adjust structure

book/source/08-signing_components.md

@@ -15,7 +15,9 @@ This chapter adds detail to material we discussed in the {ref}`certificates_chap
 
 Separately, signatures on components serve as a central building block for OpenPGP's decentralized authentication functionality.
 
-## Self-signatures: Forming certificates and life-cycle management
+## Who signs?
+
+### Self-signatures: Forming certificates and life-cycle management
 
 *Self-signatures* are issued by the certificate's owner, using the primary key of the same certificate.
  
@@ -25,13 +27,13 @@ Signatures on components are also a central mechanism for life-cycle management
 The **certify others** [key flag](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-key-flags) (`0x01`) is not required in order to issue certifying self-signatures. This key flag is only necessary to issue valid third-party certifications.
 ```
 
-## Third-party certifications: Encoding authentication
+### Third-party certifications: Encoding authentication
 
 Mechanisms for decentralized authentication of identities are one of OpenPGP’s core strengths: Signatures on components by third parties can be used for the authentication of identities.
 
 Using OpenPGP signatures, identity claims can be certified by third parties. Similarly, authentication decisions can be delegated using signatures.
 
-## Meaning differs between self- and third-party signatures
+### Meaning differs between self- and third-party signatures
 
 The meaning of a signature depends in part on who issued it. A self-signature performs a different function than the same type of signature issued by a third party.