diff --git a/VerifyHostKeyDNS.org b/VerifyHostKeyDNS.org
index caef9ec..db0e821 100644
--- a/VerifyHostKeyDNS.org
+++ b/VerifyHostKeyDNS.org
@@ -64,7 +64,8 @@ needs to have the /Authentic Data (AD)/ flag set. The flag gets set
 when a validating name-server is asked for the SSHFP record, it finds
 it and it can validate the answer using DNSSEC.
 
-But then the libc stub resolver[fn:: The thingy that ssh uses to talk
+But then the libc stub resolver[fn:: The thingy[fn:: Thingy is a
+technical term, don't worry about it.] that ssh uses to talk
 to the validating name-server. On OpenBSD that is [[https://man.openbsd.org/man3/asr_run.3][asr]].] gets that
 answer it will strip the AD flag for security reasons. You see, it
 does not know that it can trust the validating name-server. One way to