On Fri, 19 Feb 2016, John C Klensin wrote:
Stephen, I think such a paragraph would be a significant step forward. I don't think it is a substitute for any of the drafts being clear about known issues and security risks, including warnings (aka "considerations") about the difference between obtaining a key and authentication of the key vis-a-vis the supposed key owner. I don't know whether you consider that separate from "...other points made about this draft." or not.
I would feel it to be very constructive if we could focus on specific text. We already merged in a bunch of text on request from the openpgpkey-usage document to satisy the earlier requests for security considerations. Paul