From 719d9005cd62b4f041c23d1433ea85f919a20ad2 Mon Sep 17 00:00:00 2001
From: Giuseppe De Marco <giuseppe.demarco@teamdigitale.governo.it>
Date: Mon, 13 May 2024 10:10:19 +0200
Subject: [PATCH] Apply suggestions from code review

---
 docs/en/pid-eaa-data-model.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/en/pid-eaa-data-model.rst b/docs/en/pid-eaa-data-model.rst
index f886c11f7..d96e16813 100644
--- a/docs/en/pid-eaa-data-model.rst
+++ b/docs/en/pid-eaa-data-model.rst
@@ -85,7 +85,7 @@ The following claims MUST be in the JWT payload. Some of these claims can be dis
       - [NSD].URL string representing the PID/(Q)EAA Issuer unique identifier.
       - `[RFC7519, Section 4.1.1] <https://www.iana.org/go/rfc7519>`_.
     * - **sub**
-      - [NSD].The identifier of the subject of the Digital Credential, the User, must be opaque and should not correspond to any anagraphic data or be derived from the User's anagraphic data through pseudonymization.
+      - [NSD]. The identifier of the subject of the Digital Credential, the User, MUST be opaque and MUST NOT correspond to any anagraphic data or be derived from the User's anagraphic data via pseudonymization. Additionally, it is required that two different Credentials issued MUST NOT use the same ``sub`` value.
       - `[RFC7519, Section 4.1.2] <https://www.iana.org/go/rfc7519>`_.
     * - **iat**
       - [SD].UNIX Timestamp with the time of JWT issuance, coded as NumericDate as indicated in :rfc:`7519`.