diff --git a/book/source/04-certificates.md b/book/source/04-certificates.md
index 83ddc56..297cc0b 100644
--- a/book/source/04-certificates.md
+++ b/book/source/04-certificates.md
@@ -155,7 +155,28 @@ Alice can link a User ID to her OpenPGP certificate with a cryptographic signatu
 
 ### Hard vs. soft revocations
 
-## Zooming in: Looking at the package structure and internals
+
+## Advanced topics
+
+### Certificate Management / Evolution of a certificate over time
+
+Minimized versions, merging, effective "append only" semantics, ...
+
+### Merging
+
+- How to merge two copies of the same certificate?
+- Canonicalization
+
+### How to generate "minimized" certificate?
+
+### Best Practices regarding Key Freshness
+
+- Expiry
+- Subkey rotation
+
+### Metadata Leak of Social Graph
+
+## Zooming in: Package structure
 
 To use OpenPGP, we need "(OpenPGP) keys."
 
@@ -397,15 +418,15 @@ Signature Packet, new CTB, 2 header bytes + 131 bytes
 Note that the two OpenPGP artifacts (public certificate and private key) are almost identical.
 
 The public certificate uses the packet type "Public-Key Packet" instead of "Secret-Key Packet". The two packet types are very similar. The "Public-Key Packet" leaves out two types of data
- 
+
 * the private key material (visualized in red), and
 * s2k configuration data, if any (this example doesn't have any).
   s2k is used when the secret key material is password-protected.
 
 ![Image](diag/pubcert-minimal.png "A minimal OpenPGP public certificate, visualized")
- 
+
 In the following examples, we will look at OpenPGP private keys only. The corresponding public certificates are easy to imagine (just leave out the private key material).
- 
+
 
 ### User IDs
 
@@ -616,24 +637,3 @@ From here on, we'll look at the dumps in shorter format (you can see more detail
 ### Certifications (Third Party Signatures)
 
 ### Revocations
-
-
-## Advanced topics
-
-### Certificate Management / Evolution of a certificate over time
-
-Minimized versions, merging, effective "append only" semantics, ...
-
-### Merging
-
-- How to merge two copies of the same certificate?
-- Canonicalization
-
-### How to generate "minimized" certificate?
-
-### Best Practices regarding Key Freshness
-
-- Expiry
-- Subkey rotation
-
-### Metadata Leak of Social Graph