Update Security Considerations to not use BCP14 keywords

[SteveLasker]

From @mcr
https://mailarchive.ietf.org/arch/msg/scitt/sOGI7xcUaOJx5Zag8uqsygooLrc/

Please do not use BCP14 keywords in the Security Considerations.
SC should instead always reference some section in the Protocol specification where that was said, while explaining what threat was being mitigated.

Like the bit about TEEs, and the other bit about consensus algorithms, and finally the self-statements (Attestation results I guess?) about the TCB.
"Redundant Replicas" ought to be an entire section on it's own.

"remote attestation Evidence was appraised by a Relying Party "
HENK! Evidence iis appraised by a Verifier :-)

person-in-the-middle is not a term that I proposed in
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-richardson-saag-onpath-attacker%2F&data=05%7C02%7C%7Ce9ee8d279969424877f708dd1ba04c88%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C638697097466980054%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=UgSf4s3sv%2BirzoyYbc%2BRTq0Mx92uor3HwvCDzbQq8UM%3D&reserved=0

some of have proposed MITM be expanded now to:
*Meddler" in the Middle

(if cookies are the thing being stolen, then "Monster in the Middle".
This, btw, is a nom-nom-nom attack. Coming to an I-D repo near you)

[mcr]

Steve Lasker ***@***.***> wrote: > some of have proposed MITM be expanded now to: > *Meddler" in the Middle https://datatracker.ietf.org/doc/draft-richardson-saag-onpath-attacker/