From 40d5e7174a6c1b277260a7ac605d8219bfb53905 Mon Sep 17 00:00:00 2001
From: Thomas Fossati <thomas.fossati@linaro.org>
Date: Fri, 25 Oct 2024 10:53:36 +0200
Subject: [PATCH] more security considerations around U[CJ]CS

Signed-off-by: Thomas Fossati <thomas.fossati@linaro.org>
---
 draft-ietf-rats-eat-media-type.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/draft-ietf-rats-eat-media-type.md b/draft-ietf-rats-eat-media-type.md
index 9a81733..fe1fdc5 100644
--- a/draft-ietf-rats-eat-media-type.md
+++ b/draft-ietf-rats-eat-media-type.md
@@ -199,6 +199,8 @@ and cross-protocol attacks.
 
 The security consideration of {{EAT}} and {{UCCS}} apply in full.
 
+In particular, when using `application/eat-ucs+json` and `application/eat-ucs+cbor` the reader should review {{Section 3 of UCCS}}, which contains a detailed discussion about the characteristics of a "Secure Channel" for conveyance of such messages.
+
 # IANA Considerations
 
 [^to-be-removed]
@@ -483,7 +485,7 @@ Encoding considerations:
 : binary
 
 Security considerations:
-: {{Section 7 of UCCS}}
+: {{Sections 3 and 7 of UCCS}}
 
 Interoperability considerations:
 : n/a
@@ -534,7 +536,7 @@ Encoding considerations:
 : Same as {{JSON}}
 
 Security considerations:
-: {{Section 7 of UCCS}}
+: {{Sections 3 and 7 of UCCS}}
 
 Interoperability considerations:
 : n/a