From Sam Hartman:

At several points in the document, the text refers to the secure attribute
passed from the NSLP to GIST as if it is a boolean.  Clearly there are a number
of potential security services including integrity, confidentiality,
authenticotion of one or both parties, etc.  While it would be nice to think of
security as a true/false switch this seems misleading.