From 9fe7fa0da36c184c36627d24926106b5147d50a7 Mon Sep 17 00:00:00 2001
From: Daniel Gultsch <daniel@gultsch.de>
Date: Fri, 22 Sep 2023 09:42:45 +0200
Subject: [PATCH] XEP-0198: change wording in security section

---
 xep-0198.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/xep-0198.xml b/xep-0198.xml
index 00b4ded8..a552623c 100644
--- a/xep-0198.xml
+++ b/xep-0198.xml
@@ -647,7 +647,7 @@
 
 <section1 topic='Security Considerations' anchor='security'>
   <p>As noted, a server MUST NOT allow a client to resume a stream management session until after the client has authenticated (for some value of "authentication"); this helps to prevent session hijacking.</p>
-  <p>If SASL2 is used to inline stream resumption implementations must adhere to the security considerations defined in &xep0388; regarding the inclusion of SASL2 requests and inline feature negotiation in TLS 0-RTT ("early data") extensions. That is, they MUST NOT be sent or processed if the stream would be resumed solely based on 0-RTT data, except when appropriate mitigations are in place (which are beyond the scope of this document, but may be defined by others).</p>
+  <p>If SASL2 is used to inline stream resumption, implementations must adhere to the security considerations defined in &xep0388; regarding the inclusion of SASL2 requests and inline feature negotiation in TLS 0-RTT ("early data") extensions. That is, these elements MUST NOT be sent or processed if the stream would be resumed solely based on 0-RTT data, except when appropriate mitigations are in place (which are beyond the scope of this document, but may be defined by others).</p>
 </section1>
 
 <section1 topic='IANA Considerations' anchor='iana'>