diff --git a/draft-ietf-tls-rfc8446bis.md b/draft-ietf-tls-rfc8446bis.md
index 13c3d331..2bea6768 100644
--- a/draft-ietf-tls-rfc8446bis.md
+++ b/draft-ietf-tls-rfc8446bis.md
@@ -2995,7 +2995,7 @@ stateless HelloRetryRequest by storing just the hash of ClientHello1
 in the cookie, rather than requiring it to export the entire intermediate
 hash state (see {{cookie}}).
 
-For concreteness, the transcript hash is always taken from the
+Unless specified otherwise, the transcript hash is always taken from the
 following sequence of handshake messages, starting at the first
 ClientHello and including only those messages that were sent:
 ClientHello, HelloRetryRequest, ClientHello, ServerHello,
@@ -3003,6 +3003,11 @@ EncryptedExtensions, server CertificateRequest, server Certificate,
 server CertificateVerify, server Finished, EndOfEarlyData, client
 Certificate, client CertificateVerify, and client Finished.
 
+Unless specified otherwise, the messages in the transcript hash are
+always taken as sent or received by the endpoint without any processing.
+This helps to detect any modifications to ensure the integrity of
+messages.
+
 In general, implementations can implement the transcript by keeping a
 running transcript hash value based on the negotiated hash. Note,
 however, that subsequent post-handshake authentications do not include