From 17f3a3d92ce1b529bd3da6738746214baa5e2179 Mon Sep 17 00:00:00 2001
From: Josh <6605460+joshwetzel@users.noreply.github.com>
Date: Sat, 13 Dec 2025 20:11:11 -0500
Subject: [PATCH] Improve SAML replay docs

---
 README.md | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 563d5c55..db7b679b 100644
--- a/README.md
+++ b/README.md
@@ -57,9 +57,12 @@ We created a demo project for Rails 4 that uses the latest version of this libra
   potential security vulnerability, due to its dependency on Nokogiri. Such warnings can
   be ignored; Ruby SAML uses Nokogiri in a safe way, by always disabling its DTDLOAD option
   and enabling its NONET option.
-- **Prevent Replay attacks:** A replay attack is when an attacker intercepts a valid SAML
-assertion and "replays" it at a later time to gain unauthorized access. The `ruby-saml`
-library provides the tools to prevent this, but **you, the developer, must implement thecore logic**, see an specific section later in the README.
+- **Prevent Replay attacks:** A replay attack occurs when an attacker intercepts
+  a valid SAML assertion and reuses it to gain unauthorized access. The
+  `ruby-saml` library provides tools to help mitigate this risk, but **it is
+  your responsibility to implement the necessary logic.** See
+  [Preventing Replay Attacks](#preventing-replay-attacks) for additional
+  guidance.
 
 
 ### Supported Ruby Versions