Update security.md

incorporated @jamesonhyde-docker's feedback.

engine/security/security.md

@@ -204,16 +204,16 @@ those explicitly required for their processes.
 The Docker Content Trust signature verification feature is built directly 
 into the `dockerd` binary.  The Docker Engine can be configured to only 
 permitted to run signed images. This is configured in the Dockerd 
-configuration file.  To incorporate this, the Docker engine have 
-trustpinning configured in the `daemon.json` file.  Trustpinning is when 
-Docker reposoitories with a known configured root key will only be accepted.
+configuration file.  To incorporate this, the Docker Engine has 
+trustpinning configured in the `daemon.json` file.  To enable this feature, 
+trustpinning can be configured in daemon.json file, whereby only repositories 
+signed with a user-specified root key will be allowed to be pulled and run.
   
-This feature provides image signature verification whenever a Docker pull 
-or run command uses an image. This provides insight to administrators that 
-was not previously available with the CLI being responsible for enforcing 
-and performing image signature verification. 
+This provides insight to administrators that was not previously available with 
+the CLI being responsible for enforcing and performing image signature verification. 
 
-For more information on configuring Docker Content Trust Signature Verificiation, go to (xxx)[xxx].
+For more information on configuring Docker Content Trust Signature Verificiation, go to 
+(Content trust in Docker)[engine/security/trust/content_trust].
 
 ## Other kernel security features