Summary:  I want to thank the authors for a clearly written specification. 

Technical: To my best review, this draft has considered the operational issues in the privacy pass issuance protocol.  The error handling appears to be correct. 

Editorial: I can find no editorial issues. 

Caveat: I am not deeply involved in the deployment of these protocols or security. The error handling portion of this security protocol needs a review by someone who is an expert in these protocols.  It appears to be correct, but I am not enough of an expert to double-check anything beyond the references.