Pre-FWPD proofreading corrections (#81)

index.src.html

@@ -36,7 +36,7 @@
 This specification defines an API for web pages to access scoped credentials through JavaScript, for the purpose of strongly
 authenticating a user. Scoped credentials are always scoped to a single <a>[RP]</a>. This scoping is enforced jointly by the
 User Agent implementing the Web Authentication API and the authenticator that holds the credential, by constraining the
-availabilty and usage of credentials. Scoped credentials created by a [RP] can only be accessed by web origins belonging to that
+availability and usage of credentials. Scoped credentials created by a [RP] can only be accessed by web origins belonging to that
 [RP]. Additionally, privacy across [RPS] must be maintained; scripts must not be able to detect any properties, or even the
 existence, of scoped credentials belonging to other [RPS].
 
@@ -473,7 +473,7 @@
 ## Key Attestation Statement (interface <dfn interface>AttestationStatement</dfn>) ## {#iface-attestation-statement}
 
 Authenticators also provide some form of key attestation. The basic requirement is that the authenticator can produce, for each
-credential public key, attestation information that can be verified by a <a>[RP]</a>. Typically this information contains a
+credential public key, attestation information that can be verified by a <a>[RP]</a>. Typically, this information contains a
 signature by an attesting key over the attested public key and a challenge, as well as a certificate or similar information
 providing provenance information for the attesting key, enabling a trust decision to be made.
 
@@ -800,7 +800,7 @@
     <figcaption>Generating a signature on the authenticator.</figcaption>
 </figure>
 
-Note: A simple, undelimited concatenation, is safe to use here because the |authenticatorData| describes its own length. The
+Note: A simple, undelimited concatenation is safe to use here because the |authenticatorData| describes its own length. The
     |clientDataHash| (which potentially has a variable length) is always the last element.
 
 The authenticator MUST return both the <a>authenticatorData</a> and the raw signature back to the client. The client, in turn,
@@ -867,7 +867,7 @@
 Each attestation type provides the ability to cryptographically attest to a public key, the authenticator model, and contextual
 data to a remote party.
 
-Attestation raw data types are orthogonal to attestation models, i.e. attestation raw data types in general are not restricted
+Attestation raw data types are orthogonal to attestation models, i.e., attestation raw data types in general are not restricted
 to a single attestation model.
 
 
@@ -1016,7 +1016,7 @@
 - If the related attestation root certificate is used for multiple authenticator models, the Extension OID
     `1 3 6 1 4 1 45724 1 1 4` (id-fido-gen-ce-aaguid) MUST be present, containing the AAGUID as value.
 
-- The Basic Constraints extension MUST have the cA component set to false
+- The Basic Constraints extension MUST have the CA component set to false
 
 - An Authority Information Access (AIA) extension with entry `id-ad-ocsp` and a CRL Distribution Point extension [[RFC5280]]
     are both optional as the status of attestation certificates is available through the FIDO Metadata Service
@@ -1039,7 +1039,7 @@
 ##### Signature ##### {#tpm-attestation-signature}
 
 If `attestationStatement.core.version` equals 1, (i.e., for TPM 1.2), RSASSA-PKCS1-v1_5 signature algorithm (section 8.2 of
-[[RFC3447]]) can be used by WebAuthn Authenticators (i.e. `attestationStatement.header.alg`="RS256").
+[[RFC3447]]) can be used by WebAuthn Authenticators (i.e., `attestationStatement.header.alg`="RS256").
 
 If `attestationStatement.core.version` equals 2, the following algorithms can be used by WebAuthn Authenticators:
 
@@ -1279,7 +1279,7 @@
     attestation key (and certificate), and combined with a cloud operated privacy CA, can dynamically generate per origin
     attestation keys and attestation certificates.
 
-- A WebAuthn Authenticator can implement direct anonymous attestation (see [[FIDOEcdaaAlgorithm]]).  Using this scheme the
+- A WebAuthn Authenticator can implement direct anonymous attestation (see [[FIDOEcdaaAlgorithm]]).  Using this scheme, the
     authenticator generates a blinded attestation signature.  This allows the [RP] to verify the signature using the DAA root
     key, but the attestation signature doesn't serve as a global correlation handle.
 
@@ -1366,7 +1366,7 @@
 {{ClientData}}, `authenticatorData` (in the case of signature extensions), or both.
 
 Note: An extension that does not define additions to {{ClientData}} nor `authenticatorData` is possible, but should be avoided.
-    In such cases, the [RP] would have no indication if the extension was supported or processed by the client and/or
+    In such cases, the [RP] would have no indication whether the extension was supported or processed by the client and/or
     authenticator.
 
 
@@ -1532,7 +1532,7 @@
 : Authenticator processing
 :: The authenticator MUST display the <a>content</a> to the user before performing the user verification / test of user
     presence. The authenticator may add other information below the <a>content</a>. No changes are allowed to the <a>content</a>
-    itself, i.e. inside <a>content</a> boundary box.
+    itself, i.e., inside <a>content</a> boundary box.
 
