From 43506cd74ef2bf74f14ecd4005650ae16bd764df Mon Sep 17 00:00:00 2001
From: Daniel Fett <mail@danielfett.de>
Date: Mon, 5 Jun 2023 17:46:33 +0200
Subject: [PATCH] Editorial change to fix #71

---
 attacks-and-mitigations.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/attacks-and-mitigations.md b/attacks-and-mitigations.md
index f18b4e0..cf4e239 100644
--- a/attacks-and-mitigations.md
+++ b/attacks-and-mitigations.md
@@ -172,9 +172,9 @@ fragment and obtain the access token.
    
 The complexity of implementing and managing pattern matching correctly obviously
 causes security issues. This document therefore advises to simplify the required
-logic and configuration by using exact redirect URI matching. This means
-the authorization server MUST compare the two URIs using simple string
-comparison as defined in [@!RFC3986], Section 6.2.1. The only exception are
+logic and configuration by using exact redirect URI matching. This means the
+authorization server MUST ensure that the two URIs are equal, see [@!RFC3986],
+Section 6.2.1, Simple String Comparison, for details. The only exception are
 native apps using a `localhost` URI: In this case, the AS MUST allow variable
 port numbers as described in [@!RFC8252], Section 7.3.