** Section 12. I didn't come away from this section with a strong,
consistent understanding of which interactions needs which security
properties or what considerations are need for which roles.
Section 12.2 is at least clear on integrity,
but it also makes vague allusions to other properties.
-- Section 12.2 This section lists that there might be a need to support
additional security properties and provides list
(i.e., E2E encryption, DoS protection, authentication, etc.) .
What actionable guidance should be taken from this text?
How should one reason about those properties?