 : Authenticator data
 :: The hash value of the <a>content</a> which was displayed. The authenticator MUST use the same hash algorithm as it uses for
@@ -1564,7 +1564,7 @@
     </pre>
 
 : Client processing
-:: This extension can only used during {{makeCredential()}}. If the client supports the Authenticator Selection Extension, it
+:: This extension can only be used during {{makeCredential()}}. If the client supports the Authenticator Selection Extension, it
     MUST use the first available authenticator whose AAGUID is present in the <dfn>AuthenticatorSelectionList</dfn>. If none of
     the available authenticators match a provided AAGUID, the client MUST select an authenticator from among the available
     authenticators to generate the credential.
@@ -1607,7 +1607,7 @@
                 per authenticator model).
 
             In the case of DAA there is no need for an X.509 attestation certificate hierarchy. Instead the trust anchor being
-            known to the [RP] is the DAA root key (i.e. ECPoint2 X, Y).  This root key must be dedicated to a single
+            known to the [RP] is the DAA root key (i.e., ECPoint2 X, Y).  This root key must be dedicated to a single
             authenticator model.
     </div>
 
@@ -1630,7 +1630,7 @@
 :: This extension is added automatically by the authenticator.  This extension can be added to attestation statements.
 
 : Authenticator data
-:: The SupportedExtension extension is a list (CBOR array) of extension identifiers encoded as UTF-8 Strings.
+:: The SupportedExtensions extension is a list (CBOR array) of extension identifiers encoded as UTF-8 Strings.
 
 
 ## User Verification Index (UVI) Extension ## {#uvi-extension}
@@ -1696,7 +1696,7 @@
 <tbody>
     <tr> <td>Algorithm Name</td>                   <td>"S256"</td> </tr>
     <tr> <td>Algorithm Description</td>            <td>The SHA256 hash algorithm.</td> </tr>
-    <tr> <td>Algorithm Usage Location(s)</td>      <td>"alg", i.e. used with JWS.</td> </tr>
+    <tr> <td>Algorithm Usage Location(s)</td>      <td>"alg", i.e., used with JWS.</td> </tr>
     <tr> <td>JOSE Implementation Requirements</td> <td>Optional+</td> </tr>
     <tr> <td>Change Controller</td>                <td><a href='https://fidoalliance.org/contact/'>FIDO Alliance</a></td> </tr>
     <tr> <td>Specification Documents</td>          <td>[[!FIPS-180-4]] </td> </tr>
@@ -1708,7 +1708,7 @@
 <tbody>
     <tr> <td>Algorithm Name</td>                   <td>"S384"</td> </tr>
     <tr> <td>Algorithm Description</td>            <td>The SHA384 hash algorithm.</td> </tr>
-    <tr> <td>Algorithm Usage Location(s)</td>      <td>"alg", i.e. used with JWS.</td> </tr>
+    <tr> <td>Algorithm Usage Location(s)</td>      <td>"alg", i.e., used with JWS.</td> </tr>
     <tr> <td>JOSE Implementation Requirements</td> <td>Optional</td> </tr>
     <tr> <td>Change Controller</td>                <td><a href='https://fidoalliance.org/contact/'>FIDO Alliance</a></td> </tr>
     <tr> <td>Specification Documents</td>          <td>[[!FIPS-180-4]] </td> </tr>
@@ -1720,7 +1720,7 @@
 <tbody>
     <tr> <td>Algorithm Name</td>                   <td>"S512"</td> </tr>
     <tr> <td>Algorithm Description</td>            <td>The SHA512 hash algorithm.</td> </tr>
-    <tr> <td>Algorithm Usage Location(s)</td>      <td>"alg", i.e. used with JWS.</td> </tr>
+    <tr> <td>Algorithm Usage Location(s)</td>      <td>"alg", i.e., used with JWS.</td> </tr>
     <tr> <td>JOSE Implementation Requirements</td> <td>Optional+</td> </tr>
     <tr> <td>Change Controller</td>                <td><a href='https://fidoalliance.org/contact/'>FIDO Alliance</a></td> </tr>
     <tr> <td>Specification Documents</td>          <td>[[!FIPS-180-4]] </td> </tr>
@@ -1732,7 +1732,7 @@
 <tbody>
     <tr> <td>Algorithm Name</td>                   <td>"SM3"</td> </tr>
     <tr> <td>Algorithm Description</td>            <td>The SM3 hash algorithm.</td> </tr>
-    <tr> <td>Algorithm Usage Location(s)</td>      <td>"alg", i.e. used with JWS.</td> </tr>
+    <tr> <td>Algorithm Usage Location(s)</td>      <td>"alg", i.e., used with JWS.</td> </tr>
     <tr> <td>JOSE Implementation Requirements</td> <td>Optional</td> </tr>
     <tr> <td>Change Controller</td>                <td><a href='https://fidoalliance.org/contact/'>FIDO Alliance</a></td> </tr>
     <tr> <td>Specification Documents</td>          <td>[[!OSCCA-SM3]] </td> </tr>
@@ -1941,7 +1941,7 @@
 # Terminology # {#terminology}
 
 : <dfn>Attestation Certificate</dfn>
-:: A X.509 Certificate for a keypair used by an <a>Authenticator</a> to attest to its manufacture and capabilities.
+:: A X.509 Certificate for a key pair used by an <a>Authenticator</a> to attest to its manufacture and capabilities.
 
 : <dfn>Authenticator</dfn>
 :: The device used by the user agent to authenticate with the [RP]. These can be <a>Embedded Authenticators</a> or