I might not be the best reviewer for this one as I've read it a few times before. But anyway, I scanned the diff [1] with RFC7626 and figure it seems fine. The only thing that occurred to me that seemed missing was to note that while the new privacy analysis in 3.5.1.1 is already complex, many systems are mobile and hence an analysis that ignores that won't be sufficient. For a mobile device one really needs to analyse all of the possible setups, and hence it's even harder to get to a good answer. (It could be that that's elsewhere in the document but since I only read the diff, I didn't see it:-) Cheers, S. [1] https://tools.ietf.org/rfcdiff?url1=rfc7626&url2=draft-ietf-dprive-rfc7626-bis-03.txt