The only comment I have from a security standpoint is that the Security Considerations seem basically absent, saying no more than "Nothing to see here."  That's common and easy to say, but I expected some explanation of how the requirements specified in the document are needed to ensure a robust and secure BIER system.  I wouldn't expect pages of text, but I'm surprised to see nothing at all.  Is it really the case that an OAM system for BIER would do nothing to enhance security, nothing to alert us to BIER-specific attacks?