Messages 2.2.3 "Access Token Response"

§2.2.3 "Access Token Response" of Messages-08 states that the "id_token MUST NOT be returned if the grant_type is not authorization_code." However, §3.2.1 "Refresh Token Response" of Standard-08* has weaker normative language stating only that, "it SHOULD NOT return id_token." Then, though non-normative, the example in that section of Standard seems to contradict both statements by showing an id_token being returned in response to a refresh token grant type request.

Is there some subtle reason for this that I'm not seeing?

If not, I'd suggest changing the SHOULD NOT in Standard §3.2.1 to a MUST NOT (or removing "except that it SHOULD NOT return id_token" text entirely) and removing the id_token from the JSON response in the example.

Thanks, Brian