I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This draft specifies a version of Bidirectional Forwarding Detection (BFD) that allows for better efficiencies in provisioning and path monitoring of network node infrastructure. The security considerations section does exist and asserts that the security considerations that pertains to the base BFD protocol, RFC 5880, also applies to this protocol. The section continues with guidance on authenticating data, replay, and DoS avoidance, specific to this protocol. I agree with most of the recommendations outlined and assertions presented in this section. 5880 is forthcoming with the various vulnerabilities/limitations of the base protocol. However, the draft does not cover the case where an attacker impersonates the SBFDInitiator, but does cover the SBFDReflector scenario. General comments: None. Editorial comments: s/Once above setup/Once the above setup/ s/it can quickly/can quickly/ s/and IS-IS will advertises/and IS-IS advertises/ s/then response S-BFD/then a response S-BFD/ s/allocated a same/allocated the same/ s/Remainder of this/The remainder of this/ s/for above suggestions/for the suggestions above/ s/that discriminator/that the discriminator/ s/for a same/for the same/ s/is to have following/has the following/ ... I stopped after this. Please have someone review the rest of the draft for grammar. It will be hard to read w/o these updates. Shawn. --