From ba9be9da09b9f9acc0380490181bda0d3cfb8619 Mon Sep 17 00:00:00 2001
From: "andrea.vesco" <andrea.vesco@linksfoundation.com>
Date: Mon, 13 Nov 2023 15:15:17 +0100
Subject: [PATCH] intro further refinements

---
 draft-vesco-vcauthtls.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/draft-vesco-vcauthtls.md b/draft-vesco-vcauthtls.md
index e6f11e9..c860377 100644
--- a/draft-vesco-vcauthtls.md
+++ b/draft-vesco-vcauthtls.md
@@ -77,7 +77,7 @@ A node requests access to services by presenting a Verfiable Presentation [VP](h
 <!-- The SSI model subtends the peer-to-peer model of interaction where both types of authentication are possible using VP; one node authenticates the other, or the nodes can authenticate each other. --> 
 The current implementations of the authentication process run at the Application layer. A client node estabhlishes a TLS channel authenticating the server node with the server's X.509 certificate. Then the server node authenticate the client node that sends its VP at application layer (i.e. over the TLS channel already established). The mutual authentication with VPs occours when also the server node exchange its VP with the client node again at application layer.
 
-SSI is emerging as an identity option for Internet of Thing and Edge nodes in computing continuum environments. In this scenarios, (mutual) authentication with VP can be directly done at TLS protocol layer making the the peer-to-peer model of interaction, envisioned by the SSI model, a reality. 
+SSI is emerging as an identity option for Internet of Thing and Edge nodes in computing continuum environments. In these scenarios, (mutual) authentication with VP can take place directly at the TLS protocol layer, enabling the the peer-to-peer interaction model envisaged by the SSI model. 
 This document describes the extensions to TLS protocol to support the use of VCs for authentication while preserving the interoperability with TLS endpoints that use X.509 certificates.
 The extensions enable server-only and mutual authentication using VC, X.509, Raw Public Key or a combination of VC and X.509 certificates at the TLS endpoints. The ability to perform hybrid authenticated handshakes supports the gradual deployment of SSI in existing systems. Moreover, the extension allow TLS endpoints to use different distributed ledger technologies to store their public keys and during the TLS handshake for authentication purpose.