Be clearer about protections

draft-ietf-quic-tls.md

@@ -988,7 +988,7 @@ packet, where the Destination Connection ID is selected by the server.
 
 Future versions of QUIC SHOULD generate a new salt value, thus ensuring that
 the keys are different for each version of QUIC.  This prevents a middlebox that
-only recognizes one version of QUIC from seeing or modifying the contents of
+recognizes only one version of QUIC from seeing or modifying the contents of
 packets from future versions.
 
 The HKDF-Expand-Label function defined in TLS 1.3 MUST be used for Initial

draft-ietf-quic-transport.md

@@ -3171,9 +3171,10 @@ Retry packets use an authenticated encryption with associated data function
 Initial packets use an AEAD with keys that are derived using a value that is
 visible on the wire, and therefore does not provide effective confidentiality
 protection. Initial protection exists to ensure that the sender of the packet is
-on the network path. Any entity that receives the Initial packet from a client
-can recover the keys that will allow them to read the contents of packets or
-generate packets that will be successfully authenticated.
+on the network path. Any entity that receives an Initial packet from a client
+can recover the keys that will allow them to both read the contents of the packet
+and generate Initial packets that will be successfully authenticated at either
+endpoint.
 
 All other packets are protected with keys derived from the cryptographic
 handshake. The type of the packet from the long header or key phase from the