Please provide the location where this should be fixed or updated.
Actually I think its a bit clearer now:
shall require the response_type values code id_token or code id_token token;
shall return ID Token as a detached signature to the authorization response;
shall include state hash, s_hash, in the ID Token to protect the state value;