Spelling and clarifcations

98.md

@@ -6,9 +6,9 @@ HTTP Auth
 
 `draft` `optional` `author:kieran` `author:melvincarvalho`
 
-This NIP defines an ephemerial event used to authorize requests to HTTP servers using nostr events.
+This NIP defines an ephemeral event used to authorize requests to HTTP servers using nostr events.
 
-This is useful for HTTP services which are build for Nostr and deal with Nostr user accounts.
+This is useful for HTTP services which are built for Nostr and deal with Nostr user accounts.
 
 ## Nostr event
 
@@ -16,7 +16,7 @@ A `kind 27235` (In reference to [RFC 7235](https://www.rfc-editor.org/rfc/rfc723
 
 The `content` SHOULD be empty.
 
-The following tags are defined as REQUIRED.
+The following tags MUST be included.
 
 * `u` - absolute URL
 * `method` - HTTP Request Method
@@ -45,7 +45,7 @@ Example event:
 
 Servers MUST perform the following checks in order to validate the event:
 1. The `kind` MUST be `27235`.
-2. The `created_at` MUST be within a reasonable time window (suggestion 60 seconds).
+2. The `created_at` timestamp MUST be within a reasonable time window (suggestion 60 seconds).
 3. The `u` tag MUST be exactly the same as the absolute request URL (including query parameters).
 4. The `method` tag MUST be the same HTTP method used for the requested resource.
 
@@ -53,11 +53,11 @@ When the request contains a body (as in POST/PUT/PATCH methods) clients SHOULD i
 
 If one of the checks was to fail the server SHOULD respond with a 401 Unauthorized response code.
 
-All other checks which server MAY do are OPTIONAL, and implementation specific.
+Servers MAY perform additional implementation-specific validation checks.
 
 ## Request Flow
 
-Using the `Authorization` header, the `kind 27235` event MUST be `base64` encoded and use the Authorization scheme `Nostr`
+Using the `Authorization` HTTP header, the `kind 27235` event MUST be `base64` encoded and use the Authorization scheme `Nostr`
 
 Example HTTP Authorization header:
 ```