diff --git a/pep-keysync/draft-hoeneisen-pep-keysync.mkd b/pep-keysync/draft-hoeneisen-pep-keysync.mkd
index 7124556f..9503f9ce 100644
--- a/pep-keysync/draft-hoeneisen-pep-keysync.mkd
+++ b/pep-keysync/draft-hoeneisen-pep-keysync.mkd
@@ -92,18 +92,19 @@ potential leaks or theft.
 
 The basic approach is to synchronize private keys among devices of the same 
 user in a secure manner by using Trustwords (cf. {{I-D.birk-pep-trustwords}}) 
-confirmation between any two devices (at a time) for pairing them -- before 
-starting the security-sensitive transfer of the private key material.
+confirmation between any two devices (at a time) for pairing them -- that is, 
+a user needs to manually compare and confirm Trustwords as a pre-condition 
+before starting the automatic and security-sensitive transfer of the private 
+key material.
 
 ## Main Challenge
 
 Perform the synchronization in a secure manner, so that private keys are
-not leaked or exposed to theft.
+not leaked or exposed to theft -- end-device security being out-of-scope.
 
 
 {::include ../shared/text-blocks/key-words-rfc2119.mkd}
 
-
 {::include ../shared/text-blocks/terms-intro.mkd}
 
 {::include ../shared/text-blocks/handshake.mkd}