wording

Signed-off-by: Meredith Lancaster <malancas@github.com>

pkg/cmd/attestation/verification/policy.go

@@ -54,24 +54,24 @@ func (c EnforcementCriteria) BuildPolicyInformation() string {
 	template :=
 		`
 The following policy criteria will be enforced against all attestations:
-- Attestation predicate type must match %s
-- Attestation's signing certificate must have an OIDC issuer matching %s
-- Attestation must be associated with an artifact built in an organization whose URI is %s`
+- Predicate type must match %s
+- Signing certificate's OIDC issuer must match %s
+- Artifact must be built in an organization whose URI is %s`
 
 	info := fmt.Sprintf(template, c.PredicateType, c.Certificate.Issuer, c.Certificate.SourceRepositoryOwnerURI)
 
 	if c.Certificate.SourceRepositoryURI != "" {
-		info += fmt.Sprintf("\n- Attestation must be associated with an artifact built in a repository whose URI is %s", c.Certificate.SourceRepositoryURI)
+		info += fmt.Sprintf("\n- Artifact built in a repository whose URI is %s", c.Certificate.SourceRepositoryURI)
 	}
 
 	if c.Certificate.RunnerEnvironment == GitHubRunner {
-		info += "\n- Attestation must be generated by an Action workflow executed in a GitHub hosted runner"
+		info += "\n- Attestation must have been generated by an Action workflow executed in a GitHub hosted runner"
 	}
 
 	if c.SAN != "" {
-		info += fmt.Sprintf("\n- Attestation's signing certificate must have a Subject Alternative Name matching the exact value %s", c.SAN)
+		info += fmt.Sprintf("\n- Signing certificate must have a Subject Alternative Name matching the exact value %s", c.SAN)
 	} else if c.SANRegex != "" {
-		info += fmt.Sprintf("\n- Attestation's signing certificate must have a Subject Alternative Name matching the regex %s", c.SANRegex)
+		info += fmt.Sprintf("\n- Signing certificate must have a Subject Alternative Name matching the regex %s", c.SANRegex)
 	}
 
 	return info