Merge pull request usnistgov#1660 from pgrassi-nist/assertion-examples

Closes usnistgov#587

sp800-63c/sec11_examples.md

@@ -5,7 +5,7 @@
 
 *This section is informative.*
 
-Three types of assertion technologies will be discussed: SAML assertions, Kerberos tickets, and OpenID Connect tokens. 
+Three types of assertion technologies are discussed below: SAML assertions, Kerberos tickets, and OpenID Connect tokens. This list is not inclusive of all possible assertion technologies, but does represent those that are commonly used in federated identity systems.
 
 ### 11.1. Security Assertion Markup Language (SAML)
 

sp800-63c/sec5_assertions.md

@@ -5,7 +5,7 @@
 
 *This section is normative.*
 
-An assertion is a packaged set of attribute values or attribute claims about or associated with an authenticated subscriber that is passed from the IdP to the RP in a federated identity system. Assertions contain a variety of information, including assertion metadata, attribute values and attribute claims about the subscriber, and other information that the RP can leverage, such as restrictions, and expiration time.
+An assertion is a packaged set of attribute values or attribute claims about or associated with an authenticated subscriber that is passed from the IdP to the RP in a federated identity system. Assertions contain a variety of information, including assertion metadata, attribute values and attribute claims about the subscriber, and other information that the RP can leverage, such as restrictions, and expiration time. This guideline does not restrict the type of protocol or data payload that is used to federate an identity, provided the chosen solution meets all mandatory requirements contained herein. 
 
 Assertions MAY represent only an authentication event, or MAY also represent attribute values and attribute claims regarding the subscriber.