I've marked this "not ready" only because of the quality of the writing, which is both unidiomatic and ungrammatical throughout the document.  But, the draft has been through working group last call, and if the working group is good with it, I'm good with it - I'm here to do a security review, and it's basically fine in that regard.

A couple of nits:

In section 6, it seems to me that by having two different dampening messages you risk having both no-dampening and on-repetition active at the same time (implementers don’t always make good decisions).  Setting on-repetition to an impossible value (say, -1) could serve the same purpose as no-dampening and avoid possible implementation errors.

I'm curious why you’re monitoring system things (cpu, disk), since presumably those are also being monitored elsewhere.

In the security considerations section you may want to discuss some of the limitations of relying not he transport protocol to protect the data, particularly around data authenticity, etc.