diff --git a/book/source/08-signing_components.md b/book/source/08-signing_components.md index 9b2e5d6..c1fe686 100644 --- a/book/source/08-signing_components.md +++ b/book/source/08-signing_components.md @@ -49,7 +49,7 @@ Third-party signatures are used to make specific statements: - revoking, and thus invalidating, prior third-party signature statements ```{note} -The **certify others** [key flag](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-key-flags) (`0x01`) is required to issue third-party signatures. By convention[^primary-certification], only the certificate's primary can hold this key flag. +The **certify others** [key flag](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-key-flags) (`0x01`) is required to issue third-party signatures. By convention[^primary-certification], only the certificate's primary key can hold this key flag. ``` [^primary-certification]: Implementations currently assume that only the primary key may hold the "certify others" key flag. However, the RFC doesn't clearly specify this limitation.