MicrosoftDocs
diff --git a/‎articles/trusted-signing/faq.yml
Lines changed: 14 additions & 13 deletions b/‎articles/trusted-signing/faq.yml
Lines changed: 14 additions & 13 deletions
diff --git a/‎articles/trusted-signing/media/trusted-signing-indie-validation-email-mismatch.png
42.1 KB b/‎articles/trusted-signing/media/trusted-signing-indie-validation-email-mismatch.png
42.1 KB
@@ -40,41 +40,42 @@ sections:
           - Currently, an organization that has a year-founded date of less than three years can't be onboarded, and identity validation fails. 
           - If your organization has a year-founded date of more than three years, ensure that you didn't miss an email verification link that was sent to the primary email address you entered when you created your identity validation request. The link expires after seven days. If you overlooked the email or if you didn't select the link in the email within seven days, create a new identity validation request.   
           - If identity validation fails, but not because of a missed email verification, the Microsoft validation team wasn't able to make a determination about your request based on the information that you provided. Even if you provide more documentation when we request it, if we can't validate the information, we can't onboard you to Trusted Signing. In this scenario, we recommend that you delete your Trusted Signing account so that you aren't billed for unused resources.
-      - question: For Individual identity validation, 	what if I don’t have an address on a bank statement or utility bill?
-        answer: | 
-          	Be sure to use a government issued ID with address on it, in order to successfully go through the process.
       - question: For Individual identity validation, I see an error - "You do not have permission to access this page".
         answer: | 
-          	Verify you are using the same email address to access the Identity Validation link, that you entered in the Identity Validation request.
+          - If you see the error, it is because the email address entered during the individual identity validation is different from the one being used to sign in to access the link. Make sure both the email addresses match.  
+          :::image type="content" source="media/trusted-signing-indie-validation-email-mismatch.png" alt-text="Screenshot of email mismatch when access link to verify individual developer." lightbox="media/trusted-signing-indie-validation-email-mismatch.png":::
+      - question: For Individual identity validation, what if I don’t have an address on a bank statement or utility bill?
+        answer: | 
+          - Be sure to use a government issued ID with address on it, in order to successfully go through the process.
       - question: What if I already have a VID?
         answer: | 
-          	Follow the steps to present your existing VID for Trusted Signing. For this process, VIDs must include your address in addition to your name. Ensure that your VIDs have your address on them before using them for Trusted Signing.
+          - Follow the steps to present your existing VID for Trusted Signing. For this process, VIDs must include your address in addition to your name. Ensure that your VIDs have your address on them before using them for Trusted Signing.
       - question: What if I need assistance with identity validation?
         answer: | 
-          For questions about identity validation in Trusted Signing, contact us by using [Microsoft Q&A](https://learn.microsoft.com/answers/tags/509/trusted-signing) (use the tag **Azure Trusted Signing**) or [Stack Overflow](https://stackoverflow.com/questions/tagged/trusted-signing) (use the tag **trusted-signing**). Azure support doesn't resolve identity validation issues for Trusted Signing.
+          - For questions about identity validation in Trusted Signing, contact us by using [Microsoft Q&A](https://learn.microsoft.com/answers/tags/509/trusted-signing) (use the tag **Azure Trusted Signing**) or [Stack Overflow](https://stackoverflow.com/questions/tagged/trusted-signing) (use the tag **trusted-signing**). Azure support doesn't resolve identity validation issues for Trusted Signing.
       - question: What is the cost of using Trusted Signing?
         answer: | 
-          For pricing information, see [Trusted Signing pricing](https://azure.microsoft.com/pricing/details/trusted-signing/).
+          - For pricing information, see [Trusted Signing pricing](https://azure.microsoft.com/pricing/details/trusted-signing/).
       - question: What are my support options when I set up Trusted Signing?
         answer: | 
-          You can create a support ticket in the Azure portal to get Azure support. Also, you can post a question or search for related questions on [Microsoft Q&A](https://learn.microsoft.com/answers/tags/509/trusted-signing) (use the tag **Azure Trusted Signing**) or [Stack Overflow](https://stackoverflow.com/questions/tagged/trusted-signing) (use the tag **trusted-signing**).  
+          - You can create a support ticket in the Azure portal to get Azure support. Also, you can post a question or search for related questions on [Microsoft Q&A](https://learn.microsoft.com/answers/tags/509/trusted-signing) (use the tag **Azure Trusted Signing**) or [Stack Overflow](https://stackoverflow.com/questions/tagged/trusted-signing) (use the tag **trusted-signing**).  
   - name: Certificate profiles and identity validation
     questions:
       - question: What if my Trusted Signing subject name is different from the name in my certificate and my MSIX package name is different now? 
         answer: |
-          For Windows app MSIX packages, follow the guidance in [MSIX persistent identity](/windows/msix/package/persistent-identity).
+          - For Windows app MSIX packages, follow the guidance in [MSIX persistent identity](/windows/msix/package/persistent-identity).
       - question: Does deleting a certificate profile revoke the certificates? 
         answer: |
-          No. If you delete a certificate profile, any certificates that were previously issued or used under that profile remain valid. The certificates aren't revoked.
+          - No. If you delete a certificate profile, any certificates that were previously issued or used under that profile remain valid. The certificates aren't revoked.
       - question: Can I use a custom CN or a custom O with Trusted Signing? 
         answer: |
-          No, you can't use a custom Common Name (CN) or a custom Organization (O) with Trusted Signing. Currently, the Trusted Signing service doesn't support customization. Also, keep in mind that per the Certification Authority Browser Forum (CA/Browser Forum) in the Code Signing Baseline Requirements (CSBRs) for publicly trusted code signing certificates, CN values must always be the legal entity's validated name (for example, `Microsoft Corporation`).
+          - No, you can't use a custom Common Name (CN) or a custom Organization (O) with Trusted Signing. Currently, the Trusted Signing service doesn't support customization. Also, keep in mind that per the Certification Authority Browser Forum (CA/Browser Forum) in the Code Signing Baseline Requirements (CSBRs) for publicly trusted code signing certificates, CN values must always be the legal entity's validated name (for example, `Microsoft Corporation`).
       - question: What if the "New identity validation" button in the Azure portal is inactive?
         answer: |
-          If the **New identity validation** button in the Azure portal is inactive and you can't select it, you don't have the Trusted Signing Identity Verifier role assigned to your account. To assign yourself the role, complete the steps in [Assign roles in Trusted Signing](https://learn.microsoft.com/azure/trusted-signing/tutorial-assign-roles). 
+          - If the **New identity validation** button in the Azure portal is inactive and you can't select it, you don't have the Trusted Signing Identity Verifier role assigned to your account. To assign yourself the role, complete the steps in [Assign roles in Trusted Signing](https://learn.microsoft.com/azure/trusted-signing/tutorial-assign-roles). 
       - question: What if my identity validation expires?
         answer: |
-          If you don't renew identity validation before the expiration date, certificate renewal stops. All signing processes that are associated with those specific certificate profiles stops. To continue signing by using the Trusted Signing service, create another identity validation and associate it with the relevant certificate profiles. We send multiple reminders starting at 60 days before an identity validation's expiration date to help you begin the process of renewing your identity validation. 
+          - If you don't renew identity validation before the expiration date, certificate renewal stops. All signing processes that are associated with those specific certificate profiles stops. To continue signing by using the Trusted Signing service, create another identity validation and associate it with the relevant certificate profiles. We send multiple reminders starting at 60 days before an identity validation's expiration date to help you begin the process of renewing your identity validation. 
        
   - name: Signing
     questions: