diff --git a/draft-ietf-lamps-pq-composite-kem.md b/draft-ietf-lamps-pq-composite-kem.md
index c98e14f..875130e 100644
--- a/draft-ietf-lamps-pq-composite-kem.md
+++ b/draft-ietf-lamps-pq-composite-kem.md
@@ -818,11 +818,17 @@ In the interests of simplicity and avoiding compatibility issues, implementation
 
 ## Key Usage Bits
 
-For protocols such as X.509 [RFC5280] that specify key usage along with the public key, then the composite public key associated with a Composite ML-KEM algorithm MUST contain only a `keyEncipherment` key usage, all other key usages MUST NOT be used.
-This is because the composite public key can only be used in situations
-that are appropriate for both component algorithms, so even if the
-classical component key supports both signing and encryption,
-the post-quantum algorithms do not.
+When any of the Composite ML-KEM `AlgorithmIdentifier` appears in the `SubjectPublicKeyInfo` field of an X.509 certificate [RFC5280], the key usage certificate extension MUST only contain
+
+~~~
+keyEncipherment
+~~~
+
+Composite ML-KEM keys MUST NOT be used in a "dual usage" mode because even if the
+traditional component key supports both signing and encryption,
+the post-quantum algorithms do not and therefore the overall composite algorithm does not.
+
+
 
 
 # Composite ML-KEM Structures