New section for Security Considerations after "Policy identifiers": 9.2.2 Policy administration If the contents of policies are exposed outside of the access control system, potential subjects may use this information to determine how to gain unauthorized access. To prevent this thread, the repository used for the storage of policies may itself require access control. In addition, the Status element should be used to return values of missing attributes only when exposure of the identities of those attributes will not compromise security.