From 326f1541cb7d730f53289073588ba97ee4debf20 Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Tue, 28 Nov 2023 22:11:30 +0100
Subject: [PATCH] missing 'key'

---
 book/source/08-signing_components.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/book/source/08-signing_components.md b/book/source/08-signing_components.md
index 9b2e5d6..c1fe686 100644
--- a/book/source/08-signing_components.md
+++ b/book/source/08-signing_components.md
@@ -49,7 +49,7 @@ Third-party signatures are used to make specific statements:
 - revoking, and thus invalidating, prior third-party signature statements
 
 ```{note}
-The **certify others** [key flag](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-key-flags) (`0x01`) is required to issue third-party signatures. By convention[^primary-certification], only the certificate's primary can hold this key flag.
+The **certify others** [key flag](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-key-flags) (`0x01`) is required to issue third-party signatures. By convention[^primary-certification], only the certificate's primary key can hold this key flag.
 ```
 
 [^primary-certification]: Implementations currently assume that only the primary key may hold the "certify others" key flag. However, the RFC doesn't clearly specify this limitation.