From d17a0704cb06e3052d72cd19e00f03e7d746ae9c Mon Sep 17 00:00:00 2001
From: elf-pavlik <elf-pavlik@hackers4peace.net>
Date: Mon, 19 Jan 2026 17:07:35 -0600
Subject: [PATCH] fix autolinks causing bikeshed to error

---
 index.bs | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/index.bs b/index.bs
index 5a548d8..7f2f647 100644
--- a/index.bs
+++ b/index.bs
@@ -361,7 +361,7 @@ the verifying party MUST follow OpenID Connect Discovery 1.0 [[!OIDC-DISCOVERY]]
 
 When a Client performs an unauthenticated request to a protected resource,
 the Resource Server MUST respond with the HTTP <code>401</code> status code,
-and a <code>WWW-Authenticate</code> HTTP header. See also: [[RFC9110##name-www-authenticate]]
+and a <code>WWW-Authenticate</code> HTTP header. See also: [[RFC9110]](11.6.1. WWW-Authenticate)
 
 The <code>WWW-Authenticate</code> HTTP header MUST include an <code>as_uri</code>
 parameter unless the authentication scheme requires a different mechanism
@@ -427,7 +427,7 @@ Considerations in context of the Solid Protocol [[!SOLID-PROTOCOL]].
 
 ## TLS Requirements ## {#security-tls}
 
-All TLS requirements outlined in [[BCP195](https://tools.ietf.org/html/bcp195)] apply to this
+All TLS requirements outlined in [[BCP195]] apply to this
 specification.
 
 All tokens, Client, and User credentials MUST only be transmitted over TLS.
@@ -637,6 +637,11 @@ The JSON-LD context is defined as:
         "href": "https://docs.kantarainitiative.org/uma/wg/rec-oauth-uma-grant-2.0.html",
         "title": "User-Managed Access (UMA) 2.0 Grant for OAuth 2.0 Authorization",
         "publisher": "Kantara Initiative, Inc"
+    },
+    "BCP195": {
+        "href": "https://www.rfc-editor.org/info/bcp195",
+        "title": "Best Current Practice 195",
+        "publisher": "IETF"
     }
 }
 </pre>