Dear all,  

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments.

In the intro, you refer to a number of attacks against TLS. Please provide references.


Section 1 and 2:
>    In order to avoid the confusion that would occur in attempting to 
>    describe an X.509 extension describing the use of TLS extensions, in 
>    this document the term 'extension' is reserved to refer to X.509v3 
>    extensions and the term 'feature' is used to refer to a TLS 
>    extension.
> 
> 2. Purpose
> 
>    The purpose of the TLS feature extension is to prevent downgrade 
>    attacks that are not otherwise prevented by the TLS protocol.

You should probably clarify in the terminology section what you mean by "TLS feature extension".


Section 3.3.1:

>    A CA SHOULD NOT issue certs with a TLS feature extension unless there
>    is an affirma

Please expand the acronym.


Thank you,
Tina