diff --git a/README.rst b/README.rst
index 4a3943b..fd63cf4 100644
--- a/README.rst
+++ b/README.rst
@@ -1,14 +1,6 @@
 A complete OpenID Connect implementation
 ========================================
 
-This will eventually be a complete implementation of OpenID Connect.
-And as a side effect a fairly complete implementation of OAuth2.0 .
-
-But while the standards are in the flux they are, the best I can do is
-to track them as close as possible.
-
-Expect a certain time-laps between changes of the documents and the
-corresponding change of the code. I will strive to keep the time lap as
-short as possible.
-
-
+This a fairly complete implementation of OpenID Connect as
+specified in http://openid.net/specs/openid-connect-core-1_0.html.
+And as a side effect a complete implementation of OAuth2.0 too.
diff --git a/script/client_management.py b/script/client_management.py
index d516119..334420c 100755
--- a/script/client_management.py
+++ b/script/client_management.py
@@ -133,7 +133,7 @@ if __name__ == "__main__":
     parser.add_argument('-d', dest='delete', action='store_true',
                         help="delete the entity with the given client_id")
     parser.add_argument('-c', dest='create', action='store_true',
-                        help=("create a new client, returns the stored" ""
+                        help=("create a new client, returns the stored "
                               "information"))
     parser.add_argument('-s', dest='show', action='store_true',
                         help=("show information connected to a specific"
diff --git a/src/oic/oic/message.py b/src/oic/oic/message.py
index 0c5fe46..c2e0bb8 100644
--- a/src/oic/oic/message.py
+++ b/src/oic/oic/message.py
@@ -611,7 +611,7 @@ class IdToken(OpenIDSchema):
                         assert self["azr"] in self["aud"]
                     except AssertionError:
                         raise VerificationError(
-                            "Missmatch between azr and aud claims", self)
+                            "Mismatch between azr and aud claims", self)
 
         if "azr" in self:
             if "client_id" in kwargs:
diff --git a/src/oic/oic/provider.py b/src/oic/oic/provider.py
index bd60d47..ec7e973 100644
--- a/src/oic/oic/provider.py
+++ b/src/oic/oic/provider.py
@@ -267,7 +267,11 @@ class Provider(AProvider):
         if alg == "":
             alg = self.jwx_def["sign_alg"]["id_token"]
 
-        logger.debug("Signing alg: %s [%s]" % (alg, alg2keytype(alg)))
+        if alg:
+            logger.debug("Signing alg: %s [%s]" % (alg, alg2keytype(alg)))
+        else:
+            alg = "none"
+
         _idt = self.server.make_id_token(session, loa, self.baseurl, alg, code,
                                          access_token, user_info, auth_time)
 
@@ -754,7 +758,10 @@ class Provider(AProvider):
         try:
             alg = client_info["id_token_signed_response_alg"]
         except KeyError:
-            alg = self.jwx_def["sign_alg"]["id_token"]
+            try:
+                alg = self.jwx_def["sign_alg"]["id_token"]
+            except KeyError:
+                alg = "none"
 
         id_token = self.id_token_as_signed_jwt(sinfo, alg=alg,
                                                code=code,
@@ -1123,12 +1130,18 @@ class Provider(AProvider):
 
         if "redirect_uris" in request:
             ruri = []
-            client_type = request["application_type"]
+            try:
+                client_type = request["application_type"]
+            except KeyError:  # default
+                client_type = "web"
 
             if client_type == "web":
-                if request["response_types"] == ["code"]:
-                    must_https = False
-                else:  # one has to be implicit or hybrid
+                try:
+                    if request["response_types"] == ["code"]:
+                        must_https = False
+                    else:  # one has to be implicit or hybrid
+                        must_https = True
+                except KeyError:
                     must_https = True
             else:
                 must_https = False
diff --git a/src/oic/utils/authn/user.py b/src/oic/utils/authn/user.py
index bd0d46a..0927bcd 100644
--- a/src/oic/utils/authn/user.py
+++ b/src/oic/utils/authn/user.py
@@ -94,7 +94,18 @@ class UserAuthnMethod(CookieDealer):
 
             return {"uid": uid}
 
-    def generate_return_url(self, return_to, uid):
+    def generate_return_url(self, return_to, uid, path=""):
+        """
+        :param return_to: If it starts with '/' it's an absolute path otherwise
+        a relative path.
+        :param uid:
+        :param path: The verify path
+        """
+        if not return_to.startswith("/"):
+            p = path.split("/")
+            p[-1] = return_to
+            return_to = "/".join(p)
+
         return create_return_url(return_to, uid, **{self.query_param: "true"})
 
     def verify(self, **kwargs):
@@ -289,7 +300,8 @@ class UsernamePasswordMako(UserAuthnMethod):
             try:
                 return_to = self.generate_return_url(kwargs["return_to"], _qp)
             except KeyError:
-                return_to = self.generate_return_url(self.return_to, _qp)
+                return_to = self.generate_return_url(self.return_to, _qp,
+                                                     kwargs["path"])
             return Redirect(return_to, headers=[cookie]), True
 
     def done(self, areq):