openid · Sakurann · Feb 13, 2025 · Jan 9, 2025 · Jan 9, 2025 · Jan 9, 2025
diff --git a/openid-4-verifiable-credential-issuance-1_0.md b/openid-4-verifiable-credential-issuance-1_0.md
@@ -2532,7 +2532,7 @@ The following is a non-normative example of a Wallet Attestation:
 
 ```
 {
-  "typ": "oauth-client-attestation+jwt"
+  "typ": "oauth-client-attestation+jwt",
   "alg": "ES256",
   "kid": "11"
 }
@@ -2558,6 +2558,8 @@ The following is a non-normative example of a Wallet Attestation:
 
 To use the Wallet Attestation towards the Authorization Server, the Wallet MUST generate a proof of possession according to Section 5.2 "Client Attestation PoP JWT" of Attestation-Based Client Authentication.
 
+The `sub` claim of the Wallet Attestation JWT is picked by the Wallet Provider and represents the `client_id` of the Wallet. This value should be shared by all Wallet Instances from that Wallet Provider for privacy reasons.
+
 # IANA Considerations
 
 ## OAuth URI Registry
@@ -2756,7 +2758,7 @@ The technology described in this specification was made available from contribut
 
    -16
 
-   *
+   * clarify client_id of wallet with wallet attestation
 
    -15