diff --git a/source/specifications/direct-url-data-structure.rst b/source/specifications/direct-url-data-structure.rst
index 9ec8e2e34..6a4e8fe01 100644
--- a/source/specifications/direct-url-data-structure.rst
+++ b/source/specifications/direct-url-data-structure.rst
@@ -31,6 +31,9 @@ Depending on what ``url`` refers to, the second field MUST be one of ``vcs_info`
 local directory). These info fields have a (possibly empty) subdictionary as
 value, with the possible keys defined below.
 
+Security Considerations
+-----------------------
+
 When persisted, ``url`` MUST be stripped of any sensitive authentication information,
 for security reasons.