diff --git a/index.bs b/index.bs
index 35da8e59b..915e6904d 100644
--- a/index.bs
+++ b/index.bs
@@ -2625,19 +2625,19 @@ When registering a new credential, represented by a {{AuthenticatorAttestationRe
 1. Let |C|, the [=client data=] claimed as collected during the credential creation, be the result of [=parse JSON from
     bytes|parsing JSON from the bytes=] in <code>|response|.{{AuthenticatorResponse/clientDataJSON}}</code>.
 
-1. Verify that the {{CollectedClientData/type}} in |C| is the string `webauthn.create`.
+1. Verify that the value of <code>|C|.{{CollectedClientData/type}}</code> is `webauthn.create`.
 
-1. Verify that the {{CollectedClientData/challenge}} in |C| matches the challenge that was sent to the authenticator in the
-    {{CredentialsContainer/create()}} call.
+1. Verify that the value of <code>|C|.{{CollectedClientData/challenge}}</code> matches the challenge that was sent to the
+    authenticator in the {{CredentialsContainer/create()}} call.
 
-1. Verify that the {{CollectedClientData/origin}} in |C| matches the [=[RP]=]'s [=origin=].
+1. Verify that the value of <code>|C|.{{CollectedClientData/origin}}</code> matches the [=[RP]=]'s [=origin=].
 
-1. Verify that the {{CollectedClientData/tokenBindingId}} in |C| matches the [=Token Binding ID=] for the TLS connection over
-    which the attestation was obtained.
+1. Verify that the value of <code>|C|.{{CollectedClientData/tokenBindingId}}</code> matches the [=Token Binding ID=] for the TLS
+    connection over which the attestation was obtained.
 
-1. Verify that the {{CollectedClientData/clientExtensions}} in |C| is a subset of the extensions requested by the RP
-    and that the {{CollectedClientData/authenticatorExtensions}} in |C| is also a subset of the extensions requested by
-    the RP.
+1. Verify that the value of <code>|C|.{{CollectedClientData/clientExtensions}}</code> is a subset of the extensions requested by
+    the RP and that the value of <code>|C|.{{CollectedClientData/authenticatorExtensions}}</code> is also a subset of the
+    extensions requested by the RP.
 
 1. Compute the hash of <code>|response|.{{AuthenticatorResponse/clientDataJSON}}</code> using SHA-256.
 
@@ -2711,19 +2711,19 @@ When verifying a given {{PublicKeyCredential}} structure (|credential|) as part
 1. Let |C|, the [=client data=] used for the signature, be the result of [=parse JSON from
     bytes|parsing JSON from the bytes=] in |cData|.
 
-1. Verify that the {{CollectedClientData/type}} in |C| is the string `webauthn.get`.
+1. Verify that the value of <code>|C|.{{CollectedClientData/type}}</code> is the string `webauthn.get`.
 
-1. Verify that the {{CollectedClientData/challenge}} member of |C| matches the challenge that was sent to the authenticator in
-    the {{PublicKeyCredentialRequestOptions}} passed to the {{CredentialsContainer/get()}} call.
+1. Verify that the value of <code>|C|.{{CollectedClientData/challenge}}</code> matches the challenge that was sent to the
+    authenticator in the {{PublicKeyCredentialRequestOptions}} passed to the {{CredentialsContainer/get()}} call.
 
-1. Verify that the {{CollectedClientData/origin}} member of |C| matches the [=[RP]=]'s [=origin=].
+1. Verify that the value of <code>|C|.{{CollectedClientData/origin}}</code> matches the [=[RP]=]'s [=origin=].
 
-1. Verify that the {{CollectedClientData/tokenBindingId}} member of |C| (if present) matches the [=Token Binding ID=] for the
-    TLS connection over which the signature was obtained.
+1. Verify that the value of <code>|C|.{{CollectedClientData/tokenBindingId}}</code> (if present) matches the [=Token Binding ID=]
+    for the TLS connection over which the signature was obtained.
 
-1. Verify that the {{CollectedClientData/clientExtensions}} member of |C| is a subset of the extensions requested by the
-    [=[RP]=] and that the {{CollectedClientData/authenticatorExtensions}} in |C| is also a subset of the extensions
-    requested by the [=[RP]=].
+1. Verify that the value of <code>|C|.{{CollectedClientData/clientExtensions}}</code> is a subset of the extensions requested by
+    the [=[RP]=] and that the value of <code>|C|.{{CollectedClientData/authenticatorExtensions}}</code> is also a subset of the
+    extensions requested by the [=[RP]=].
 
 1. Verify that the <code>[=rpIdHash=]</code> in |aData| is the SHA-256 hash of the [=RP ID=] expected by the [=[RP]=].