Update draft-ietf-lamps-csr-attestation.md

Co-authored-by: Mike Ounsworth <[email protected]>

draft-ietf-lamps-csr-attestation.md

@@ -127,7 +127,7 @@ Including Evidence and Attestation Results along with a CSR can help to improve
 
 When requesting a certificate from a Certification Authority (CA), a PKI end entity may wish to include Evidence or Attestation Results of the security properties of its environments in which the private keys are stored in that request.
 
-Evidence are appraised by Verifiers, which generate Attestation Results that serve as input for validating incoming certificate requests against specified certificate policies. Verifiers are associated with Registration Authorities (RAs) or CAs and function as logical entities responsible for processing Evidence and producing Attestation Results. Regulatory bodies are beginning to require proof of hardware residency for certain classifications of cryptographic keys. At the time of writing, the most notable example is the Code-Signing Baseline Requirements (CSBR) document maintained by the CA/Browser Forum {{CSBR}}, which requires compliant CAs to "ensure that a Subscriber’s Private Key is generated, stored,
+Evidence are appraised by Verifiers, which generate Attestation Results that serve as input for validating incoming certificate requests against specified certificate policies. Verifiers are associated with Registration Authorities (RAs) or CAs and function as logical entities responsible for processing Evidence and producing Attestation Results. As remote attestation technology matures, it is natural for a Certificate Authority to want attested proof that the requesting entity is in a state that matches the certificate profile. At the time of writing, the most notable example is the Code-Signing Baseline Requirements (CSBR) document maintained by the CA/Browser Forum {{CSBR}}, which requires compliant CAs to "ensure that a Subscriber’s Private Key is generated, stored,
 and used in a secure environment that has controls to prevent theft or misuse".
 
 This specification defines an attribute and an extension that allow for conveyance of Evidence and Attestation Results in Certificate Signing Requests (CSRs), such as PKCS#10 {{RFC2986}} or Certificate Request Message Format (CRMF) {{RFC4211}} payloads. This provides an elegant and automatable mechanism for transporting Evidence and Attestation Results to a Certification Authority, whilemeeting requirements such as those outlined in the CA/B Forum's CSBR {{CSBR}}.