Add more complete logic for individual attestation verification via Emil

Co-authored-by: Emil Lundberg <emil@yubico.com>

index.bs

@@ -6291,7 +6291,17 @@ The "compound" attestation statement format is used to pass multiple, self-conta
 :: Not applicable
 
 : Verification procedure
-:: For every element in the array, validate the attestation statement based on the verification procedure specified for that format (using the `fmt` identifier). If validation fails for one or more compound attestation statements, [=[RPS]=] should decide the appropriate results based on policy from information they have about the [=authenticators=].
+:: Given the [=verification procedure inputs=] |attStmt|, |authenticatorData| and |clientDataHash|, the [=verification procedure=] is
+    as follows:
+    1. [=list/For each=] |subStmt| of |attStmt|, evaluate the [=verification procedure=]
+        corresponding to the [=attestation statement format identifier=] <code>|subStmt|.fmt</code>
+        with [=verification procedure inputs=] |subStmt|, |authenticatorData| and |clientDataHash|.
+
+        If validation fails for one or more |subStmt|, decide the appropriate result based on [=[RP]=] policy.
+
+    2. If sufficiently many (as determined by [=[RP]=] policy) [=list/items=] of |attStmt| verify successfully,
+        return implementation-specific values representing any combination of outputs from successful [=verification procedures=].
+
 
 # <dfn>WebAuthn Extensions</dfn> # {#sctn-extensions}