<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=utf-8">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    Hi Jörg,<br>
    <br>
    thanks for producing a new revision, which covers context and
    login_token_hint (@all: it's published at
<a class="moz-txt-link-freetext" href="https://bitbucket.org/openid/mobile/raw/default/draft-mobile-authentication-01.txt">https://bitbucket.org/openid/mobile/raw/default/draft-mobile-authentication-01.txt</a>).<br>
    <br>
    Please find attached my comments as well as proposed text for
    security/privacy considerations sections and other aspects. <br>
    <meta http-equiv="content-type" content="text/html; charset=utf-8">
    <title></title>
    <meta name="generator" content="LibreOffice 4.4.6.3 (Windows)">
    <style type="text/css">
                @page { margin: 2cm }
                pre { direction: ltr; color: #00000a; text-align: left; orphans: 0; widows: 0 }
                pre.western { font-family: "Liberation Mono", serif; so-language: de-DE }
                pre.cjk { font-family: "NSimSun"; so-language: zh-CN }
                pre.ctl { font-family: "Liberation Mono"; so-language: hi-IN }
                p { margin-bottom: 0.25cm; direction: ltr; color: #00000a; line-height: 120%; text-align: left; orphans: 0; widows: 0 }
                p.western { font-family: "Liberation Serif", serif; font-size: 12pt; so-language: de-DE }
                p.cjk { font-family: "SimSun"; font-size: 12pt; so-language: zh-CN }
                p.ctl { font-family: "Arial"; font-size: 12pt; so-language: hi-IN }
                a:link { so-language: zxx }
        </style><br>
    I would like to bring one question to the group's attention: Do we
    want to require the login_token_hint to be signed? What is the main
    reason? Issuer authenticity?<br>
    <br>
    best regards,<br>
    Torsten.<br>
  </body>
</html>