Update Authenticator Definition

index.bs

@@ -952,11 +952,13 @@ The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "S
 : <dfn>[WAA]</dfn>
 :: A cryptographic entity, existing in hardware or software, that can [=registration|register=] a user with a given [=[RP]=]
     and later [=Authentication Assertion|assert possession=] of the registered [=public key credential=], and optionally
-    [=user verification|verify the user=], when requested by the [=[RP]=]. [=Authenticators=] can report information
-    regarding their [=authenticator types|type=] and security characteristics via [=attestation=] during [=registration=].
+    [=user verification|verify the user=] when requested by the [=[RP]=]. [=Authenticators=] can report information
+    regarding their [=authenticator types|type=] and security characteristics via [=attestation=] during [=registration=]
+    and [=assertion=].
 
     A [=[WAA]=] could be a [=roaming authenticator=], a dedicated hardware subsystem integrated into the [=client device=],
-    or a software component of the [=client=] or [=client device=].
+    or a software component of the [=client=] or [=client device=]. A [=[WAA]=] is not necessarily confined to operating in 
+    a local context, and can generate or store a [=credential key pair=] in a server outside of the [=client device=].
 
     In general, an [=authenticator=] is assumed to have only one user.
     If multiple natural persons share access to an [=authenticator=],