Add privacy consideration on profiling of requestors (#157)

* add privacy consideration on profiling of requestors

* Incorporate suggestions for clarity

Co-authored-by: Ted Thibodeau Jr <[email protected]>

---------

Co-authored-by: Ted Thibodeau Jr <[email protected]>

Author: wip-abramson

index.html

@@ -2538,9 +2538,14 @@ <h1>Privacy Considerations</h1>
 	<p class="issue">TODO: Define privacy considerations for DID resolution</p>
 
 	<section id="profiling-requesters">
-		<h2>Non-DID Identifiers</h2>
-		<p class="issue" data-number="95">There is discussion about minimizing the extent of profiling of requesters
-		from DID Resolvers.
+		<h2>Profiling of DID Resolution and Dereferencing Requesters</h2>
+		<p><a>DID resolvers</a> and <a>DID URL dereferencers</a> will be able to log requests
+			to their services for resolution and dereferencing. Over time, these logs could be used to track 
+			and profile the clients making requests for these services. To mitigate this privacy risk, 
+			clients should make such requests to services they trust, for example, 
+			because of an existing business relationship or because the service is running on 
+			infrastructure they control. Clients can also take steps to obfuscate their 
+			requests to a service in order to limit the possibilities of correlation and profiling.
 		</p>
 
 	</section>