Update annex-2-high-level-requirements.md

Solving #332.
eu-digital-identity-wallet · Nov 13, 2024 · e97db1e · e97db1e
1 parent 5a149db
commit e97db1e
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/docs/annexes/annex-2/annex-2-high-level-requirements.md b/docs/annexes/annex-2/annex-2-high-level-requirements.md
@@ -1358,7 +1358,7 @@ Where requirements in this Topic refer to a 'requesting Wallet Unit', what is me
 | EDP_02 | The Provider of an attestation that includes an embedded disclosure policy as meant in EDP_01 SHALL comply with the applicable Rulebook when including an embedded disclosure policy in the attestation. |
 | EDP_03 | An embedded disclosure policy created by an Attestation Provider SHALL only refer to information provided in an authenticated manner to the Wallet Unit by the Relying Party or the requesting Wallet Unit. <br><br>Note: A future version of this ARF will specify a method for the Attestation Provider to ensure that the Relying Party (or requesting Wallet Unit) can provide such authenticated information to the Wallet Instance. A possibility is to use Attribute Certificates as specified in RFC 5755, referencing the Relying Party access certificate. This will be discussed with Member States for ARF 2.0.|
 | EDP_04 | Empty |
-| EDP_05 | The Wallet Unit SHALL provide to the User information on an embedded disclosure policy and any information provided by the Relying Party or by the requesting Wallet Unit, in order for the User to decide regarding the disclosure of the attributes requested by the Relying Party. |
+| EDP_05 | An embedded disclosure policy SHOULD contain a link to a website of the Attestation Provider explaining the disclosure policy in layman's terms. If this is the case, the Wallet Unit SHALL display the link to the User and allow them to navigate to that website. |
 | EDP_06 | The Wallet Unit SHALL be capable of evaluating an embedded disclosure policy in conjunction with the information received from the requesting Relying Party or the requesting Wallet Unit, in order to determine if the Relying Party or the requesting Wallet Unit has permission from the Attestation Provider to access the requested attributes. |
 | EDP_07 | The Wallet Unit SHALL enable the User, based on the outcome of the evaluation of the embedded disclosure policy, to deny or allow the presentation of the requested electronic attestation of attributes to the requesting Relying Party or the requesting Wallet Unit. |
 | EDP_08 | The Commission SHALL take measures to create a technical specification establishing common mechanisms for the specification of embedded disclosure policies by PID Providers and Attestation Providers, and for the evaluation of such policies by Wallet Instances. |