[has-PR] Security consideration (10.3. Fetching Presentation Definitions by Reference) has a MUST

Issue #1668 resolved
Nat Sakimura created an issue

A MUST should be stated in the main text and not in the security considerations.

The current text states:

The protocol for the presentation_definition_uri MUST be https.

in subclause 10.3, which is in the Security Considerations.

Proposal:

Change the text of Clause 5 as follows.

The current text

presentation_definition_uri: CONDITIONAL. A string containing a URL pointing to a resource where a presentation_definition JSON object as defined in Section 4 of [DIF.PresentationExchange] can be retrieved . See Section 5.2 for more details.

Change this to:

presentation_definition_uri: CONDITIONAL. A string containing a HTTPS URL pointing to a resource where a presentation_definition JSON object as defined in Section 4 of [DIF.PresentationExchange] can be retrieved . See Section 5.2 for more details.

Additionally, move the text containing MUST to clause 5.2

Comments (7)

  1. Log in to comment