Hi, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving security requirements and considerations in IETF drafts. Comments not addressed in last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last call comments. Summary: Probably ready to publish Details: I noticed that this draft has RFC2119 MUST/MUST NOT directives in the Security Considerations section. However this is not a repetition of similar language elsewhere in the draft. Is this allowed? There is also similar 2119 language in the Introduction. -derek -- Derek Atkins 617-623-3745 derek at ihtfp.com www.ihtfp.com Computer and Internet Security Consultant