From 02988f5e8a264306b41043f550dffc4dc2b910d3 Mon Sep 17 00:00:00 2001
From: Heiko Schaefer <heiko@schaefer.name>
Date: Mon, 20 Nov 2023 15:24:42 +0100
Subject: [PATCH] ch10: edits

---
 book/source/10-encryption.md | 16 +++++-----------
 1 file changed, 5 insertions(+), 11 deletions(-)

diff --git a/book/source/10-encryption.md b/book/source/10-encryption.md
index 796ab87..52c98df 100644
--- a/book/source/10-encryption.md
+++ b/book/source/10-encryption.md
@@ -8,22 +8,16 @@ SPDX-License-Identifier: CC-BY-SA-4.0
 
 [Encryption](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#section-2.1) is one of the core facilities of OpenPGP. It provides confidentiality.
 
-For an in-depth, packet-level view of encrypted data in OpenPGP, see our chapter {ref}`zoom_enc`.
+For an in-depth, packet-level view of encrypted data in OpenPGP, see {ref}`zoom_enc`.
 
 ## High-Level overview of the message encryption process
 
 Encryption in OpenPGP is performed in two distinct steps:
 
-1. The plaintext is encrypted with a (secret) symmetric key, the [*message key*](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-confidentiality-via-encrypt). The (potentially large) ciphertext only needs to be stored once, even if it is sent to multiple recipients. All recipients get access to the same shared symmetric key for this message.
-2. For each recipient of the message, a packet with information about the message key is generated.
-   - Usually, the information that allows retrieval of the message key is encrypted to a public encryption component key of the recipient.
-   - Alternatively - or additionally - the secret symmetric key may also be encrypted using a passphrase. This is a specialized and less commonly used mode of operation that doesn't require OpenPGP certificates.
-
-```{admonition} TODO
-:class: warning
-
-This text could center either the message, or the session key. Both are awkward, in different ways.
-```
+1. The plaintext is encrypted based on a (secret) symmetric key, the [*session key*](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-confidentiality-via-encrypt). The (potentially large) ciphertext only needs to be stored once, even if it is sent to multiple recipients. All recipients get access to the same shared session key to decrypt the message.
+2. For each recipient of the message, a packet that contains the session key is generated.
+   - Usually, the session key is encrypted to a public encryption component key of the recipient.
+   - Alternatively - or additionally - the session key may also be encrypted using a passphrase. This is a specialized and less commonly used mode of operation that doesn't require OpenPGP certificates.
 
 ## Generations of encryption mechanisms in OpenPGP