Many of the potential risks outlined in the explainer are asserted to be mitigated through rate limiting. There's not a ton of discussion in that document about how you'll actually limit access to the API, suggesting instead that, for example, attacks "should be countered through rate limits on a per-unit-time, per-page, per-site (or some combination) basis".

Is there a document available with more detail about the limits you aim to put into place? Or is this part of the system still in an experimental phase that you'll solidify as we gain experience with the mechanism?