I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Document Abstract: The Dynamic Host Configuration Protocol for IPv6 (DHCPv6) provides a framework for passing configuration information to nodes on a network. This document describes new options for DHCPv6 which are required for booting a node from the network. Summary: This is a simple and straightforward DHCPv6 extensions. The Security considerations section is appropriate. Authors may consider highlighting the fact that downloading the wrong operating system could lead to compromise of data on local storage: 7. Security considerations In untrusted networks, a rogue DHCPv6 server could send the new DHCPv6 options described in this document. The booting clients could then be provided with a wrong URL so that the boot either fails, or even worse, the client boots the wrong operating system which has been provided by a malicious file server. To prevent this kind of attack, clients can use authentication of DHCPv6 messages (see chapter 21. in [RFC3315]). --julien