I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The document defines an ASN.1 container for symmetric keys. This seems useful. For the most part the document is clear. I have the following comments (I also copied the authors of draft-ietf-keyprov-pskc-05 since some of the comments may more pertain to that document). 1. Is the sKey value encrypted or clear text? 2. Section 3.2.12 Value MAC I was not clear to me how this MAC was calculated. What exactly does it cover? I assume it is the octet string in the sKey field in the OneSymmetricKey sequence. Does it include the ASN.1 encoding or not. 3. Why is section 4 necessary in draft-ietf-keyprov-symmetrickeyformat-07 and not in http://tools.ietf.org/html/draft-ietf-keyprov-pskc-05 ? Thanks, Joe