+The use of these attributes dictates whether the attributes need to
+be secured or not. However, as the attributes are considered to provide
+accurate status information about specific user, it is suggested that
+the attributes would be secured. The attributes should be digitally
+signed whenever it is possible. Attributes can also be encrypted
+if it is provided by the protocol using the attributes. A third party,
+like a server in the network, could also verify the information and provide
+digital signature in case the information is accurate.
+
+Even though the attributes would be digitally signed by the sender of
+the attributes, the information contained in the attribute may still
+be incorrect. The third party server should not apply digital signature
+unless it can verify every attribute. The receiver of the attributes
+should also not trust that the information infact is correct.
+
+However, it is possible that the context where these attributes are used
+the attributes are provided by a party that can provide the accurate
+information. For example a server in the network could reply to the
+attributes on behalf of the actual user for some of the attributes.