changed text on client_metadata and added case-sensitive to error text

openid · Mar 14, 2024 · a21eba3 · a21eba3
1 parent 56ef646
commit a21eba3
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/openid-4-verifiable-presentations-1_0.md b/openid-4-verifiable-presentations-1_0.md
@@ -272,7 +272,8 @@ A public key to be used by the Wallet as an input to the key agreement to encryp
 : OPTIONAL. A string determining the HTTP method to be used with the `request_uri` included in the same request. Two case-insensitive values are defined for `request_uri_method` in this specification: `get` and `post`. If `request_uri_method` is `get`, the Wallet MUST send the request to retrieve the Request Object using the HTTP GET method, i.e., as defined in [@RFC9101]. If `request_uri_method` is `post`, a supporting Wallet MUST send the same request using the HTTP POST method as detailed in (#request_uri_method_post). 
 `request_uri_method` MUST only be present if the request contains a `request_uri` parameter. If the `request_uri_method` parameter is not present, the Wallet MUST process the `request_uri` as defined in [@RFC9101]. Wallets not supporting the method `post` will send a GET request to the request URI (default behavior as defined in [@RFC9101]).  
 
-If the Verifier uses the `request_uri_method` set to `post`, it SHOULD add the `client_metadata` parameter to the authorization request to pass its capabilities. This enables the Wallet to assess the Verifier's capabilities, allowing it to transmit only the relevant capabilities through the `wallet_metadata` request parameter in the Request URI POST request. If the Verifier uses the parameter `client_id_scheme` in the Request Object, it MUST also add the same `client_id_scheme` value in the Authorization Request.   
+If the Verifier uses the `request_uri_method` set to `post`, it SHOULD add the `client_metadata` parameter to the authorization request, if there is no other means to convey its capabilities to the Wallet. 
+This enables the Wallet to assess the Verifier's capabilities, allowing it to transmit only the relevant capabilities through the `wallet_metadata` request parameter in the Request URI POST request. If the Verifier uses the parameter `client_id_scheme` in the Request Object, it MUST also add the same `client_id_scheme` value in the Authorization Request.   
 
 The following additional considerations are given for pre-existing Authorization Request parameters:
 
@@ -772,7 +773,7 @@ This document also defines the following additional error codes and error descri
 
 `invalid_request_uri_mode`:
 
-- The value of the `request_uri_method` request parameter is neither `get` nor `post`.
+- The value of the `request_uri_method` request parameter is neither `get` nor `post` (case-sensitive).
 
 
 ## VP Token Validation