diff --git a/draft-ietf-sidrops-rpki-has-no-identity.xml b/draft-ietf-sidrops-rpki-has-no-identity.xml
index d1573cd..8ed06ac 100644
--- a/draft-ietf-sidrops-rpki-has-no-identity.xml
+++ b/draft-ietf-sidrops-rpki-has-no-identity.xml
@@ -50,8 +50,8 @@
 
     <t>There is a false notion that Internet Number Resources (INRs) in
     the RPKI can be associated with the real-world identity of the
-    'holder' of an INR.  This document attempts to make clear that
-    notion is incorrect.</t>
+    'holder' of an INR.  This document specifies that RPKI does not
+    associate to the INR holder.</t>
 
   </abstract>
 
@@ -104,8 +104,8 @@
     Resource Public Key Infrastructure, not for "Identity".  In fact,
     the RPKI does not provide any association between INRs and the real
     world holder(s) of those INRs.  The RPKI provides authorization to
-    make assertions only regarding named IP address blocks, AS numbers,
-    etc.</t>
+    make assertions only regarding Internet Number Resources, such as IP
+    prefixes or AS numbers, and data such as ASPA records.</t>
 
     <t>In short, avoid the desire to use RPKI certificates for any
     purpose other than the verification of authorizations associated
@@ -126,30 +126,20 @@
     
     <t>That the RPKI does not authenticate real-world identity is by
     design.  If it tried to do so, aside from the liability, it would
-    end in a world of complexity with no proof of termination, as X.400
-    learned.</t>
+    end in a world of complexity with no proof of termination.</t>
 
     <t>Registries such as the Regional Internet Registries (RIRs)
     provide INR to real-world identity mapping through WHOIS, <xref
     target="RFC3912"/>, and similar services.  They claim to be
     authoritative, at least for the INRs which they allocate.</t>
-    
-    <t>PKI operations MUST NOT be performed with RPKI certificates other
-    than exactly as described, and for the purposes described, in <xref
-    target="RFC6480"/>.  That is, RPKI-based credentials of INRs MUST
-    NOT be used to authenticate real-world documents or transactions
-    without some formal external authentication of the INR and the
-    authority for the actually anonymous INR holder to authenticate the
-    particular document or transaction.</t>
 
-    <t>I.e., RPKI-based credentials of INRs MUST NOT be used to
-    authenticate real-world documents or transactions without some
-    formal external authentication of the INR and the authority for the
-    actually anonymous INR holder to authenticate the particular
-    document or transaction.</t>
-
-    <t>Given sufficient external, i.e. non-RPKI, verification of
-    authority, the use of RPKI-based credentials seems superfluous.</t>
+    <t>That is, RPKI-based credentials of INRs MUST NOT be used to
+    authenticate real-world documents or transactions.  That might be
+    done with some formal external authentication of authority for an
+    otherwise anonymous INR holder to authenticate the particular
+    document or transaction.  Given such external, i.e. non-RPKI,
+    verification of authority, the use of RPKI-based credentials seems
+    superfluous.</t>
   
     </section>