Elaborate how the signature is calculated

book/source/06-signatures.md

@@ -53,7 +53,7 @@ In this chapter, we discuss the general principles of OpenPGP signatures, which
 
 For more detail about specific types of signatures, see the chapters {ref}`signing_data` and {ref}`component_signatures_chapter`, respectively.
 
-## Structure of an OpenPGP signature
+## Structure of an OpenPGP signature packet
 
 As outlined above, an OpenPGP signature is a composite data structure, which combines:
 
@@ -67,7 +67,18 @@ As outlined above, an OpenPGP signature is a composite data structure, which com
 Structure of an OpenPGP signature packet
 ```
 
-The cryptographic signature is calculated by its issuer. It certifies a hash digest, which in turn combines a set of input data. The exact input data depends on the signature type. Roughly: the hash digest is over the elements that the OpenPGP signature makes a statement about, combined with the metadata in the OpenPGP signature packet itself. More on this later.
+### Generation and validation of cryptographic signatures in OpenPGP
+
+The central element of an OpenPGP signature packet is the raw cryptographic signature it contains. This cryptographic signature is calculated by the issuer of that signature packet.
+
+In abstract terms, the cryptographic signature certifies a set of input data ("signature over"): The signer is making a statement about that set of input data. That statement is encoded as the signature packet.
+
+If we look more closely, the cryptographic signature is actually calculated in two steps:
+
+1. A hash digest is calculated from the set of input data.
+2. The signature is calculated for this hash digest.
+
+The exact input data depends on the signature type. However, the input data always comprises the information that the signature makes a statement about. It includes the metadata in the OpenPGP signature packet itself.
 
 (signature_subpackets)=
 ## Signature subpackets