diff --git a/CertificationPracticeStatement.html b/CertificationPracticeStatement.html
index d2aca55..017976a 100755
--- a/CertificationPracticeStatement.html
+++ b/CertificationPracticeStatement.html
@@ -621,7 +621,7 @@ certificates.
Roots.
-The (new) CAcert root layout is as below.
+The new CAcert root layout is as below.
These roots are pending Audit,
and will be submitted to vendors via the (Top-level) Root.
@@ -1010,7 +1010,6 @@ As per above.
in any way, including but not limited to delivering these
certificates with their products, e.g. browsers, mailers or servers.
Vendors are covered under a separate licence.
- As of the moment, this licence is not written.
Configuration-Control Specification "CCS".
@@ -1088,18 +1087,17 @@ The Subscriber Naming consists of:
- subjectAltName=
One, or more, of the Subscriber's verified email addresses,
- in rfc822Name format.
-
-
- - SSO in subjectAltName?.
-
+ in rfc822Name format. Also includes a SHA1 hash of a random number if
+ the member selects SSO (Single Sign On ID) during submission of CSR.
- EmailAddress=
- One, or more, of the Subscriber's verified email addresses.
- This is deprecated under
+ One, or more, of the Subscriber's verified email addresses,
+ in rfc822Name format. Also includes a SHA1 hash of a random number if
+ the member selects SSO (Single Sign On ID) during submission of CSR.
+ This field is deprecated under
RFC5280 4
.1.2.6
- and is to be phased out. Also includes a SHA1 hash of a random number if
- the member selects SSO (Single Sign On ID) during submission of CSR.
+ and is to be phased out.
+
- CN= The common name takes its value from one of: