Security considerations section
aphillips opened this issue · comments
In a comment on #576, @duerst noted:
I think this is all okay, except when it comes to security considerations. Somewhere in the spec, the fact that a message can contain arbitrary control characters should be clearly called out as a security issue.
This issue is to track this and other items to consider for a security considerations section of the spec, should we decide we need to create one. Add suggestions below.
Fixed in #588. Use new issues to request additional security considerations.