diff --git a/content/client-server-api/modules/end_to_end_encryption.md b/content/client-server-api/modules/end_to_end_encryption.md
index df9f4785..64b97bb9 100644
--- a/content/client-server-api/modules/end_to_end_encryption.md
+++ b/content/client-server-api/modules/end_to_end_encryption.md
@@ -471,8 +471,10 @@ In general, verification operates as follows:
   that the verification was successful.
 
 Verifications can be cancelled by either device at any time by sending an
-[`m.key.verification.cancel`](#mkeyverificationcancel) event with a `code` field that indicates the reason
-it was cancelled.
+[`m.key.verification.cancel`](#mkeyverificationcancel) event with a `code` field
+that indicates the reason it was cancelled. The
+[Error handling during key verification](#error-handling-during-key-verification)
+section explains specific situations where cancellation messages should be sent.
 
 When using to-device messages, Alice may not know which of Bob's devices to
 verify, or may not want to choose a specific device. In this case, Alice will