From 6259f964f4e84fd7349d6d9115ac4b40743fea7e Mon Sep 17 00:00:00 2001
From: mfwmyfacewhen <94880365+mfwmyfacewhen@users.noreply.github.com>
Date: Wed, 9 Aug 2023 04:29:21 -0500
Subject: [PATCH] move app revocation checks

---
 docs/os/macos-overview.md | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/docs/os/macos-overview.md b/docs/os/macos-overview.md
index 8454c522..c340a62e 100644
--- a/docs/os/macos-overview.md
+++ b/docs/os/macos-overview.md
@@ -129,12 +129,6 @@ macOS employs defense in depth by relying on multiple layers of software and har
 
     macOS allows you to install beta updates. These are unstable and may come with extra telemetry since they're for testing purposes. Because of this, we recommend you avoid beta software in general.
 
-### App Revocation Checks
-
-macOS performs online OCSP checks using HTTPS encryption when you open an app to verify whether an app contains known malware, and whether the developer’s signing certificate is revoked.
-
-We recommend against blocking these checks.
-
 #### Signed System Volume
 
 macOS's system components are protected in a read-only signed system volume, meaning that neither you nor malware can alter important system files.
@@ -149,6 +143,12 @@ System Integrity Protection makes critical file locations read-only to protect a
 
 #### Application Security
 
+### App Revocation Checks
+
+macOS performs online OCSP checks using HTTPS encryption when you open an app to verify whether an app contains known malware, and whether the developer’s signing certificate is revoked.
+
+We recommend against blocking these checks.
+
 ##### App Sandbox
 
 macOS apps downloaded from the App Store are required to use the [App Sandbox](https://developer.apple.com/documentation/security/app_sandbox). You should avoid non-App Store software as much as possible.