diff --git a/content/2017/09/adventures-in-autobahnwamp-security.html b/content/2017/09/adventures-in-autobahnwamp-security.html
index 60bebf6..f1c1a15 100644
--- a/content/2017/09/adventures-in-autobahnwamp-security.html
+++ b/content/2017/09/adventures-in-autobahnwamp-security.html
@@ -25,8 +25,8 @@ WAMP does not appear to have it's own encryption layer, but it does have
 it's own authentication layer.  You really don't want to have to trust
 two different authentication layers<label for="sn-encauth"
 class="margin-toggle sidenote-number"></label><input type="checkbox"
-id="sn-encauth" class="margin-toggle"/><span class="sidenote"
-id="sn-encauth">The encryption layer must be authenticated, otherwise
+id="sn-encauth" class="margin-toggle"/><span class="sidenote">The
+encryption layer must be authenticated, otherwise
 any attacker could MiTM the connection.  Most uses of TLS make use of
 the CA system for authentication (which has serious issues in trust),
 and most web apps add their own authentication layer on top of it (not