tag update for 13.3.2 / 13.1.6

5.0/en/0x21-V13-API.md

@@ -19,7 +19,7 @@ This is a placeholder for future documentation requirements.
 | **13.1.3** | [DELETED, MERGED TO 8.3.1] | | | | |
 | **13.1.4** | [DELETED, COVERED BY 4.1.6] | | | | |
 | **13.1.5** | [DELETED, INSUFFICIENT IMPACT] | | | | |
-| **13.1.6** | [MODIFIED, MOVED FROM 13.2.6, LEVEL L2 > L3] Verify that per-message digital signatures are used to provide additional assurance on top of transport protections for requests or transactions which are highly sensitive or which traverse a number of systems. | | | ✓ | 345 |
+| **13.1.6** | [MODIFIED, MOVED FROM 13.2.6, COVERS 13.3.2, LEVEL L2 > L3] Verify that per-message digital signatures are used to provide additional assurance on top of transport protections for requests or transactions which are highly sensitive or which traverse a number of systems. | | | ✓ | 345 |
 | **13.1.7** | [MODIFIED, MOVED FROM 14.4.1, COVERS 5.3.2] Verify that every HTTP response with a message body contains a Content-Type header field that matches the actual content of the response, including the charset parameter to specify safe character encoding (e.g., UTF-8, ISO-8859-1) according to IANA Media Types, such as "text/", "/+xml" and "/xml". | ✓ | ✓ | ✓ | 173 |
 | **13.1.8** | [ADDED] Verify that HTTPS-based endpoints either return an error or do not respond to unencrypted HTTP requests which contain sensitive data in the headers or body. If a client is erroneously sending unencrypted HTTP requests but the requests are being automatically redirected to HTTPS, this leakage of sensitive data may go undiscovered. | | ✓ | ✓ | |
 
@@ -45,7 +45,7 @@ Note: Due to issues with XXE attacks against DTDs, DTD validation should not be
 | # | Description | L1 | L2 | L3 | CWE |
 | :---: | :--- | :---: | :---: | :---: | :---: |
 | **13.3.1** | [DELETED, MERGED TO 13.2.2] | | | | |
-| **13.3.2** | [DELETED, DUPLICATE OF 13.2.6] | | | | |
+| **13.3.2** | [DELETED, COVERED BY 13.1.6] | | | | |
 
 ## V13.4 GraphQL