all: update more references to Tailnet/Network Lock

Updates tailscale/corp#37904

Change-Id: I09e73b3248b9ddf86dafe33dfb621bd560f6596d
Signed-off-by: Alex Chan <alexc@tailscale.com>

tka/sig.go

@@ -178,7 +178,7 @@ func (s NodeKeySignature) UnverifiedAuthorizingKeyID() (tkatype.KeyID, error) {
 	return s.authorizingKeyID()
 }
 
-// authorizingKeyID returns the KeyID of the key trusted by network-lock which authorizes
+// authorizingKeyID returns the KeyID of the key trusted by tailnet-lock which authorizes
 // this signature.
 func (s NodeKeySignature) authorizingKeyID() (tkatype.KeyID, error) {
 	switch s.SigKind {
@@ -349,14 +349,14 @@ func (s *NodeKeySignature) rotationDetails() (*RotationDetails, error) {
 
 // ResignNKS re-signs a node-key signature for a new node-key.
 //
-// This only matters on network-locked tailnets, because node-key signatures are
+// This only matters on tailnet-locked tailnets, because node-key signatures are
 // how other nodes know that a node-key is authentic. When the node-key is
 // rotated then the existing signature becomes invalid, so this function is
 // responsible for generating a new wrapping signature to certify the new node-key.
 //
 // The signature itself is a SigRotation signature, which embeds the old signature
 // and certifies the new node-key as a replacement for the old by signing the new
-// signature with RotationPubkey (which is the node's own network-lock key).
+// signature with RotationPubkey (which is the node's own tailnet-lock key).
 func ResignNKS(priv key.NLPrivate, nodeKey key.NodePublic, oldNKS tkatype.MarshaledSignature) (tkatype.MarshaledSignature, error) {
 	var oldSig NodeKeySignature
 	if err := oldSig.Unserialize(oldNKS); err != nil {