From 493dd3cd27d1659696324e71cf319a6534b4361a Mon Sep 17 00:00:00 2001
From: Jeffrey Yasskin <jyasskin@chromium.org>
Date: Wed, 11 Oct 2017 11:38:19 -0700
Subject: [PATCH] Allow hashes as credential IDs.

---
 index.bs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/index.bs b/index.bs
index 02d06819f..e6acaf621 100644
--- a/index.bs
+++ b/index.bs
@@ -343,7 +343,7 @@ The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "S
 :: A probabilistically-unique [=byte sequence=] identifying a [=public key credential source=].
 
     Credential IDs are generated by [=authenticators=] in two forms:
-    1. At least 128 random bits, or
+    1. Bytes with at least 100 bits of entropy, or
     1. The [=public key credential source=], without its [=public key credential source/id=] item, encrypted so only the owning
         authenticator can decrypt it.