I'm reviewing this document as a member of SecDir per the request for early review.

I'm marking this as "Not Ready" principally because the whole Security Considerations section is "TBD".

Having no prior familiarity with the ANIMA WG or its output, I found the introductory section of this draft rather bewildering. The document I wanted to read for background, RFC 8366, is cited a few sentences in, but the context didn't make it clear that this was where I wanted to look. Please provide a paragraph or so worth of background about the ecosystem that this draft lives in before launching into protocol-specific jargon like "voucher" and "pledge".

You mention trying to conserve both network bandwidth and code size. I see how you're saving a bit of bandwidth by shortening URLs, using CBOR instead of JSON, and in some cases avoiding retransmission of public keys. But I'm not following where the code size wins come from. The procedure described in section 5.3.1 doesn't seem to save anything significant, since you still need a whole RFC 5280 implementation for the fallback path.

You've given "ECDSA" as a mandatory-to-implement algorithm, but haven't specified what particular curves must be supported. Without this, you haven't gotten any closer to assuring interoperability.

Appendix A looks like a funny thing to find in an RFC. Are you planning to have the RFC Editor remove this prior to publication, like you'd do for an "Implementation Status" section? If so, you should include an explicit instruction to that effect.