I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This internet-draft describes a way to provide a client link-layer addresses in DHCPv6 Relay-Forward messages.. The security considerations section does exist and discusses an attack scenario involving rogue relay agents and clients where a DHCPv6 node could spoof the address of a separate DHCPv4 node. Subsequently if a Dynamic DNS update is made then a dual-stack node could be made to connect to the DHCPv6 client instead of the DHCPv4 client. To thwart such an attack the draft recommends that administrators configure IPsec between the DHCP server(s) and the relay agents. Besides the security considerations of DHCP in general, I think that this document adequately covers the feature being introduced. General comments: None. Editorial comments: s/will help above mentioned scenarios/will help with the scenarios mentioned above/ s/used in wide/used in a wide/ Shawn. --