diff --git a/index.bs b/index.bs
index 30a04712f..06bcd0af9 100644
--- a/index.bs
+++ b/index.bs
@@ -1961,7 +1961,7 @@ to indicate what [=credential sources=] are acceptable to it. The [=client platf
 matching the specified criteria, and guides the user to pick one that the script will be allowed to use. The user may choose to
 decline the entire interaction even if a [=credential source=] is present, for example to maintain privacy. If the user picks a
 [=credential source=], the user agent then uses
-[[#sctn-op-get-assertion]] to sign a [=[RP]=]-provided challenge and other collected data into an assertion, which is used as a
+[[#sctn-op-get-assertion]] to sign a [=[RP]=]-provided challenge and other collected data into an [=authentication assertion=], which is used as a
 [=credential=].
 
 The {{CredentialsContainer/get()}} implementation [[!CREDENTIAL-MANAGEMENT-1]] calls
@@ -1970,7 +1970,7 @@ should be available without [=user mediation=] (roughly, this specification's [=
 exactly one of those, it then calls <code>PublicKeyCredential.{{PublicKeyCredential/[[DiscoverFromExternalSource]]()}}</code> to have
 the user select a [=credential source=].
 
-Since this specification requires an [=authorization gesture=] to create any [=credentials=], the <code>PublicKeyCredential.<dfn
+Since this specification requires an [=authorization gesture=] to create any [=assertions=], the <code>PublicKeyCredential.<dfn
 for="PublicKeyCredential" method>\[[CollectFromCredentialStore]](origin, options, sameOriginWithAncestors)</dfn></code> [=internal method=] inherits the default behavior of
 {{Credential/[[CollectFromCredentialStore]]()|Credential.[[CollectFromCredentialStore]]()}}, of returning an empty set.