diff --git a/spec/VISSv2_Core.html b/spec/VISSv2_Core.html
index a7f34ce..b0d5770 100644
--- a/spec/VISSv2_Core.html
+++ b/spec/VISSv2_Core.html
@@ -928,7 +928,7 @@ Subscription Event Triggering
Access Control Model
Access control MUST be supported. However, in this chapter only the sections that describe the interactions between the
- client and the VISSv2 server are normative.
+ client and the VISSv2 server are mandatory.
Access control SHALL not be applied to the VSS nodes containing the VSS version data,
and not to client requests for dynamic metadata about the server capabilities,
or about the access control selection tags applied to the VSS tree.
@@ -1000,7 +1000,8 @@
Access Grant Request
The request shall contain the Context and Proof parameters below, the other two are optional:
- - VIN: The vehicle identification number. This may be a pseudo-VIN,
+
- VIN: The vehicle identification number. Instead of the
+ assigned VIN a generated hash can be used as a pseudo VIN,
or any other identity that uniquely links to the vehicle in the access control ecosystem.
- Context: The context associated to the client.
The context consists of a triplet of roles for user, app permissions,
@@ -1579,7 +1580,8 @@
Application Roles
- Third party
An OEM application role is used for applications that are pre-installed in the vehicle by the OEM, or later OEM-provisioned to the vehicle.
- A Third party application role is used for applications that are "certified" for vehicle deployment, but developed by a third party.
+ A Third party application role is used for applications that
+ are approved by automotive manufacturer for vehicle deployment, but developed by a third party.