I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  (I previously reviewed version -03.) These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments. This is a lengthy draft specifying an XML Media Control Channel Framework Package for Interactive Voice Response (IVR) dialog interaction. The Security Considerations Section is commensurately long, listing threats and areas where security MUST be "addressed". The threats described seem reasonably comprehensive. For protection against these threats and the required addressing of security, the Security Considerations Section of this draft references the Security Consideration and other Sections of draft-ietf-mediactrl-sip-control-framework-11 (Media Control Channel Framework) as well as the Security Considerations of RFC 3023 (XML Media Types). These other document seem to provide adequate measures to protect against the threats mentioned in the document being reviewed. Overall, I believe the Security Consideration section is satisfactory and an improved from the -03 draft I previously reviewed. Thanks, Donald =============================  Donald E. Eastlake 3rd   +1-508-634-2066 (home)  155 Beaver Street  Milford, MA 01757 USA   d3e3e3 at gmail.com