diff --git a/book/source/04-certificates.md b/book/source/04-certificates.md index 45e5d77..30f81b9 100644 --- a/book/source/04-certificates.md +++ b/book/source/04-certificates.md @@ -183,7 +183,7 @@ In very abstract terms, the primary key of a certificate acts as a root of trust By binding components using digital signatures, recipients of an OpenPGP certificate need only validate the authenticity of the primary key to use for their communication partner. Traditionally, this is done by manually verifying the *fingerprint* of the primary key. Once the validity of the primary key is confirmed, the validity of the remaining components can be automatically assessed by the user's OpenPGP software. Generally, components are valid parts of a certificate if there is a statement signed by the certificate's primary key endorsing this validity. -## Metadata capabilities, preferences, and storage +## Metadata in certificates OpenPGP certificates, their component keys, and identities possess metadata that is not stored within the components it pertains to. Instead, this metadata is stored within signature packets, which are integral to the structure of an OpenPGP certificate.