12.3.1. State maintenance
A Relay SHOULD have mechanisms to prevent malicious endpoints from flooding it with PUBLISH_NAMESPACE or SUBSCRIBE_NAMESPACE requests that could bloat data structures. It could use the advertised MAX_REQUEST_ID to limit the number of such requests, or could have application-specific policies that can reject incoming PUBLISH_NAMESPACE or SUBSCRIBE_NAMESPACE requests that cause the state maintenance for the session to be excessive.
12.3.2. SUBSCRIBE_NAMESPACE with short prefixes
A Relay can use authorization rules in order to prevent subscriptions closer to the root of a large prefix tree. Otherwise, if an entity sends a relay a SUBSCRIBE_NAMESPACE message with a short prefix, it can cause the relay to send a large volume of PUBLISH_NAMESPACE messages. As churn continues in the tree of prefixes, the relay would have to continue to send PUBLISH_NAMESPACE/PUBLISH_NAMESPACE_DONE messages to the entity that had sent the SUBSCRIBE_NAMESPACE.
TODO: Security/Privacy Considerations of MOQT_IMPLEMENTATION parameter