Include threat "no built-in mechanism for integrity"

[pchampin]

We (the chairs and I) just had a meeting with the Security IG, on building a threat model for RDF.

One point was raised: RDF does not provide any build-in integrity mechanism. That's threat that we should at least mention. We can also mention that other specifications provide ways to mitigate this threat (one could for example sign a particular serialization, or use RDF-CANON to sign the graph/dataset itself, alla Data Integrity). We could also point that some "RDF yielding" formats (other than the ones we define) may include some integrity mechanism (e.g. application/vc, as defined by https://www.w3.org/TR/vc-data-model-2.0/).