Ok, I misremembered. I hear you. I originally got that from Guttman who focused on shredding claims of high-assurance security as much as verification. Others and I did submit a few things on limitations to Lobsters. They were general. I'll resubmit them to Laarc after I dig them up if you're interested. They might find them interesting, too.