3.1.5.2.2.2 PolicyVersion

As detailed in the LsRequestSecurityToken Response section, the response MUST contain a version number and GUID representing the configuration data described in the LsRequestSecurityToken, RequestSecurityTokenWithToken, and LsRequestSecurityTokenWithCookie sections. Similarly to a GetProxyTrustConfiguration response message, this version number and GUID MUST be compared to the locally cached information. If the GUID from the response is different than the GUID cached locally, then the server has newer configuration data and the client SHOULD emit a GetProxyTrustConfiguration request to update its local cache. If the response GUID and locally cached GUID are identical, but the locally cached version number is less than the response version number, then the server has newer configuration data and the client SHOULD emit a GetProxyTrustConfiguration request to update its local cache. If there is no locally cached data, the version number and GUID MUST be ignored.<10>