diff --git a/draft-ietf-opsawg-9092-update.xml b/draft-ietf-opsawg-9092-update.xml
index 8e7e2b8..1372197 100644
--- a/draft-ietf-opsawg-9092-update.xml
+++ b/draft-ietf-opsawg-9092-update.xml
@@ -8,7 +8,7 @@
 <?rfc compact="yes"?>
 <?rfc subcompact="no"?>
 
-<rfc category="std" docName="draft-ietf-opsawg-9092-update-05"
+<rfc category="std" docName="draft-ietf-opsawg-9092-update-06"
      submissionType="IETF" consensus="true" ipr="trust200902"
      obsoletes="9092" version="2" >
 
@@ -518,10 +518,13 @@
       </t>
 
       <t>
-	The CA MUST generate a new EE certificate for each new signing
-	of the geofeed file.  An associated EE certificate used in this
-	fashion is termed a "one-time- use" EE certificate (see Section
-	3 of <xref target="RFC6487"/>).
+	The CA SHOULD sign only one geofeed file with each generated
+	private key and SHOULD generate a new key pair for each new
+	version of a perticular geofeed file.  The CA MUST generate a
+	new EE certificate for each signing of a particular geofeed
+	file.  An associated EE certificate used in this fashion is
+	termed a "one-time-use" EE certificate (see Section 3 of <xref
+	target="RFC6487"/>).
       </t>
 
       <t>