diff --git a/draft-ietf-acme-onion.xml b/draft-ietf-acme-onion.xml
index b8d88bf..3c3e9fb 100644
--- a/draft-ietf-acme-onion.xml
+++ b/draft-ietf-acme-onion.xml
@@ -22,8 +22,8 @@
CF23 9EU
United Kingdom
- q@magicalcodewit.ch
q@as207970.net
+ q@magicalcodewit.ch
https://magicalcodewit.ch
@@ -236,11 +236,11 @@ Content-Type: application/jose+json
MUST attempt to calculate its CLIENT-ID as per FIRST-LAYER-CLIENT-BEHAVIOR.
If no "auth-client" line in the first layer hidden service descriptor matches the computed client-id then the server
MUST assume that the hidden service does not require client authentication and proceed accordingly.
- In the case the Ed25519 is novel to the client it will have to resign and republish its hidden service
+ In the case the Ed25519 public key is novel to the client it will have to resign and republish its hidden service
descriptor. It SHOULD wait some (indeterminate) amount of time for the new descriptor to
- propagate the Tor hidden service directory servers, before. This should take no more than a few minutes. CAs
- MUST NOT expire challenges before a reasonable time to allow publication of the new descriptor
- (this document suggests at least 30 minutes).
+ propagate the Tor hidden service directory servers, before proceeding with responding to the challenge.
+ This should take no more than a few minutes. CAs MUST NOT expire challenges before a reasonable
+ time to allow publication of the new descriptor (this document suggests at least 30 minutes).
@@ -268,9 +268,8 @@ Content-Type: application/jose+json
create2-formats 2
single-onion-service
-caa 0 issue "example.com"
+caa 128 issue "test.acmeforonions.org;validationmethods=onion-csr-01"
caa 0 iodef "mailto:security@example.com"
-caa 128 validationmethods "onion-csr-01"
introduction-point AwAGsAk5nSMpAhRqhMHbTFCTSlfhP8f5PqUhe6DatgMgk7kSL3KHCZUZ3C6tXDeRfM9SyNY0DlgbF8q+QSaGKCs=
...