I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

This is a problem statement document that describes issues and considerations for development of a replacement for Stringprep (RFC3454). It is intended for publication as an Informational RFC. 

Here is the entirety of the Security Considerations section:

   This document merely states what problems are to be solved, and does
   not define a protocol.  There are undoubtedly security implications
   of the particular results that will come from the work to be
   completed.

When I first saw this, I thought it seemed reasonable. Then I went to the RFC editor page and searched for "problem statement". I looked at the first 4 in the list (6707, 6646, 6606, and 6567), and they each have considerably more in the security considerations section. They talk about the security-related problems to be solved without recommending specific solutions (which seems appropriate for a problem statement). They stay at a high level, but they do discuss security issues to be addressed, and if these documents were reviewed by this group prior to publication, they presumably do so completely. 

This document should probably do the same.

--Scott