Text subsequently revised to allow for the possibility of directly incorporating
a security capability in D-mode as follows:

   D-mode uses UDP, as a suitable NAT-friendly encapsulation which does
   not require per-message shared state to be maintained between the
   peers.  It is currently an assumption that long-term evolution of
   GIST will preserve the simplicity of the current D-mode design.
   Extensions to the security or transport capabilities of D-mode can be
   provided equivalently by selecting a different protocol stack under
   the GIST messaging layer, which would then become another option
   within the overall C-mode framework.  This includes both the case of
   using existing protocols, and specific development of a message
   exchange and payload encapsulation to support GIST requirements.
   Alternatively, if any necessary parameters (e.g. a shared secret for
   use in integrity or confidentiality protection) can be negotiated
   out-of-band, then the additional functions can be added directly to
   D-mode by adding an optional object to the message (see
   Appendix A.2.1).  Note that downgrade attacks on such approach would
   need to be prevented by policy at the destination node, similar to
   the situation discussed in Section 8.6.