Update teps/0109-better-structured-provenance-retrieval-in-tekton-cha…

…ins.md

Co-authored-by: Billy Lynch <wlynch92@gmail.com>

teps/0109-better-structured-provenance-retrieval-in-tekton-chains.md

@@ -472,7 +472,7 @@ We can also separately collect inputs provenance from params, and outputs proven
 
 ### Using Run Status to generate Provenance Metadata
 
-Results is not an ideal place to have the provenance metadata populated for the artifacts, since Results are provided by Pipeline authors. When people are looking for provenance, the metadata being provided should ideally be trustful and unchangable after generation. How can we garantee the provenance metadata can be trusted? Assuming the Tekton Pipeline being installed and where the Runs are operated are trustful, one missing piece to comply to SLSA level L3 is that the Run yaml being submitted is a trustful config, which can be fulfilled by [TEP 091: Trusted Resource](https://github.com/tektoncd/community/pull/739). The other missing piece is that we want to make sure the generated provenance data shouldn't be changable by any untrusted threads. TaskRun and PipelineRun `status` field satisfies these needs, as only Pipeline controller is able to generate info within this field. To extend the previous trustful setup, we can allow Trusted Tasks to modify the field as well: when Trusted Tasks are being used, Pipeline Controller can verify the Trusted Tasks being used in a Run, and let Trusted Tasks to generate provenance metadata a new field under `status` fields.
+Results is not an ideal place to have the provenance metadata populated for the artifacts, since Results are provided by Pipeline authors. When people are looking for provenance, the metadata being provided should ideally be trustful and unchangeable after generation. How can we guarantee the provenance metadata can be trusted? Assuming the Tekton Pipeline being installed and where the Runs are operated are trustful, one missing piece to comply to SLSA level L3 is that the Run yaml being submitted is a trustful config, which can be fulfilled by [TEP 091: Trusted Resource](https://github.com/tektoncd/community/pull/739). The other missing piece is that we want to make sure the generated provenance data shouldn't be changeable by any untrusted threads. TaskRun and PipelineRun `status` field satisfies these needs, as only Pipeline controller is able to generate info within this field. To extend the previous trustful setup, we can allow Trusted Tasks to modify the field as well: when Trusted Tasks are being used, Pipeline Controller can verify the Trusted Tasks being used in a Run, and let Trusted Tasks to generate provenance metadata a new field under `status` fields.
 
 This approach would require changes in Pipeline and also completion of [Trusted Resources](https://github.com/tektoncd/community/pull/739), so the detailed design can be scoped out in a future TEPs. However, the schemas for the provenance metadata should follow those defined in this TEP.