diff --git a/index.bs b/index.bs
index e34b7b510..b3efd4aa3 100644
--- a/index.bs
+++ b/index.bs
@@ -2741,28 +2741,27 @@ structures.
 
 ## Registering a new credential ## {#registering-a-new-credential}
 
-When registering a new credential, represented by a {{AuthenticatorAttestationResponse}} structure, as part of a
+When registering a new credential, represented by a {{AuthenticatorAttestationResponse}} structure |response|, as part of a
 [=registration=] [=ceremony=], a [=[RP]=] MUST proceed as follows:
 
-1. Perform JSON deserialization on the {{AuthenticatorResponse/clientDataJSON}} field of the
-    {{AuthenticatorAttestationResponse}} object to extract the [=client data=] |C| claimed as collected during the credential
-    creation.
+1. Perform JSON deserialization on <code>|response|.{{AuthenticatorResponse/clientDataJSON}}</code> to extract the [=client data=]
+    |C| claimed as collected during the credential creation.
 
-1. Verify that the {{CollectedClientData/type}} in |C| is the string `webauthn.create`.
+1. Verify that the value of <code>|C|.{{CollectedClientData/type}}</code> is `webauthn.create`.
 
-1. Verify that the {{CollectedClientData/challenge}} in |C| matches the challenge that was sent to the authenticator in the
-    {{CredentialsContainer/create()}} call.
+1. Verify that the value of <code>|C|.{{CollectedClientData/challenge}}</code> matches the challenge that was sent to the
+    authenticator in the {{CredentialsContainer/create()}} call.
 
-1. Verify that the {{CollectedClientData/origin}} in |C| matches the [=[RP]=]'s [=origin=].
+1. Verify that the value of <code>|C|.{{CollectedClientData/origin}}</code> matches the [=[RP]=]'s [=origin=].
 
-1. Verify that the {{CollectedClientData/tokenBindingId}} in |C| matches the [=Token Binding ID=] for the TLS connection over
-    which the attestation was obtained.
+1. Verify that the value of <code>|C|.{{CollectedClientData/tokenBindingId}}</code> matches the [=Token Binding ID=] for the TLS
+    connection over which the attestation was obtained.
 
-1. Verify that the {{CollectedClientData/clientExtensions}} in |C| is a subset of the extensions requested by the RP
-    and that the {{CollectedClientData/authenticatorExtensions}} in |C| is also a subset of the extensions requested by
-    the RP.
+1. Verify that the value of <code>|C|.{{CollectedClientData/clientExtensions}}</code> is a subset of the extensions requested by
+    the RP and that the value of <code>|C|.{{CollectedClientData/authenticatorExtensions}}</code> is also a subset of the
+    extensions requested by the RP.
 
-1. Compute the hash of {{AuthenticatorResponse/clientDataJSON}} using SHA-256.
+1. Compute the hash of <code>|response|.{{AuthenticatorResponse/clientDataJSON}}</code> using SHA-256.
 
 1. Perform CBOR decoding on the {{AuthenticatorAttestationResponse/attestationObject}} field of the
     {{AuthenticatorAttestationResponse}} structure to obtain the attestation statement format |fmt|, the [=authenticator data=]
@@ -2841,19 +2840,19 @@ When verifying a given {{PublicKeyCredential}} structure (|credential|) as part
 
 1. Perform JSON deserialization on |cData| to extract the [=client data=] |C| used for the signature.
 
-1. Verify that the {{CollectedClientData/type}} in |C| is the string `webauthn.get`.
+1. Verify that the value of <code>|C|.{{CollectedClientData/type}}</code> is the string `webauthn.get`.
 
-1. Verify that the {{CollectedClientData/challenge}} member of |C| matches the challenge that was sent to the authenticator in
-    the {{PublicKeyCredentialRequestOptions}} passed to the {{CredentialsContainer/get()}} call.
+1. Verify that the value of <code>|C|.{{CollectedClientData/challenge}}</code> matches the challenge that was sent to the
+    authenticator in the {{PublicKeyCredentialRequestOptions}} passed to the {{CredentialsContainer/get()}} call.
 
-1. Verify that the {{CollectedClientData/origin}} member of |C| matches the [=[RP]=]'s [=origin=].
+1. Verify that the value of <code>|C|.{{CollectedClientData/origin}}</code> matches the [=[RP]=]'s [=origin=].
 
-1. Verify that the {{CollectedClientData/tokenBindingId}} member of |C| (if present) matches the [=Token Binding ID=] for the
-    TLS connection over which the signature was obtained.
+1. Verify that the value of <code>|C|.{{CollectedClientData/tokenBindingId}}</code> (if present) matches the [=Token Binding ID=]
+    for the TLS connection over which the signature was obtained.
 
-1. Verify that the {{CollectedClientData/clientExtensions}} member of |C| is a subset of the extensions requested by the
-    [=[RP]=] and that the {{CollectedClientData/authenticatorExtensions}} in |C| is also a subset of the extensions
-    requested by the [=[RP]=].
+1. Verify that the value of <code>|C|.{{CollectedClientData/clientExtensions}}</code> is a subset of the extensions requested by
+    the [=[RP]=] and that the value of <code>|C|.{{CollectedClientData/authenticatorExtensions}}</code> is also a subset of the
+    extensions requested by the [=[RP]=].
 
 1. Verify that the <code>[=rpIdHash=]</code> in |aData| is the SHA-256 hash of the [=RP ID=] expected by the [=[RP]=].