From f7a9b1156b231a020c28bbf177f55aa55abff7d7 Mon Sep 17 00:00:00 2001
From: Tom Hennen <tomhennen@google.com>
Date: Mon, 9 Dec 2024 14:54:26 +0000
Subject: [PATCH] leave specifics out of it

Signed-off-by: Tom Hennen <tomhennen@google.com>
---
 docs/spec/draft/principles.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/spec/draft/principles.md b/docs/spec/draft/principles.md
index 794bdcad9..19c775c80 100644
--- a/docs/spec/draft/principles.md
+++ b/docs/spec/draft/principles.md
@@ -126,8 +126,8 @@ to reveal their legal identity.**
 
 **Reasoning**: SLSA uses identities for multiple purposes: as a trust anchor for attestations
 (i.e. who or what is making this claim and do I trust it to do so) or for attributing actions
-to an actor. Choice of identification technology is left to the platform that provides the
-action (e.g. username, cryptographic signing key, etc.).
+to an actor. Choice of identification technology is left to the organization and technical
+stacks implementing the SLSA standards.
 
 When identities are strongly authenticated and used consistently they can often be leveraged
 for both of these purposes without requiring them to be mapped to legal identities.