diff --git a/docs/oid-info.md b/docs/oid-info.md
index defecfda8..dc323839b 100644
--- a/docs/oid-info.md
+++ b/docs/oid-info.md
@@ -49,7 +49,7 @@ Nice-to-haves:
 
 `1.3.6.1.4.1.57264.1.1` through `1.3.6.1.4.1.57264.1.6` are formatted as raw strings without any DER encoding.
 
-`1.3.6.1.4.1.57264.1.7` is formatted as a raw string, as per RFC 5280 4.2.1.6. 
+`1.3.6.1.4.1.57264.1.7` is formatted as a DER-encoded string in the SubjectAlternativeName extension, as per RFC 5280 4.2.1.6.
 
 `1.3.6.1.4.1.57264.1.8` through `1.3.6.1.4.1.57264.1.21` are formatted as DER-encoded strings; the ASN.1 tag is
 UTF8String (0x0C) and the tag class is universal.
@@ -114,7 +114,7 @@ This claim is the URI of the OIDC Identity Provider that digitally signed the
 identity token. For example: `https://oidc-issuer.com`.
 
 The difference between this extension and `1.3.6.1.4.1.57264.1.1` is that the extension value
-is formatted to the RFC 5280 specification.
+is formatted to the RFC 5280 specification as a DER-encoded string.
 
 ### 1.3.6.1.4.1.57264.1.9 | Build Signer URI
 
diff --git a/pkg/server/grpc_server_test.go b/pkg/server/grpc_server_test.go
index 3da933123..78ece53f0 100644
--- a/pkg/server/grpc_server_test.go
+++ b/pkg/server/grpc_server_test.go
@@ -942,13 +942,6 @@ func TestAPIWithGitHub(t *testing.T) {
 			t.Fatalf("unexpected extension value, expected %s, got %s", value, extValue)
 		}
 	}
-	// buildSignerURIExt, found := findCustomExtension(leafCert, asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 57264, 1, 9})
-	// if !found {
-	// 	t.Fatal("expected ref in custom OID")
-	// }
-	// if string(buildSignerURIExt.Value) != claims.Ref {
-	// 	t.Fatalf("unexpected build signer URI, expected %s, got %s", claims.Ref, string(buildSignerURIExt.Value))
-	// }
 }
 
 // Tests API with issuer claim in different field in the OIDC token