ch4: Introduce "component" term

book/source/04-certificates.md

@@ -28,13 +28,15 @@ An OpenPGP certificate (or "OpenPGP key") is a collection of an arbitrary number
 - identity information, and
 - other metadata.
 
-All elements of an OpenPGP certificate are structured around one central element: the *OpenPGP primary key*. The primary key acts as a personal CA for the key's owner: It can make cryptographic statements about subkeys, identities, expiration times, revocation, ...
+We sometimes collectively refer to component keys and identity information as the "components" of a certificate.
 
 ```{figure} diag/OpenPGP\ Certificate.svg
 
-An OpenPGP certificate
+Typical components in an OpenPGP certificate
 ```
 
+All elements of an OpenPGP certificate are structured around one central element: the *OpenPGP primary key*. The primary key acts as a personal CA for the certificate's owner: It can make cryptographic statements about subkeys, identities, expiration, revocation, ...
+
 ```{note}
 OpenPGP certificates are typically long-lived and may be changed (typically by their owner), over time. Components can be added and invalidated, over the lifetime of a certificate
 ```
@@ -151,6 +153,8 @@ User attributes are similar to User IDs, but less commonly used.
 
 ### Linking the components of an OpenPGP certificate together ("bindings")
 
+So far we've looked at the components in an OpenPGP certificate, but certificates actually contain another set of elements, which bind the components together, and add metadata to them.
+
 Internally, an OpenPGP certificate consists of a sequence of OpenPGP packets. These packets are just stringed together, one after the other. When a certificate is stored in a file[^tpk], it's easy to remove some of these packets, or add new ones.
 
 [^tpk]: When an OpenPGP certificate is stored as a file, it's in a format that is called [transferable public key](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-transferable-public-keys) in the RFC