I have reviewed this draft-ietf-iasa2-rfc4071bis-08 as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is Ready. As stated in the introduction, this draft "describes the structure of the IETF Administrative Support Activity, version 2 (IASA 2.0). It defines the roles and responsibilities of the IETF LLC Board, the IETF Executive Director, and ISOC in the fiscal and administrative support of the IETF standards process. It also defines the membership and selection rules for the IETF LLC Board." The document is well written and easy to read. It does not describe any specific technology or propose standard, and the security consideration as just pro-forma, stating that "This document ... introduces no security considerations for the Internet." Which appears true. Security impact, if any, would be indirect. One could imagine that some malevolent third party might apply pressure on the LLC staff, the board members, or ISOC, with a goal of compromising the standard process and allowing publication of insecure standards. But this hypothetical pressures could probably happen just as well in the current structure. In fact, the draft's emphasis on clear process and transparency provides additional protection, which confirms the assessment that this document "introduces no security considerations for the Internet."