I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This is an information draft that provides guidance for effectively managing IPv4/IPv6 addresses by address and protocol translation mechanisms. The security considerations section does exist and defers to wing-nat-pt-replacement-comparison for some of the solutions. wing-nat-pt-replacement-comparison discusses possible DoS and spoofing attacks when sharing an IPv4 amongst multiple subscribers. Though it would be nice if either this draft or the one referenced would prescribe techniques to mitigate such attacks. General comments: None. Editorial comments: s/reader to be consider/reader to consider/ This sentence should be restructured for readability purposes: For deployments where the GW is owned and operated by the customer, this becomes operational overhead for the Internet Service Provider (ISP) that it will no longer be able to rely on the customer and the seller of the GW device for. s/of NAT444 need/of NAT444 needs/ s/tunnel could created/tunnel could be created/ Shawn. --