diff --git a/book/source/04-certificates.md b/book/source/04-certificates.md
index 8611056..13f32b2 100644
--- a/book/source/04-certificates.md
+++ b/book/source/04-certificates.md
@@ -50,7 +50,7 @@ Typical components in an OpenPGP certificate
 Every element in an OpenPGP certificate revolves around a central component: the *OpenPGP primary key*. The primary key acts as a personal *certification authority* (CA) for the certificate's owner, enabling cryptographic statements regarding subkeys, identities, expiration, revocation, and more.
 
 ```{note}
-OpenPGP certificates tend to have a long lifespan, with the potential for modifications (typically by their owner) over time. Components may be added or invalidated throughout a certificate's lifetime.
+OpenPGP certificates tend to have a long lifespan, with the potential for modifications (typically by their owner) over time. Components may be added or invalidated throughout a certificate's lifetime. However, once published, components [cannot be removed](append-only) from certificates.
 ```
 
 ## Component keys