Hi,

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

Overall, I find the document to be of good quality and ready to progress.



One editorial suggestion I'd make would be to either include or directly 


reference the security section of RFC 2743 in your own security 


considerations section.






Also, I'm just not partial towards the use of "otherwise" to describe a 


return code from gss_oid_equal.  Personally, I think it should be directly 


specified.






Finally, I think you have a formatting inconsistency in Section 4.1; the 


"otherwise" should be tabbed out to line up in the other column.




Regards,
Chris