I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security area
directors.  Document editors and WG chairs should treat these comments just
like any other comments.

This document describes use of "authority tokens" in the context of ACME,
their purpose, use and format.

The document is straightforward and the Security Considerations section
seems adequate.Generally, iIt may help readers to include a summary of all
the options and any recommended values. for the tokens, e.g. lifetime of
issued tokens. For the Security Considerations section, shouldn't mandated
supported algorithms and key sizes be specified?

Editorial: The document is in need of a grammar / wording polish but I
expect the rfc-editors to handle this.For example, "defines a the" in the
Introduction section, and "in the way" in Section 5.1.

Thanks,
-- Magnus




-- 
-- Magnus