Add note about possible sensitive data in extensions

index.bs

@@ -5997,6 +5997,12 @@ a numbered step. If outdented, it (today) is rendered as a bullet in the midst o
 
         Note: Since all extensions are OPTIONAL for both the [=client=] and the [=authenticator=], the [=[RP]=] MUST also be
         prepared to handle cases where none or not all of the requested extensions were acted upon.
+
+        Note: Since some extension data may need to remain client-side, [=[RPS]=] MUST be prepared to remove data in
+        |clientExtensionResults| client-side before sending data to the server for ceremony completion. Since signatures are
+        based on |authData|, the [=[RP]=] MUST NOT rely on extensions whose corresponding [=authenticator extension outputs=]
+        in the <code>[=authData/extensions=]</code> in |authData| contains data that should remain client-side when relying on
+        the server to complete the ceremony.
     </li>
 
 1. Determine the attestation statement format by performing a USASCII case-sensitive match on |fmt| against the set of
@@ -6228,6 +6234,12 @@ a numbered step. If outdented, it (today) is rendered as a bullet in the midst o
 
         Note: Since all extensions are OPTIONAL for both the [=client=] and the [=authenticator=], the [=[RP]=] MUST also be
         prepared to handle cases where none or not all of the requested extensions were acted upon.
+
+        Note: Since some extension data may need to remain client-side, [=[RPS]=] MUST be prepared to remove data in
+        |clientExtensionResults| client-side before sending data to the server for ceremony completion. Since signatures are
+        based on |authData|, the [=[RP]=] MUST NOT rely on extensions whose corresponding [=authenticator extension outputs=]
+        in the <code>[=authData/extensions=]</code> in |authData| contains data that should remain client-side when relying on
+        the server to complete the ceremony.
     </li>
 
 1. Let |hash| be the result of computing a hash over the |cData| using SHA-256.