diff --git a/index.bs b/index.bs
index 9ec20db66..593d9c0fd 100644
--- a/index.bs
+++ b/index.bs
@@ -2356,8 +2356,8 @@ When this operation is invoked, the [=authenticator=] MUST perform the following
decrypt it.
1. If any error occurred while creating the new credential object, return an error code equivalent to "{{UnknownError}}" and
terminate the operation.
-1. Let |processedExtensions| be the result of [=authenticator extension processing=] [=map/for each=] supported extensionId → authenticatorExtensionInput in |extensions|.
+1. Let |processedExtensions| be the result of [=authenticator extension processing=] [=map/for each=] supported [=extension
+ identifier=] → [=authenticator extension input=] in |extensions|.
1. If the [=authenticator=] supports:
: a per-[=RP ID=] [=signature counter=]
@@ -2431,8 +2431,8 @@ When this method is invoked, the [=authenticator=] MUST perform the following pr
If the user does not [=user consent|consent=], return an error code equivalent to
"{{NotAllowedError}}" and terminate the operation.
-1. Let |processedExtensions| be the result of [=authenticator extension processing=] [=map/for each=] supported extensionId → authenticatorExtensionInput in |extensions|.
+1. Let |processedExtensions| be the result of [=authenticator extension processing=] [=map/for each=] supported [=extension
+ identifier=] → [=authenticator extension input=] in |extensions|.
1. Increment the [=RP ID=]-associated
[=signature counter=] or the global [=signature counter=] value, depending on
which approach is implemented by the [=authenticator=], by some positive value.
@@ -3618,10 +3618,9 @@ parameter of the [=authenticatorMakeCredential=] and [=authenticatorGetAssertion
[=CBOR=] map where each key is an [=extension identifier=] and the corresponding value is the [=authenticator extension input=]
for that extension.
-Likewise, the authenticator extension output value of each processed [=authenticator extension=] is represented by one
-key/value pair in [=authdataextensions|extensions=] part of the [=authenticator data=]. The [=authdataextensions|extensions=] part
-of the [=authenticator data=] is a [=CBOR=] map where each key is an [=extension identifier=] and the corresponding value is the
-[=authenticator extension output=] of that extension.
+Likewise, the extension output is represented in the [=authdataextensions|extensions=] part of the [=authenticator data=]. The
+[=authdataextensions|extensions=] part of the [=authenticator data=] is a CBOR map with [=CBOR=] [=extension identifiers=] as
+keys, and the [=CBOR=] authenticator extension output value of each extension as the value.
For each supported extension, the [=authenticator extension processing=] rule for that extension is used create the
[=authenticator extension output=] from the [=authenticator extension input=] and possibly also other inputs.