Field Terminology in QPACK Security Considerations

draft-ietf-quic-qpack.md

@@ -1220,10 +1220,10 @@ attack into a linear-time attack.
 
 ## Applicability to QPACK and HTTP
 
-QPACK mitigates but does not completely prevent attacks modeled on CRIME [CRIME]
-by forcing a guess to match an entire field value, rather than individual
-characters. An attacker can only learn whether a guess is correct or not, so is
-reduced to a brute force guess for the field values.
+QPACK mitigates but does not completely prevent attacks modeled on CRIME
+([CRIME]) by forcing a guess to match an entire field value, rather than
+individual characters. An attacker can only learn whether a guess is correct or
+not, so is reduced to a brute force guess for the header field values.
 
 The viability of recovering specific field values therefore depends on the
 entropy of values. As a result, values with high entropy are unlikely to be
@@ -1293,7 +1293,7 @@ Implementations can also choose to protect sensitive fields by not compressing
 them and instead encoding their value as literals.
 
 Refusing to insert a field line into the dynamic table is only effective if
-doing so is avoided on all hops. The never indexed literal bit (see
+doing so is avoided on all hops. The never-indexed literal bit (see
 {{literal-name-reference}}) can be used to signal to intermediaries that a
 particular value was intentionally sent as a literal.