--- a/spec/Overview-WebCryptoAPI.xml	Sun Jan 27 21:01:08 2013 -0800
+++ b/spec/Overview-WebCryptoAPI.xml	Mon Apr 22 16:30:54 2013 -0700
@@ -459,13 +459,6 @@
             material to web applications, any user with access to device storage may be able to recover
             the key.
           </p>
-          <p>
-            In some situations, allowing low-level access to key handles, such as to permit the
-            signing or encryption of arbitrary text, may allow an attacker to construct an oracle
-            that can be used to recover key material. Application developers are thus encouraged to
-            be careful about permitting the signing of arbitrary messages, and should consider the
-            use of existing cryptographic messaging protocols as appropriate.
-          </p>
         </div>
       </div>