Bruce Lilly wrote:
From: Ned Freed <ned.freed@xxxxxxxxxxx>
Which in turn works because there are always security considerations - the
closest thing to valid empty security considerations section we have is one
that says "this entire document is about security". A section that simply says
"there are no security considerations here" is invalid on its face and
indicates insufficient review has been done.
Possible counterexamples:
RFC 2234 [ABNF]:
Security is truly believed to be irrelevant to this document.
It's not completely irrelevant: ABNF constructions that may be confusing
(of which the RFC mentions several instances) are a possible contributing
factor to security bugs when implementing specifications that use ABNF.
--
David Hopwood <david.nospam.hopwood@xxxxxxxxxxxxxxxx>
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf