diff --git a/book/source/10-encryption.md b/book/source/10-encryption.md
index e3ce2b6..21456c7 100644
--- a/book/source/10-encryption.md
+++ b/book/source/10-encryption.md
@@ -162,8 +162,8 @@ In this scenario, it is important that the sender encrypts the message to all av
 
 #### Prevent "downgrade" -> Policy
 
-Each implementation should define a "minimum" level of security when it comes to algorithms.
-If the lowest common denominator of symmetric encryption algorithms preferred by a set of recipients provides too little security, the implementation should either use a fallback algorithm instead, or fail to produce a message at all.
+Each implementation should define a "minimum" level of security when it comes to algorithms and key lengths.
+If the lowest common denominator of symmetric encryption algorithms preferred by a set of recipients provides too little security, the implementation should either use a configured fallback algorithm instead, or fail to produce a message at all.
 
 ### Implications of how a recipient cert is "addressed" (fingerprint/key-ID vs. user-ID) (preferences, expiration, revocation)