diff --git a/draft-ietf-httpbis-http2-secondary-certs.md b/draft-ietf-httpbis-http2-secondary-certs.md
index 901f41558..d95c9d2ea 100644
--- a/draft-ietf-httpbis-http2-secondary-certs.md
+++ b/draft-ietf-httpbis-http2-secondary-certs.md
@@ -66,7 +66,7 @@ code and issues list for this draft can be found at
 
 HTTP clients need to know that the content they receive on a connection comes
 from the origin that they intended to retrieve in from. The traditional form of
-server authentication in HTTP has been in the form of the single X.509 certificate
+server authentication in HTTP has been in the form of a single X.509 certificate
 provided during the TLS [RFC5246][I-D.ietf-tls-tls13] handshake.
 
 Many existing HTTP [RFC7230] servers also have authentication requirements for