diff --git a/book/source/04-certificates.md b/book/source/04-certificates.md
index 4dd44bf..abaf17a 100644
--- a/book/source/04-certificates.md
+++ b/book/source/04-certificates.md
@@ -31,13 +31,17 @@ An OpenPGP component key (either the "primary key", or a "subkey") consists main
 
 ![Image](diag/cryptographic_keys.png "A cryptographic keypair")
 
-A cryptographic keypair consists of a private and a public part. In this document, we'll show the public part of a cryptographic key in green, and the private part in red.
+A cryptographic keypair, in turn, consists of a private and a public part. In this document, we'll show the public part of a cryptographic key in green, and the private part in red.
 
-We'll visualize cryptographic keypairs in a more compact form:
+We'll usually visualize cryptographic keypairs in a more compact form:
 
 ![Image](diag/keypair.png "A cryptographic keypair")
 
-(In some contexts, instead of the full cryptographic keypair, only the public part is present. More on that later.)
+Note that in many contexts, only the public part is present:
+
+![Image](diag/keypair_pub.png "Only the public part of a cryptographic keypair")
+
+More on that later.
 
 An OpenPGP component key consists of