From d4ca0c237a7b744ffc05003b3a84b31f0b064367 Mon Sep 17 00:00:00 2001
From: David Baker <dave@matrix.org>
Date: Fri, 21 Jun 2019 09:25:16 +0100
Subject: [PATCH] Specify ID grammar and add comma

---
 proposals/2140-terms-of-service-2.md | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/proposals/2140-terms-of-service-2.md b/proposals/2140-terms-of-service-2.md
index b678881a9..dbdad3343 100644
--- a/proposals/2140-terms-of-service-2.md
+++ b/proposals/2140-terms-of-service-2.md
@@ -99,12 +99,13 @@ The server may instead choose to supply an `acceptance_token`, for example if,
 as in the IS API, the user is unauthenticated and therefore the server is
 unable to store the fact a user has agreed to a set of terms.
 
-The `acceptance_token` is opaque and it is up to the server how it computes it,
-but the server must be able to given an `acceptance_token`, compute whether it
-constitutes agreement to a given set of terms. For example, the simplest (but
-most verbose) implemenation would be to make the `acceptance_token` the JSON
-array of documents as provided in the request. A smarter implementation may be
-a simple hash, or even cryptograhic hash if desired.
+The `acceptance_token` is an opaque string contining characters
+`[a-zA-Z0-9._-]`. It is up to the server how it computes it, but the server
+must be able to, given an `acceptance_token`, compute whether it constitutes
+agreement to a given set of terms. For example, the simplest (but most verbose)
+implemenation would be to make the `acceptance_token` the JSON array of
+documents as provided in the request. A smarter implementation may be a simple
+hash, or even cryptograhic hash if desired.
 
 ### Third-Party Terms Account Data