Hello,


   I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

   This draft addresses an apparent mistake in RFC 8182 by specifying
a "same origin policy" for RPKI Repository Delta protocol. This
prevents cross-origin references in RRDP that could result in attacks.
It is concise and well-written. The Security Considerations are fine.
It was good to see the inclusion of Deployability considerations
(section 4).

   The summary of the review is Ready.

   regards,

   Dan.

-- 
"The object of life is not to be on the side of the majority, but to
escape finding oneself in the ranks of the insane." -- Marcus Aurelius