Check for Separate Security and Privacy sections

[svgeesus]

It has been common to have a single section for this, for example:

<h2 id="priv-sec">
Security and Privacy Considerations
</h2>

No new security or privacy considerations have been raised on this specification.

This is no longer allowed. The horizontal review guidelines mentions separate Security Considerations and Privacy Considerations sections.

Before requesting privacy and security reviews from the Privacy Interest Group (PING) and security reviewers, respectively, authors must write both "Security Considerations" and "Privacy Considerations" sections for their documents,
https://w3ctag.github.io/security-questionnaire/#reviews

Furthermore, the issue template for Privacy review states:

• Does your document have an in-line Privacy Considerations section, separate from Security Considerations? If not, corrrect that before proceeding further.

which is an annoying thing to discover, the day you publish a CRD to get wide review, given that pubrules give no complaint for this.

[tabatkins]

Sigh, it would be great to actually see these changes somewhere before they're live. Would also be nice to see what the actual reasoning was for "priv and sec must be separate sections".

Oh well, I'll fix the check to make this disallowed, I suppose.