diff --git a/privacy-security-considerations/draft-beck-tls-trust-anchor-ids.html b/privacy-security-considerations/draft-beck-tls-trust-anchor-ids.html index 923f20d..23b4610 100644 --- a/privacy-security-considerations/draft-beck-tls-trust-anchor-ids.html +++ b/privacy-security-considerations/draft-beck-tls-trust-anchor-ids.html @@ -1755,7 +1755,7 @@

Trust anchors whose identifiers the relying party sends conditionally, i.e. only if the server offers them. For example, the relying party may indicate support for a trust anchor if its identifier is listed in the server's HTTPS/SVCB record or trust anchor list in EncryptedExtensions.

  • -

    Trust anchors whose identifiers the relying party sends unconditionally, i.e. independently of the server's behavior.

    +

    Trust anchors whose identifiers the relying party sends unconditionally, i.e. independently of the authenticating party's behavior.

    • Each of these categories carries a different fingerprinting exposure:

    diff --git a/privacy-security-considerations/draft-beck-tls-trust-anchor-ids.txt b/privacy-security-considerations/draft-beck-tls-trust-anchor-ids.txt index 6e16d19..6a32a10 100644 --- a/privacy-security-considerations/draft-beck-tls-trust-anchor-ids.txt +++ b/privacy-security-considerations/draft-beck-tls-trust-anchor-ids.txt @@ -869,7 +869,8 @@ Table of Contents record or trust anchor list in EncryptedExtensions. 3. Trust anchors whose identifiers the relying party sends - _unconditionally_, i.e. independently of the server's behavior. + _unconditionally_, i.e. independently of the authenticating + party's behavior. Each of these categories carries a different fingerprinting exposure: