The remark already talks about the outer elements as potential source
of xml:lang, but it does not explicitly mention the root <stream> open
element as further source. Better to spell this out explicitly to hint
implementors towards it.
* Some editing
* Explicitly mention the possible need for rate-limiting of caps
processing in Security Considerations
* Reference UTF-8 and Base64 RFCs
* Reference U+002E properly
* Clarify error condition for Hash Function Input algorithm