Section 6.1 of iTIP [RFC5546] defines a set of potential threats in a scheduling system, and Section 6.2 of [RFC5546] defines recommendations on how those can be addressed in protocols using iTIP. This specification addresses the iTIP threats in the following manner:
Spoofing the "Organizer"
Addressed by item 4 in Section 11.2.
Spoofing the "Attendee"
Addressed by Section 18.104.22.168 and item 2 in Section 11.2.
Unauthorized Replacement of the "Organizer"
Addressed by item 5 in Section 11.2.
Eavesdropping and Data Integrity
Addressed by requiring TLS. Flooding a Calendar: Addressed by requirements in Section 11.1.
Unauthorized REFRESH Requests
This specification does not support the REFRESH method.