Dear all,

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

In my opinion the document is ready. It describes what data should be logged.

While the security considerations section mentions the privacy impact
of the data in the logs, it doesn't mention the value of the
information in the logs for event reconstruction, which is mentioned
in the text. I don't see a lot of space for problems here, but maybe I
didn't see them.

Sincerely,
Watson Ladd