My review of version 11 of this draft was making a number of suggestions. These suggestions have largely been addressed in the version 12 of the draft:

* The risk caused by compromised agents are addressed by setting permissions according to [I-D.ietf-opsawg-service-assurance-yang].

* The security section now includes a more precise description of the permissions that should be granted to SAIN agents

* The authors added recommendation that service administrators only obtain the information needed for building the assurance graph and no more, which somewhat mitigates the risk of attackers using configuration data.

* The authors added a suggestion to compare reporting by multiple agents and detect potential anomalies such as compromised agent mishbehaving, and reasonably flag that as a point for further study.

* The risks caused by loss of access to NTP service are documented.

In addition to flagging the NTP risk, the authors could have suggested mitigation for temporary loss of access to the NTP service. There might be ways such as indicating the state of the clocks in the agents report, or estimating potential clock drift based on quality of local clocks and delay since the last NTP synchronization. However, this is  speculative and it would be sufficient to flag it for further study.