Overview#Guidelines for Writing RFC Text on Security Considerations is defined in Best Current Practice (BCP 72 RFC 3552)
All RFCs are required by RFC 2223 to contain a Security Considerations section. The purpose of this is both to encourage document authors to consider security in their designs and to inform the reader of relevant security issues. RFC 3552 is intended to provide guidance to RFC authors in service of both ends.
RFC 3552 is structured in three parts.
- the first is a combination security tutorial and definition of common terms
- the second is a series of guidelines for writing Security Considerations;
- the third is a series of examples.