Reviewer: Michael Tüxen Review result: Ready with Issues This document has been reviewed as part of the transport area review team's ongoing effort to review key IETF documents. These comments were written primarily for the transport area directors, but are copied to the document's authors and WG to allow them to address any issues raised and also to the IETF discussion list for information. When done at the time of IETF Last Call, the authors should consider this review as part of the last-call comments they receive. Please always CC tsv-art@ietf.org if you reply to or forward this review. The document describes the intended architecture very well. What is not described is how loss recovery and congestion control will be designed to allow the signal channel to transfer message during an attack: "Some operators may utilize non-impacted paths or networks for DOTS, but in general conditions should be assumed to be hostile and DOTS must be able to function in all circumstances, including when the signaling path is significantly impaired." Nit: In Figure 4 the top and the middle client have the same name "c1.example.org". Is this intended?