5.1 Security Considerations for Implementers

Implementers need to ensure that SSL is used to authenticate that the server is the intended server referred to by the server endpoint URL. Implementers also need to ensure that the client role authenticates to the server role such that the server can trust the client to perform SSL client certificate authentication where appropriate. Otherwise there are no specific security considerations beyond those specified in normative references.