diff --git a/draft-birkholz-cose-tsa-tst-header-parameter.md b/draft-birkholz-cose-tsa-tst-header-parameter.md index b493c0b..fd08c06 100644 --- a/draft-birkholz-cose-tsa-tst-header-parameter.md +++ b/draft-birkholz-cose-tsa-tst-header-parameter.md @@ -71,7 +71,7 @@ This usage scenario motivates the "Timestamp then COSE" mode defined in {{sec-ti A second use case is the notarization of a signed document by registering it at a Transparency Service. This is common for accountability and auditability of issued documents. -Once a document is registered at a Transparency Service's append-only log, it's log entry cannot be changed. +Once a document is registered at a Transparency Service's append-only log, its log entry cannot be changed. In certain cases, the registration policy of a Transparency Service may add a trustworthy timestamp to the document to show that the signature could also be validated at the time of registration. This is done to enhance confidence in the authenticity of the document at the time of registration, enshrining that a signature was successfully validated. To achieve this, the Transparency Service acquires a TST from a TSA when its registration policy is met, bundles it alongside the signed document, and then registers it.