From 765af8d00f9e225fb135553a32aa9107bae5c253 Mon Sep 17 00:00:00 2001
From: codedust <codedust@users.noreply.github.com>
Date: Wed, 12 Nov 2025 23:08:10 +0100
Subject: [PATCH] Proposal template: explicitly mention RFC 3552 in security
 section (#4378)

* Template: explicitly mention RFC 3552 in security section

Signed-off-by: codedust <codedust@users.noreply.github.com>

* Apply suggestions from code review

---------

Signed-off-by: codedust <codedust@users.noreply.github.com>
Co-authored-by: Travis Ralston <travpc@gmail.com>
---
 proposals/0000-proposal-template.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/proposals/0000-proposal-template.md b/proposals/0000-proposal-template.md
index 41f76d215..037ffa0a6 100644
--- a/proposals/0000-proposal-template.md
+++ b/proposals/0000-proposal-template.md
@@ -87,7 +87,8 @@ idea.
 
 **All proposals must now have this section, even if it is to say there are no security issues.**
 
-*Think about how to attack your proposal, using lists from sources like
+*Think about how to attack your proposal. See [RFC 3552](https://datatracker.ietf.org/doc/html/rfc3552)
+for things to think about, but in particular pay attention to lists from sources like
 [OWASP Top Ten](https://owasp.org/www-project-top-ten/) for inspiration.*
 
 *Some proposals may have some security aspect to them that was addressed in the proposed solution. This