Move mermaid diagram source out of sphinx field of view, and add a png version.

book/source/09-verification.md

@@ -73,7 +73,9 @@ This construct is referred to as a [revocation certificate](https://www.ietf.org
 
 On the other hand, in order to verify a data signature over a text document, an implementation would need to verify not only the data signature itself, but also the binding signature (and back-signature) of the signing subkey, which qualify the signing subkey.
 
-```{include} mermaid/09-sigtree.md
+```{figure} mermaid/09-sigtree.png
+
+Tree of signatures
 ```
 
 ### Attribute shadowing

book/source/mermaid/09-sigtree.md

@@ -1,23 +0,0 @@
-```{mermaid}
-flowchart TD
-    subgraph Certificate
-    pk["Primary Key"]
-    uid["#quot;Alice #lt;alice@example.org#gt;#quot;"]
-    sk["Signing Subkey"]
-
-    usig(["PositiveCertification
-    PrimaryUserID: true"])
-    dksig(["DirectKeySignature"])
-    sksig(["SubkeyBindingSignature
-    KeyFlags: Sign Data
-    EmbeddedSignature: BackSignature"])
-    pk --- usig --> uid
-    dksig --> pk --- dksig
-    pk --- sksig --> sk
-    end
-
-    ds(["Data Signature"])
-    data("Data")
-
-    sk --- ds --> data
-```