Hi,



I have reviewed this document as part of the security directorate's 


ongoing effort to review all IETF documents being processed by the IESG. 


These comments were written primarily for the benefit of the security area 


directors.  Document editors and WG chairs should treat these comments 


just like any other last call comments.






This document looks to be well thought out and almost complete.  I would 


like to see a statement in the Security Considerations section that this 


specification adheres to the Security Considerations section of RFC 3315, 


and augments it by describing the disposition of unknown messages.






Other than that, the only very minor nit that I have is that the second 


and third paragraphs of the Security Considerations section are a single 


thought and should be combined.




Thanks,
Chris