diff --git a/openid-4-verifiable-presentations-1_0.md b/openid-4-verifiable-presentations-1_0.md
index 8bcfb9ff..52b2ea7c 100644
--- a/openid-4-verifiable-presentations-1_0.md
+++ b/openid-4-verifiable-presentations-1_0.md
@@ -1410,6 +1410,30 @@ into the key derivation process that is used to derive the content encryption ke
 
 Note: For encryption, implementers have a variety of options available through JOSE, including the use of Hybrid Public Key Encryption (HPKE) as detailed in [@I-D.ietf-jose-hpke-encrypt]. 
 
+### ECDH-ES APU/APV Values
+When performing Reponse Encryption where the `alg` is ECDH-ES the `apv` MUST be set by the Wallet and validated by the Verifier. The value to set is is the base64url encodig of the sha-256 hash of the bytes of several fields concatanated. The fields to be concatanated is based on the response mode:
+
+  - When response mode is `direct_post.jwt` the `client_id`, `nonce`, `jwkThumbprint` and `responseUri`
+  - When response mode is `dc_api.jwt` the `origin`, `nonce` and `jwkThumbprint`
+  
+  where 
+  
+  - `client_id` is the `client_id` request parameter
+  - `nonce` is the `nonce` request parameter
+  - `jwkThumbprint` is the base64url encoded JWK SHA-256 Thumbprint (as defined in [@!RFC7638]) of the Verifier's public key used to encrypt the response
+  - `responseUri` is either the `redirect_uri` or the `response_uri` request parameter,
+  - `origin` is the string representing the Origin of the request as described in (#dc_api). MUST NOT be prefixed with `origin:`
+
+(TODO: Add two examples of the apv values, one for `direct_post.jwt` and another for `dc_api.jwt`).
+
+The fields MUST be concatenated in the order specified here before being hashed, and base64url encoded. To validate the `apv` the Verifier MUST construct the same value and compare it to the `apv` included in the protected header. If the `apv` value fails validation the Verifier MUST stop processing and discard the response. 
+
+These values are the same as those required to perform verification of the credential presentations. This binds the encryption to the presentation and allows the verifier to terminate processing early when the presentation is not meant for them.
+
+Note that because the `apv` is attached, this does not allow the encryption to fail closed (i.e. be unable to decrypt when the presentation is not meant for them), but the same approach could be taken when such an algorithm is supported.
+
+There are no requirements on the `apu` value so the Wallet may use any value (including leaving it empty).
+
 ### Response Mode "direct_post.jwt" {#direct_post_jwt}
 
 This specification also defines a new Response Mode `direct_post.jwt`, which allows for encryption to be used on top of the Response Mode `direct_post` defined in (#response_mode_post). The mechanisms described in (#response_mode_post) apply unless specified otherwise in this section.