From f08080355567f556fa2e883e52ef47a34ea83565 Mon Sep 17 00:00:00 2001
From: Heiko Schaefer <heiko@schaefer.name>
Date: Sun, 1 Oct 2023 15:08:56 +0200
Subject: [PATCH] ch4: add alt text to figure

---
 book/source/04-certificates.md | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/book/source/04-certificates.md b/book/source/04-certificates.md
index d2c3dcf..e59fc7f 100644
--- a/book/source/04-certificates.md
+++ b/book/source/04-certificates.md
@@ -86,8 +86,11 @@ In addition to the primary key, modern OpenPGP certificates can contain "subkeys
 Subkeys have the same structure as the primary key, but play a subtly different role in the certificate. Subkeys are cryptographically linked with the primary key (more on this below).
 
 ```{figure} diag/with_subkeys.png
----
----
+:name: Certificate with Subkeys
+:alt: Three component keys. The primary key is shown at the top. It can be used for certification. Below it, linked with arrows, are two more component keys, used as subkeys. They are marked as "for encryption" and "for signing", respectively.
+:width: 80%
+:align: center
+
 OpenPGP certificates can contain any number of subkeys
 ```