This document seems to provide a reasonable contribution and I have no opinion on the subject matter of this document.

However the security consideration section seems to lack relevant information.
The current security considerations section raise the threat of DOS attacks.
It is, however, not clear to me how the risk of DOS is affected or mitigated by the fact that request for preview data is restricted to authenticated clients.
A discussion of this seems at least to be relevant for the context.