diff --git a/draft-ietf-sidrops-rpki-has-no-identity.xml b/draft-ietf-sidrops-rpki-has-no-identity.xml
index 3c043cd..ae21159 100644
--- a/draft-ietf-sidrops-rpki-has-no-identity.xml
+++ b/draft-ietf-sidrops-rpki-has-no-identity.xml
@@ -113,7 +113,7 @@
 
     </section>
   
-  <section anchor="bottom" title="The Bottom Line">
+  <section anchor="bottom" title="The RPKI is for Authorization">
 
     <t>The RPKI was designed and specified to sign certificates for use
     within the RPKI itself and to generate Route Origin Authorizations
@@ -134,7 +134,11 @@
     
     <t>PKI operations MUST NOT be performed with RPKI certificates other
     than exactly as described, and for the purposes described, in <xref
-    target="RFC6480"/>.</t>
+    target="RFC6480"/>.  That is, RPKI-based credentials of INRs MUST
+    NOT be used to authenticate real-world documents or transactions
+    without some formal external authentication of the INR and the
+    authority for the actually anonymous INR holder to authenticate the
+    particular document or transaction.</t>
 
     <t>I.e., RPKI-based credentials of INRs MUST NOT be used to
     authenticate real-world documents or transactions without some