diff --git a/draft-ietf-gnap-core-protocol.md b/draft-ietf-gnap-core-protocol.md
index c714f16..c22c731 100644
--- a/draft-ietf-gnap-core-protocol.md
+++ b/draft-ietf-gnap-core-protocol.md
@@ -1705,7 +1705,8 @@ GET as described in {{interaction-callback}}.
 
 The client instance's URI MUST be protected by HTTPS, be
 hosted on a server local to the RO's browser ("localhost"), or
-use an application-specific URI scheme.
+use an application-specific URI scheme that is loaded on the
+end user's device.
 
 ~~~ json
 "interact": {
@@ -1735,7 +1736,7 @@ as described in {{interaction-pushback}}.
 
 The client instance's URI MUST be protected by HTTPS, be
 hosted on a server local to the RO's browser ("localhost"), or
-use an application-specific URI scheme.
+use an application-specific URI scheme that is loaded on the end user's device.
 
 ~~~ json
 "interact": {
@@ -2802,7 +2803,7 @@ the URI MAY be opened on a separate device from the client instance
 itself. The URI MUST be accessible from an HTTP GET
 request and MUST be protected by HTTPS, be
 hosted on a server local to the RO's browser ("localhost"), or
-use an application-specific URI scheme.
+use an application-specific URI scheme that is loaded on the end user's device.
 
 ### Interaction at the Static User Code URI {#interaction-usercode}
 
@@ -2835,7 +2836,7 @@ the URI is usually opened on a separate device from the client instance
 itself. The URI MUST be accessible from an HTTP GET
 request and MUST be protected by HTTPS, be
 hosted on a server local to the RO's browser ("localhost"), or
-use an application-specific URI scheme.
+use an application-specific URI scheme that is loaded on the end user's device.
 
 
 In many cases, the URI indicates a web page hosted at the AS, allowing the
@@ -2885,7 +2886,7 @@ the URI is usually be opened on a separate device from the client instance
 itself. The URI MUST be accessible from an HTTP GET
 request and MUST be protected by HTTPS, be
 hosted on a server local to the RO's browser ("localhost"), or
-use an application-specific URI scheme.
+use an application-specific URI scheme that is loaded on the end user's device.
 
 
 In many cases, the URI indicates a web page hosted at the AS, allowing the