I reviewed this document as part of the Security Directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the Security Area Directors. Document authors, document editors, and WG chairs should treat these comments just like any other IETF Last Call comments.

Thank you for this well-written document, it was a pleasure to read and I think it is ready to proceed. Since the document updates RFC2544 benchmarking procedure for estimating the buffer time of a Device Under Test (DUT), it does not raise any security issues. Security Considerations section is quite clear and it stresses that these tests are performed in a lab environment.

I do have a question regarding the last paragraph of the Security Considerations on special capabilities of DUTs for benchmarking purposes. Currently, the sentence reads:
"Special capabilities SHOULD NOT exist in the DUT/SUT specifically for benchmarking purposes."
Why is this a SHOULD NOT and not a MUST NOT? Could you give an example when such special capabilities in a DUT are appropriate?