Hello, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. IMHO, the document is  Almost ready. The author claims this document "raise[s] no new security concerns". I think the author is right, however I have two comments: - it's preferable to mention explicitely that RFC 6378 provides the baseline   security discussion and that it also applies to the present document. - Making sure an implementation behaves correctly in front of malformed   messages is typically something that should be mentioned/discussed in the   Security Section. This is the case in section 2.3 "Error handling".   Can an attacker through malformed/unexpected messages (e.g., with fuzzing)   launch a DoS?   I don't suggest to move section 2.3 in the Security Discussion section, but   rather to add a sentence in the Security Section explaining that this document   in section 2.3 also clarifies how to react in front of malformed/unexpected   messages (which is essential from a security point of view). Cheers,     Vincent