From 1b1e918a0190e23acdec0bd94949b91dd68e5d3a Mon Sep 17 00:00:00 2001
From: "Tammi L. Coles" <tlcoles@gmail.com>
Date: Thu, 16 Nov 2023 15:16:05 +0100
Subject: [PATCH] add detail to ch7 pitfalls section of cleartext signatures

---
 book/source/07-signing_data.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/book/source/07-signing_data.md b/book/source/07-signing_data.md
index 4d373d5..5163be4 100644
--- a/book/source/07-signing_data.md
+++ b/book/source/07-signing_data.md
@@ -137,7 +137,7 @@ _ **Escaping dashes**: The framework implements a method of [dash-escaped text](
 
 #### Pitfalls
 
-While widely used, cleartext signatures are sometimes viewed as a "legacy method"[^csf-gnupg]. The RFC outlines  [pitfalls of cleartext signatures](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-issues-with-the-cleartext-s) and advises that inline and detached signature forms are often preferable.
+Despite their widespread adoption, cleartext signatures have their limitations and are sometimes viewed as a "legacy method"[^csf-gnupg]. The RFC details the [pitfalls of cleartext signatures](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-issues-with-the-cleartext-s), such as incompatibility with semantically meaningful whitespace, challenges with large messages, and security vulnerabilities related to misleading Hash header manipulations. Given these issues, safer alternatives like inline and detached signature forms are advised.
 
 [^csf-gnupg]: https://lists.gnupg.org/pipermail/gnupg-devel/2023-November/035428.html