CA public keys may also be provided to relying parties via TLS handshakes

[aarongable]

In Section 6.1.4 we say "Public Keys are provided to Relying Parties as part of browser, operating system, or other software trusted root certificate lists". This is true for our roots, but not our intermediates. It might be good to clarify that our intermediate public keys can be provided via other mechanisms, such as TLS handshakes.