diff --git a/README.org b/README.org
index 6cc1b3e..2131293 100644
--- a/README.org
+++ b/README.org
@@ -1064,7 +1064,7 @@ The solution to the second problem is very similar once we realize
 that browsers made the perimeter-security-is-eggshell-security mistake.
 (And now we understand why dealing with CORS headers is such a
 headache!)
-Except... "solving" this problem would mean brining explicit ocap type
+Except... "solving" this problem would mean bringing explicit ocap type
 security to the web in general, meaning that extensions could not
 automatically reach in and scrape an entire page by default, for
 instance.