Fix issue #692

index.bs

@@ -757,21 +757,24 @@ When this method is invoked, the user agent MUST execute the following algorithm
 
 1. Let |issuedRequests| be a new [=ordered set=].
 
-1. If <code>|options|.{{MakePublicKeyCredentialOptions/authenticatorSelection}}</code> is
-    [=present|present=], [=set/for each=] |authenticator| that becomes available on this
-    platform during the lifetime of |lifetimeTimer| and do the following:
+1. [=set/For each=] |authenticator| that becomes available on this platform during the lifetime of |lifetimeTimer|, do the
+    following:
 
     Issue: The definitions of "lifetime of" and "becomes available" are intended to represent how
     devices are hotplugged into (USB) or discovered by (NFC) browsers, and are under-specified.
     Resolving this with good definitions or some other means will be addressed by resolving
     [Issue #613](https://github.com/w3c/webauthn/issues/613).
 
-    1. If {{AuthenticatorSelectionCriteria/authenticatorAttachment}} is [=present|present=] and its value is not equal
-        to |authenticator|'s attachment modality, [=iteration/continue=].
-    1. If {{AuthenticatorSelectionCriteria/requireResidentKey}} is set to `true` and the |authenticator|
-        is not capable of storing a [=Client-Side-Resident Credential Private Key=], [=iteration/continue=].
-    1. If {{AuthenticatorSelectionCriteria/requireUserVerification}} is set to {{UserVerificationRequirement/required}} and the
-        |authenticator| is not capable of performing [=user verification=], [=iteration/continue=].
+    1. If <code>|options|.{{MakePublicKeyCredentialOptions/authenticatorSelection}}</code> is [=present=]:
+
+          1. If <code>|options|.{{MakePublicKeyCredentialOptions/authenticatorSelection}}.{{authenticatorAttachment}}</code> is
+            [=present|present=] and its value is not equal to |authenticator|'s attachment modality, [=iteration/continue=].
+          1. If <code>|options|.{{MakePublicKeyCredentialOptions/authenticatorSelection}}.{{requireResidentKey}}</code> is set to
+            `true` and the |authenticator| is not capable of storing a [=Client-Side-Resident Credential Private Key=],
+            [=iteration/continue=].
+          1. If <code>|options|.{{MakePublicKeyCredentialOptions/authenticatorSelection}}.{{requireUserVerification}}</code> is
+            set to {{UserVerificationRequirement/required}} and the |authenticator| is not capable of performing [=user
+            verification=], [=iteration/continue=].
 
     1. Let |userVerification| be the <dfn>effective user verification requirement for credential creation</dfn>, a Boolean value,
         as follows. If {{AuthenticatorSelectionCriteria/requireUserVerification}}