I have reviewed this document as part of security directorate review.  

I think the document has one issue that should be addressed.  Shouldn't this document also reference RFC9253 in the security consideration since ti is dealing with Links?