diff --git a/acl/types.proto b/acl/types.proto
index 2a5d7cf..c6225d8 100644
--- a/acl/types.proto
+++ b/acl/types.proto
@@ -1,5 +1,7 @@
 syntax = "proto3";
+
 package acl;
+
 option go_package = "github.com/nspcc-dev/neofs-api-go/acl";
 option csharp_namespace = "NeoFS.API.Acl";
 
@@ -11,18 +13,14 @@ enum Target {
     Unknown = 0;
 
     // User target rule is applied if sender is the owner of the container.
-    User    = 1;
+    User = 1;
 
     // System target rule is applied if sender is the storage node within the
     // container or inner ring node.
-    System  = 2;
+    System = 2;
 
     // Others target rule is applied if sender is not user or system target.
-    Others  = 3;
-
-    // PubKey target rule is applied if sender has public key provided in
-    // extended ACL.
-    PubKey  = 4;
+    Others = 3;
 }
 
 // EACLRecord groups information about extended ACL rule.
@@ -102,6 +100,7 @@ message EACLRecord {
 message EACLTable {
     // Carries identifier of the container that should use given access control rules.
     refs.ContainerID ContainerID = 1 [json_name="ContainerID"];
+
     // Records carries list of extended ACL rule records.
     repeated EACLRecord Records = 2 [json_name="Records"];
 }
diff --git a/proto-docs/acl.md b/proto-docs/acl.md
index 475e981..d653214 100644
--- a/proto-docs/acl.md
+++ b/proto-docs/acl.md
@@ -73,7 +73,7 @@ EACLRecord carries the information about extended ACL rules.
 
 | Field | Type | Label | Description |
 | ----- | ---- | ----- | ----------- |
-| ContainerID | [bytes](#bytes) |  | ContainerID of the container that should use given access control rules. |
+| ContainerID | [refs.ContainerID](#refs.ContainerID) |  | Carries identifier of the container that should use given access control rules. |
 | Records | [EACLRecord](#acl.EACLRecord) | repeated | Records carries list of extended ACL rule records. |
 
  <!-- end messages -->
@@ -148,7 +148,6 @@ Target of the access control rule in access control list.
 | User | 1 | User target rule is applied if sender is the owner of the container. |
 | System | 2 | System target rule is applied if sender is the storage node within the container or inner ring node. |
 | Others | 3 | Others target rule is applied if sender is not user or system target. |
-| PubKey | 4 | PubKey target rule is applied if sender has public key provided in extended ACL. |
 
 
  <!-- end enums -->