From aff97c2f20ee244e436a1de7df2aea90226b0a3f Mon Sep 17 00:00:00 2001 From: Nick Steele <344821+nicksteele@users.noreply.github.com> Date: Wed, 26 Jul 2023 17:51:57 -0400 Subject: [PATCH] update with feedback --- index.bs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.bs b/index.bs index 8ad79d5e8..16a6cff82 100644 --- a/index.bs +++ b/index.bs @@ -952,13 +952,13 @@ The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "S : [WAA] :: A cryptographic entity, existing in hardware or software, that can [=registration|register=] a user with a given [=[RP]=] and later [=Authentication Assertion|assert possession=] of the registered [=public key credential=], and optionally - [=user verification|verify the user=] when requested by the [=[RP]=]. [=Authenticators=] can report information + [=user verification|verify the user=] to the [=[RP]=]. [=Authenticators=] can report information regarding their [=authenticator types|type=] and security characteristics via [=attestation=] during [=registration=] and [=assertion=]. A [=[WAA]=] could be a [=roaming authenticator=], a dedicated hardware subsystem integrated into the [=client device=], or a software component of the [=client=] or [=client device=]. A [=[WAA]=] is not necessarily confined to operating in - a local context, and can generate or store a [=credential key pair=] in a server outside of the [=client device=]. + a local context, and can generate or store a [=credential key pair=] in a server outside of [=client-side=] hardware. In general, an [=authenticator=] is assumed to have only one user. If multiple natural persons share access to an [=authenticator=],