Security Considerations (new section)

Users of WS-Addressing and EPRs SHOULD only use EPRs from sources they
trust. In practice this is likely to mean that such users only use EPRs
that are signed by parties the user of the EPR trusts.

EPRs as well as message addressing properties SHOULD be integrity
protected to prevent tampering. Such optional integrity protection can
be provided by transport, message level signature, and use of an XML
Digital Signature.

To prevent information disclosure, EPR issuers SHOULD NOT put sensitive
information into the [address] or [reference parameters] properties.

Some processors may use message identifiers ([message id]) as part of a
uniqueness metric in order to detect replays of messages. Care should be
taken to ensure that a unique identifier is actually used. For example,
it may be appropriate in some scenarios to combine the message
identifier with a timestamp.