only when
+  // This field should be interpreted only when
   // :ref:`outlier_detection.split_external_local_origin_errors<envoy_api_field_api.v3alpha.cluster.OutlierDetection.split_external_local_origin_errors>`
   // is *true*. The threshold is used to eject hosts based on their success rate.
   // See :ref:`Cluster outlier detection <arch_overview_outlier_detection>` documentation for
@@ -108,7 +108,7 @@ message HostStatus {
   // Request success rate for this host over the last calculated
   // interval when only locally originated errors are taken into account and externally originated
   // errors were treated as success.
-  // This field should be interpretted only when
+  // This field should be interpreted only when
   // :ref:`outlier_detection.split_external_local_origin_errors<envoy_api_field_api.v3alpha.cluster.OutlierDetection.split_external_local_origin_errors>`
   // is *true*.
   // See :ref:`Cluster outlier detection <arch_overview_outlier_detection>` documentation for
diff --git a/envoy/api/v2/cds.proto b/envoy/api/v2/cds.proto
index 5cf42fa1..5aabb7fe 100644
--- a/envoy/api/v2/cds.proto
+++ b/envoy/api/v2/cds.proto
@@ -278,7 +278,7 @@ message Cluster {
 
     // When used with locality_weight_aware, scales the weight of each locality by the ratio
     // of hosts in the subset vs hosts in the original subset. This aims to even out the load
-    // going to an individual locality if said locality is disproportionally affected by the
+    // going to an individual locality if said locality is disproportionately affected by the
     // subset predicate.
     bool scale_locality_weight = 5;
 
diff --git a/envoy/api/v2/route/route.proto b/envoy/api/v2/route/route.proto
index d0de3217..937a511f 100644
--- a/envoy/api/v2/route/route.proto
+++ b/envoy/api/v2/route/route.proto
@@ -620,7 +620,7 @@ message RouteAction {
       ConnectionProperties connection_properties = 3;
     }
 
-    // The flag that shortcircuits the hash computing. This field provides a
+    // The flag that short-circuits the hash computing. This field provides a
     // 'fallback' style of configuration: "if a terminal policy doesn't work,
     // fallback to rest of the policy list", it saves time when the terminal
     // policy works.
diff --git a/envoy/api/v3alpha/cds.proto b/envoy/api/v3alpha/cds.proto
index 77918198..a0f6897e 100644
--- a/envoy/api/v3alpha/cds.proto
+++ b/envoy/api/v3alpha/cds.proto
@@ -273,7 +273,7 @@ message Cluster {
 
     // When used with locality_weight_aware, scales the weight of each locality by the ratio
     // of hosts in the subset vs hosts in the original subset. This aims to even out the load
-    // going to an individual locality if said locality is disproportionally affected by the
+    // going to an individual locality if said locality is disproportionately affected by the
     // subset predicate.
     bool scale_locality_weight = 5;
 
diff --git a/envoy/api/v3alpha/route/route.proto b/envoy/api/v3alpha/route/route.proto
index fcdbf00c..f1540406 100644
--- a/envoy/api/v3alpha/route/route.proto
+++ b/envoy/api/v3alpha/route/route.proto
@@ -573,7 +573,7 @@ message RouteAction {
       ConnectionProperties connection_properties = 3;
     }
 
