fix 'challenge' linking error

index.bs

@@ -4153,8 +4153,9 @@ handled on the server side and do not need support from the API specified here.
 
 ## Cryptographic Challenges ## {#cryptographic-challenges}
 As a cryptographic protocol, Web Authentication is dependent upon randomized challenges
-to avoid replay attacks. Therefore, the [=challenge=] field MUST be randomly generated
-by the [=Relying Party=] in an environment they trust, and the challenge in the client's
+to avoid replay attacks. Therefore, both {MakePublicKeyCredentialOptions/challenge}}'s 
+and {{PublicKeyCredentialRequestOptions/challenge}}'s value, MUST be randomly generated
+by the [=Relying Party=] in an environment they trust (e.g., on the server-side), and the challenge in the client's
 response must match what was generated. This should be done in a fashion that does not rely
 upon a client's behavior; e.g.: the Relying Party should store the challenge temporarily
 until the operation is complete. Tolerating a mismatch will compromise the security