Added explanation...

...as to what this new field is for.

index.bs

@@ -730,7 +730,7 @@ When this method is invoked, the user agent MUST execute the following algorithm
 
 1. Let |collectedClientData| be a new {{CollectedClientData}} instance whose fields are:
     : {{CollectedClientData/type}}
-    :: The string `webauthn.create`.
+    :: The string "webauthn.create".
     : {{CollectedClientData/challenge}}
     :: The [=base64url encoding=] of |options|.{{MakePublicKeyCredentialOptions/challenge}}.
     : {{CollectedClientData/origin}}
@@ -975,7 +975,7 @@ When this method is invoked, the user agent MUST execute the following algorithm
 
 1. Let |collectedClientData| be a new {{CollectedClientData}} instance whose fields are:
     : {{CollectedClientData/type}}
-    :: The string `webauthn.get`.
+    :: The string "webauthn.get".
     : {{CollectedClientData/challenge}}
     :: The [=base64url encoding=] of |options|.{{PublicKeyCredentialRequestOptions/challenge}}
     : {{CollectedClientData/origin}}
@@ -1631,8 +1631,9 @@ following Web IDL.
 </pre>
 
 <div dfn-type="dict-member" dfn-for="CollectedClientData">
-    The <dfn>type</dfn> member contains the string `webauthn.create` when creating new credentials, and `webauthn.get`
-    when getting an assertion from an existing credential.
+    The <dfn>type</dfn> member contains the string "webauthn.create" when creating new credentials, and "webauthn.get"
+    when getting an assertion from an existing credential. The purpose of this member is to prevent certain types of signature
+    confusion attacks (where an attacker substitutes one legitimate signature for another).
 
     The <dfn>challenge</dfn> member contains the base64url encoding of the challenge provided by the RP.