Merge pull request #449 from Justinha/VSTS11339947

copyedits

windows/keep-secure/enterprise-certificate-pinning.md

@@ -18,8 +18,8 @@ localizationpriority: high
 **Applies to**
 -   Windows 10
 
-Enterprise certificate pinning is a Windows feature for remembering, or “pinning” a root, issuing certificate authority, or end entity certificate to a given domain name. 
-Enterprise certificate pinning enables you to protect your internal domain names from chaining to unwanted certificates or to fraudulently issued certificates to help reduce man-in-the-middle attacks.
+Enterprise certificate pinning is a Windows feature for remembering, or “pinning,” a root issuing certificate authority or end entity certificate to a given domain name. 
+Enterprise certificate pinning helps reduce man-in-the-middle attacks by enabling you to protect your internal domain names from chaining to unwanted certificates or to fraudulently issued certificates.
 
 >[!NOTE] 
 > External domain names, where the certificate issued to these domains is issued by a public certificate authority, are not ideal for enterprise certificate pinning. Web administrators should configure their web servers to use HTTP public key pinning (HPKP) and encourage users to use web browsers that support HPKP.
@@ -196,7 +196,7 @@ The **Site** element can have the following attributes:
     
     **Required?** No. 
     
- ### Create a Pin Rules Certificate Trust List
+### Create a Pin Rules Certificate Trust List
 
 The command line utility, **Certutil.exe**, includes the **generatePinRulesCTL** argument to parse the XML file and generate the encoded certificate trust list (CTL) that you add to your reference Windows 10 version 1703 computer and subsequently deploy. 
 The usage syntax is: