diff --git a/content/docs/latest/planning/extending.md b/content/docs/latest/planning/extending.md
index 33045f23..6297bde1 100644
--- a/content/docs/latest/planning/extending.md
+++ b/content/docs/latest/planning/extending.md
@@ -53,7 +53,7 @@ In some cases it might be desirable for SPIRE to avoid being exposed to a signin
 
 SPIRE comes with a set of built-in Key Manager plugins for the [Server](/docs/latest/deploying/spire_server/) and [Agent](/docs/latest/deploying/spire_agent/).
 
-Note that the Key Manager is *not* provided with contextual metadata about the signing operation that it is performing (e.g., X.509 Certificate Signing Request). The SPIRE server performs any necessary policy evaluation on the signing request itself, and hands hashed data to the Key Manager plugin that is used as an input for creating a signature. This means that a Key Manager plugin cannot be developed for the means of performing evaluation of the request outside of the SPIRE server (e.g., Certificate Authority (CA) service in the case of X.509). The Upstream Authority plugin is the single method of integration between SPIRE and external CA's.
+Note that the Key Manager is **not** provided with contextual metadata about the signing operation that it is performing (e.g., X.509 Certificate Signing Request). The SPIRE server performs any necessary policy evaluation on the signing request itself, and hands hashed data to the Key Manager plugin that is used as an input for creating a signature. This means that a Key Manager plugin cannot be developed for the means of performing evaluation of the request outside of the SPIRE server (e.g., Certificate Authority (CA) service in the case of X.509). The Upstream Authority plugin is the single method of integration between SPIRE and external CA's.
 
 # Notifier plugins