refer to ceremony rather than operation

index.bs

@@ -4607,12 +4607,12 @@ or {{PublicKeyCredentialRequestOptions/allowCredentials}}, as applicable:
 - A named [=public key credential|credential=] is not available.
 - A named [=public key credential|credential=] is available, but the user does not [=user consent|consent=] to use it.
 
-If the above cases are distinguishable, information is leaked by which a malicious [=[RP]=] could identify the user by probing for
-which [=public key credential|credentials=] are available. For example, one such information leak is if the client returns a
-failure response as soon as the user denies [=user consent|consent=] to proceed with the operation. In this case the [=[RP]=]
-could detect that the operation was canceled by the user and not the timeout, and thus conclude that at least one of the
-[=public key credential|credentials=] listed in the {{PublicKeyCredentialRequestOptions/allowCredentials}} parameter is
-available to the user.
+If the above cases are distinguishable, information is leaked by which a malicious [=[RP]=] could identify the user by probing
+for which [=public key credential|credentials=] are available. For example, one such information leak is if the client returns a
+failure response as soon as the user denies [=user consent|consent=] to proceed with a [=registration=] or [=authentication=]
+[=ceremony=]. In this case the [=[RP]=] could detect that the [=ceremony=] was canceled by the user and not the timeout, and
+thus conclude that at least one of the [=public key credential|credentials=] listed in the
+{{PublicKeyCredentialRequestOptions/allowCredentials}} parameter is available to the user.
 
 
 # Acknowledgements # {#acknowledgements}