-    // The flag that shortcircuits the hash computing. This field provides a
+    // The flag that short-circuits the hash computing. This field provides a
     // 'fallback' style of configuration: "if a terminal policy doesn't work,
     // fallback to rest of the policy list", it saves time when the terminal
     // policy works.
diff --git a/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto b/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto
index d21c2735..01fba7f1 100644
--- a/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto
+++ b/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto
@@ -351,7 +351,7 @@ message HttpConnectionManager {
   // .. NOTE::
   //    To be useful in avoiding the race condition described above, this timeout must be set
   //    to *at least* <max round trip time expected between clients and Envoy>+<100ms to account for
-  //    a reasonsable "worst" case processing time for a full iteration of Envoy's event loop>.
+  //    a reasonable "worst" case processing time for a full iteration of Envoy's event loop>.
   //
   // .. WARNING::
   //    A value of 0 will completely disable delayed close processing. When disabled, the downstream
diff --git a/envoy/config/filter/network/http_connection_manager/v3alpha/http_connection_manager.proto b/envoy/config/filter/network/http_connection_manager/v3alpha/http_connection_manager.proto
index 1544c968..c936d98b 100644
--- a/envoy/config/filter/network/http_connection_manager/v3alpha/http_connection_manager.proto
+++ b/envoy/config/filter/network/http_connection_manager/v3alpha/http_connection_manager.proto
@@ -338,7 +338,7 @@ message HttpConnectionManager {
   // .. NOTE::
   //    To be useful in avoiding the race condition described above, this timeout must be set
   //    to *at least* <max round trip time expected between clients and Envoy>+<100ms to account for
-  //    a reasonsable "worst" case processing time for a full iteration of Envoy's event loop>.
+  //    a reasonable "worst" case processing time for a full iteration of Envoy's event loop>.
   //
   // .. WARNING::
   //    A value of 0 will completely disable delayed close processing. When disabled, the downstream
diff --git a/envoy/config/filter/network/redis_proxy/v2/redis_proxy.proto b/envoy/config/filter/network/redis_proxy/v2/redis_proxy.proto
index e68ace55..76a2eb62 100644
--- a/envoy/config/filter/network/redis_proxy/v2/redis_proxy.proto
+++ b/envoy/config/filter/network/redis_proxy/v2/redis_proxy.proto
@@ -211,8 +211,8 @@ message RedisProxy {
   //
   // When using the above routes, the following prefixes would be sent to:
   //
-  // * 'get abc:users' would retrive the key 'abc:users' from cluster_b.
-  // * 'get ab:users' would retrive the key 'ab:users' from cluster_a.
+  // * 'get abc:users' would retrieve the key 'abc:users' from cluster_b.
+  // * 'get ab:users' would retrieve the key 'ab:users' from cluster_a.
   // * 'get z:users' would return a NoUpstreamHost error. A :ref:`catch-all
   //   route<envoy_api_field_config.filter.network.redis_proxy.v2.RedisProxy.PrefixRoutes.catch_all_route>`
   //   would have retrieved the key from that cluster instead.
@@ -237,7 +237,7 @@ message RedisProxy {
 // :ref:`extension_protocol_options<envoy_api_field_Cluster.extension_protocol_options>`, keyed
 // by the name `envoy.redis_proxy`.
 message RedisProtocolOptions {
-  // Upstream server password as defined by the `requirepass directive
+  // Upstream server password as defined by the `requirepass` directive
   // <https://redis.io/topics/config>`_ in the server's configuration file.
   api.v2.core.DataSource auth_password = 1;
 }
diff --git a/envoy/config/filter/network/redis_proxy/v3alpha/redis_proxy.proto b/envoy/config/filter/network/redis_proxy/v3alpha/redis_proxy.proto
index b792ac02..83b1ac2a 100644
--- a/envoy/config/filter/network/redis_proxy/v3alpha/redis_proxy.proto
+++ b/envoy/config/filter/network/redis_proxy/v3alpha/redis_proxy.proto
@@ -199,8 +199,8 @@ message RedisProxy {
   //
   // When using the above routes, the following prefixes would be sent to:
   //
-  // * 'get abc:users' would retrive the key 'abc:users' from cluster_b.
-  // * 'get ab:users' would retrive the key 'ab:users' from cluster_a.
+  // * 'get abc:users' would retrieve the key 'abc:users' from cluster_b.
+  // * 'get ab:users' would retrieve the key 'ab:users' from cluster_a.
   // * 'get z:users' would return a NoUpstreamHost error. A :ref:`catch-all
   //   route<envoy_api_field_config.filter.network.redis_proxy.v3alpha.RedisProxy.PrefixRoutes.catch_all_route>`
   //   would have retrieved the key from that cluster instead.
@@ -225,7 +225,7 @@ message RedisProxy {
 // :ref:`extension_protocol_options<envoy_api_field_api.v3alpha.Cluster.extension_protocol_options>`,
 // keyed by the name `envoy.redis_proxy`.
 message RedisProtocolOptions {
-  // Upstream server password as defined by the `requirepass directive
+  // Upstream server password as defined by the `requirepass` directive
   // <https://redis.io/topics/config>`_ in the server's configuration file.
   api.v3alpha.core.DataSource auth_password = 1;
 }
diff --git a/envoy/service/auth/v2/attribute_context.proto b/envoy/service/auth/v2/attribute_context.proto
index 90c42c6f..6fd24ea1 100644
--- a/envoy/service/auth/v2/attribute_context.proto
+++ b/envoy/service/auth/v2/attribute_context.proto
@@ -92,7 +92,7 @@ message AttributeContext {
 
     // The HTTP request headers. If multiple headers share the same key, they
     // must be merged according to the HTTP spec. All header keys must be
-    // lowercased, because HTTP header keys are case-insensitive.
+    // lower-cased, because HTTP header keys are case-insensitive.
     map<string, string> headers = 3;
 
     // The request target, as it appears in the first line of the HTTP request. This includes
diff --git a/envoy/service/auth/v3alpha/attribute_context.proto b/envoy/service/auth/v3alpha/attribute_context.proto
index 4a3a23e8..24214aa2 100644
--- a/envoy/service/auth/v3alpha/attribute_context.proto
+++ b/envoy/service/auth/v3alpha/attribute_context.proto
@@ -92,7 +92,7 @@ message AttributeContext {
 
     // The HTTP request headers. If multiple headers share the same key, they
     // must be merged according to the HTTP spec. All header keys must be
-    // lowercased, because HTTP header keys are case-insensitive.
+    // lower-cased, because HTTP header keys are case-insensitive.
     map<string, string> headers = 3;
 
     // The request target, as it appears in the first line of the HTTP request. This includes