Improve wording

project-security/security.md

@@ -32,13 +32,15 @@ important project security pages:
 ## Reporting Security Issues in Qubes OS
 
 If you believe you have found a security issue affecting Qubes OS, either
-directly or indirectly (e.g. the issue affects Xen in a configuration that is
+directly or indirectly (e.g., the issue affects Xen in a configuration that is
-used in Qubes OS), then we would be more than happy to hear from you! We
+used in Qubes OS), then we would be more than happy to hear from you! Please
-promise to treat any reported issue seriously and, if the investigation
+send a [PGP-encrypted](#security-team-pgp-key) email to the [Qubes Security
-confirms that it affects Qubes, to patch it within a reasonable time and
+Team](#qubes-security-team). We promise to take all reported issues seriously.
-release a public [Qubes Security Bulletin](/security/qsb/) that describes
+If our investigation confirms that an issue affects Qubes, we will patch it
-the issue, discusses the potential impact of the vulnerability, references
+within a reasonable time and release a public [Qubes Security Bulletin
-applicable patches or workarounds, and credits the discoverer.
+(QSB)](/security/qsb/) that describes the issue, discusses the potential impact
+of the vulnerability, references applicable patches or workarounds, and credits
+the discoverer.
 
 ## Security Updates
 
@@ -47,19 +49,20 @@ OS](/doc/how-to-update/).
 
 ## Qubes Security Team
 
-The Qubes Security Team (QST) is the subset of the [Qubes Team](/team/) that is
+The **Qubes Security Team (QST)** is the subset of the [Core Qubes
-responsible for ensuring the security of Qubes OS and the Qubes OS Project. In
+Team](/team/#core) that is responsible for ensuring the security of Qubes OS
-particular, the QST is responsible for:
+and the Qubes OS Project. In particular, the QST is responsible for:
 
 - Responding to [reported security
   issues](#reporting-security-issues-in-qubes-os)
 - Evaluating whether [XSAs](/security/xsa/) affect the security of Qubes OS
 - Writing, applying, and/or distributing security patches to fix
   vulnerabilities in Qubes OS
-- Writing, signing, and publishing [Security Bulletins](/security/qsb/)
+- Writing, signing, and publishing [Qubes Security Bulletins
-- Writing, signing, and publishing [Canaries](/security/canary/)
+  (QSBs)](/security/qsb/)
+- Writing, signing, and publishing [Qubes Canaries](/security/canary/)
 - Generating, safeguarding, and using the project's [PGP
-  Keys](https://keys.qubes-os.org/keys/)
+  keys](https://keys.qubes-os.org/keys/)
 
 As a security-oriented operating system, the QST is fundamentally important to
 Qubes, and every Qubes user implicitly trusts the members of the QST by virtue
@@ -76,8 +79,8 @@ Please use the [Security Team PGP
 Key](https://keys.qubes-os.org/keys/qubes-os-security-team-key.asc) to encrypt
 all emails sent to this address. This key is signed by the [Qubes Master
 Signing Key](https://keys.qubes-os.org/keys/qubes-master-signing-key.asc).
-Please see [Why and How to Verify Signatures](/security/verifying-signatures/)
+Please see [Verify Signatures](/security/verifying-signatures/) for information
-for information about how to verify these keys.
+about how to authenticate these keys.
 
 ### Members of the Security Team