I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document allocates new media type for genera purpose content delivery network interconnection protocol. It is general media type which can be used to transmit whatever between CDNs. The actual format of the content depends on the mandatory ptype parameter. This document does not include separate Security considerations section, but there is security considerations part of the section 2.1 which describes the media type itself. As this is general purpose media type which can be used to transfer anything, the security considerations section is quite vague, just pointing out that the individual CDNI interface specifications need to specify the security considerations for the ptypes used. Perhaps the security considerations section could mention that as this is generic media type, it can easily used to transfer data out from the CDN network without anybody noticing as firewalls will most likely just see application/cdni, and do not look at the ptype itself. Nits: The ptype parameter defines ptype-char as follows: ptype-char = %x21 / %23-3A / %x3C / %x3E-7E I think there is 'x' missing from the "%23-3A", i.e. it should be "%x23-3A". I think this document is ready with nits. -- kivinen at iki.fi