I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This review is a little late -- sorry for the delay. From the abstract, "This document extends the current location configuration protocols to provide hosts with a reference to the rules that are applied to a URI, so that the host can view or set these rules." Specifically, it allows the host to view, set, or change privacy rules associated with its location URIs. The document is well-written, and contains a security considerations section that addresses associated protocol threats. That section references two "classes of risks": risk of unauthorized disclosure of the protected resource, and risk of disclosure of the policy information itself. Why isn't unauthorized manipulation of the policy information also listed as a risk? Actually, the second paragraph of the security considerations addresses this, ("The mechanism also needs to ensure that only authorized entities are able to acquire or alter policy."), but subsequent text seems to indicate that if the policy URI is not kept secret, there are no further protections. Am I missing something here, or is secrecy of the URI really the only protection against unauthorized policy manipulation? I have to admit that I have no experience with these protocols, and it may be that this is addressed elsewhere (or truly doesn't matter), but it does feel a bit off. --Scott