From ca549134a87aa0b3a60c2a93e7d135480453fd74 Mon Sep 17 00:00:00 2001
From: Tim Hollebeek <34279964+timfromdigicert@users.noreply.github.com>
Date: Tue, 12 Mar 2019 09:34:18 -0700
Subject: [PATCH] Update BR.md

---
 docs/BR.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/BR.md b/docs/BR.md
index ad74264f..a237e5b2 100644
--- a/docs/BR.md
+++ b/docs/BR.md
@@ -662,7 +662,7 @@ As part of the issuance process, the CA MUST check for CAA records and follow th
 
 This stipulation does not prevent the CA from checking CAA records at any other time.
 
-When processing CAA records, CAs MUST process the issue, issuewild, and iodef property tags as specified in RFC 6844, although they are not required to act on the contents of the iodef property tag. Additional property tags MAY be supported, but MUST NOT conflict with or supersede the mandatory property tags set out in this document. CAs MUST respect the critical flag and not issue a certificate if they encounter an unrecognized property with this flag set.
+When processing CAA records, CAs MUST process the issue, issuewild, and iodef property tags as specified in RFC 6844, although they are not required to act on the contents of the iodef property tag. Additional property tags MAY be supported, but MUST NOT conflict with or supersede the mandatory property tags set out in this document. CAs MUST respect the critical flag and not issue a certificate if they encounter an unrecognized property tag with this flag set.
 
 RFC 6844 requires that CAs "MUST NOT issue a certificate unless either (1) the certificate request is consistent with the applicable CAA Resource Record set or (2) an exception specified in the relevant Certificate Policy or Certification Practices Statement applies." For issuances conforming to these Baseline Requirements, CAs MUST NOT rely on any exceptions specified in their CP or CPS unless they are one of the following: