I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments.

This document is establishing a container for publicly available enumeration values to be included in an IODEF [IODEF] document. Several questions about the proposed solution are listed as follows. 
1)	In this specification, a given enumeration is uniquely identified by the specIndex attribute. However the usage of ID is not clearly introduced. In the security consideration section, it is mentioned that the miss-match between the index and the ID may cause problem. Could you please give me some clues?
2)	Where is section 2.2?
3)	In the abstract, it is stated that "This memo establishes a stand-alone data format to include both the external specification and specific enumeration value,. However, I didn't find the specific enumeration value in the example provided in Section 2.1:
"      <iodef:Reference>
         <iodef-enum:ReferenceName specIndex="1">
            <iodef-enum:ID>CXI-1234-XYZ</iodef-enum:ID>
         </iodef-enum:ReferenceName>
         <iodef:URL>

http://cxi.example.com

</iodef:URL>
         <iodef:Description>Foo</iodef:Description>
      </iodef:Reference>
"
Cheers

Dacheng