diff --git a/source/chapter2-uefi.rst b/source/chapter2-uefi.rst
index a74ec915cba329977501ef11635bc1e517f11ff4..4e98f7a8665beeffbd1bbb712ff9ac9b25226dc0 100644
--- a/source/chapter2-uefi.rst
+++ b/source/chapter2-uefi.rst
@@ -111,20 +111,13 @@ The FW image authenticity should be implemented by authenticating the different
 The FW update authorization should be implemented by verifying that the capsule or its components were assembled
 by the platform owner.
 
-Capsule authorization
-^^^^^^^^^^^^^^^^^^^^^
-
-The OS can expose the UpdateCapsule interface to any non-priveliged system user.
-The FW updates initiator or the FW update package creator should
-be an authorized user [NIST_800_193]_.
-
-The capsule or the FW images contained in the capsule should be signed by a platform owner key.
-The UEFI implementation should authenticate the capsule or
-the different fw images included in the capsule using the platform owner key.
+FW update authorization
+^^^^^^^^^^^^^^^^^^^^^^^
 
-The capsule or FW image components are signed by the platform owner in a platform specific way.
+The FW update authorization [NIST_800_193]_ can be checked by the OS, using OS specific methods, before calling
+UpdateCapsule. Alternatively, the FW update authorization can rely on the FW image authenticity check.
+If all FW images in the capsule are authentic then the user is deemed authorized to progress with the FW update procedure.
 
-The platform owner public key is kept in an platform specific NV region.
 
 FW image authentication
 ^^^^^^^^^^^^^^^^^^^^^^^