I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This doc provides a template for other i-d's describing IODEF extensions. The template reminds authors that they need a security considerations section and cites 3552. The surrounding document has no security considerations of note. I'm fine with the doc moving forward as-is. Minor: The doc title and abstract use "IODEF" without expansion, but I think it's an uncommon enough term that expansion is needed. This doc's security considerations section says: "This document defines a template for extensions to IODEF; the security considerations for IODEF [RFC5070] apply." I might instead say "This document raises no security issues. Extensions defined using the template in Appendix A need to provide an analysis of security issues they may raise. See A.5 for more details."