- grammar: "A CPS can use this mechanism
   s/can authorize/authorizes/ service providers who already hold STIR credentials to
   submit PASSporTs to a CPS,"

- grammar: "(or an entity
   s/contractual/contractually/ acting on their behalf)"

- "If anyone with a STIR
   certificate is able to publish or access PASSporTs for any telephone
   number, this would create an intolerable security and privacy
   vulnerability."
	Comment: The authors should elaborate on the security vulnerability as the STIR certificate is presumed to have the same security threats as any traditional certificate. If PASSportTs contain security sensitive values that are not protected, the conditions where these secret values could be revealed should be better highlighted. For example, does the author imply RFC8225 has security vulnerabilities?

- Comment: There are several uses of "the STIR out-of-band framework [RFC8816]" while others merely reference "[RFC8816]". Is it sufficient to simply use "STIR" when referring to the framework? The first use of "the STIR out-of-band framework [RFC8816]" seems sufficient to give the reader the reference to RFC8816.