From 1dc1a8147407bb29b915fdae9a8e0fa679eff902 Mon Sep 17 00:00:00 2001
From: "Tammi L. Coles" <tlcoles@gmail.com>
Date: Thu, 30 Nov 2023 19:06:46 +0100
Subject: [PATCH] improve headers

---
 book/source/05-private.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/book/source/05-private.md b/book/source/05-private.md
index b928177..305255b 100644
--- a/book/source/05-private.md
+++ b/book/source/05-private.md
@@ -56,13 +56,13 @@ Transferable secret keys are sometimes colloquially referred to as "OpenPGP priv
 Historically, the concept of TSKs, which combine all components of an OpenPGP certificate with the associated private key material, has sometimes been conflated with OpenPGP private key operations. However, it is more accurate to view TSKs as a specialized format for storage and transport, rather than as a data structure for use in a keystore. For further details, see {ref}`key-store-design`.
 
 (encrypted_secrets)=
-## Protection of private key material in OpenPGP
+## Protecting keys with passphrases
  
 In the OpenPGP format, private key material can be optionally protected with a [passphrase](https://en.wikipedia.org/wiki/Passphrase). 
 
 This method proves effective in scenarios where an unauthorized party obtains the OpenPGP key data but does not know the passphrase. Such a safeguard renders the key unusable to the attacker, effectively protecting it against unauthorized access or use.
 
-### Transforming a passphrase into a symmetric key
+### Transforming passphrases into symmetric keys
 
 When protecting private key material in OpenPGP, a symmetric key is derived from the user's passphrase. This derived key is then used to protect the OpenPGP private key data.
 
@@ -88,7 +88,7 @@ A third mechanism is conditionally allowed for key generation. Decryption of pri
 
 The RFC uses the terms "String-to-Key (S2K) specifier" or "String-to-Key (S2K) specifier type" for mechanisms used to *generate* a symmetric key from a passphrase.
 
-### Using the symmetric key for encryption 
+### Using symmetric keys for encryption 
 
 The generation of a symmetric key from a passphrase leads to its subsequent use in encrypting or decrypting OpenPGP private key material.
 
@@ -96,7 +96,7 @@ The RFC uses the term "String-to-Key Usage (S2K usage)" for the mechanism used t
 
 Different mechanisms are specified [for encryption of OpenPGP private key material](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-secret-key-encryption).
 
-### Passphrase-protection acts per-component key
+### Component-based passphrase protection
 
 The OpenPGP mechanism for protecting private key material applies individually to each component key: