The DS and AS may also apply additional policies to MLS operations to obtain
additional security properties. For example, MLS enables any participant to add
or remove members of a group; a DS could enforce a policy that only certain
members are allowed to perform these operations. MLS authenticates all members
of a group; a DS could help ensure that only clients with certain types of
credential are admitted. MLS provides no inherent protection against denial of
service; A DS could also enforce rate limits in order to mitigate
these risks.
My sense is this belongs in Security Considerations, not here.
This removes the following graf:
The DS and AS may also apply additional policies to MLS operations to obtain additional security properties. For example, MLS enables any participant to add or remove members of a group; a DS could enforce a policy that only certain members are allowed to perform these operations. MLS authenticates all members of a group; a DS could help ensure that only clients with certain types of credential are admitted. MLS provides no inherent protection against denial of service; A DS could also enforce rate limits in order to mitigate these risks.
My sense is this belongs in Security Considerations, not here.