write security considerations

[npdoty]

Placeholder section currently points to self-review questionnaire, but not substantive analysis, overview of security-related topics throughout the specification or recommendations (or summary of normative recommendations elsewhere).

[simoneonofri]

as said in the call, happy to support the group!

[timcappalli]

@marcoscaceres on the last call, you made some comments about the security section not being needed as the spec should be "secure by default". Was your recommendation to remove the section altogether or add some text along those lines?