From c488a42d164f61b67e569c8147c69ea626b341af Mon Sep 17 00:00:00 2001
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Date: Mon, 16 Dec 2024 16:59:43 +0100
Subject: [PATCH] Update draft-ietf-uta-tls13-iot-profile.md

Co-authored-by: Thomas Fossati <thomas.fossati@linaro.org>
---
 draft-ietf-uta-tls13-iot-profile.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/draft-ietf-uta-tls13-iot-profile.md b/draft-ietf-uta-tls13-iot-profile.md
index 435b700..076dc19 100644
--- a/draft-ietf-uta-tls13-iot-profile.md
+++ b/draft-ietf-uta-tls13-iot-profile.md
@@ -675,8 +675,8 @@ keyEncipherment or keyAgreement MUST be set because the encrypted delivery
 of the newly generated key involves encryption or agreement of a symmetric
 key. On-device key generation is, however, the preferred approach.
 
-On IDevID certificates, the extendedKeyUsage SHOULD NOT be present, as it reduces the utility of the IDevID.
-On locally assigned LDevID certificates, the extendedKeyUsage, if present MUST contain at least one of id-kp-serverAuth or id-kp-clientAuth in order to be useable with TLS.
+In IDevID certificates, the extendedKeyUsage SHOULD NOT be present, as it reduces the utility of the IDevID.
+In locally assigned LDevID certificates, the extendedKeyUsage, if present, MUST contain at least one of id-kp-serverAuth or id-kp-clientAuth in order to be useable with TLS.
 
 
 # Certificate Overhead