I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. There are no security issues with this document. It's a survey and analysis of current implementation, and correctly notes in its Security Considerations section that security issues will certainly come up in the subsequent work that follows up on the results and analysis presented here. I reviewed the -06 version, and found that its English was *far* worse than usual for documents sent to last call -- I wonder how it got that far in that state. As I decided how to handle that with last-call comments, an -07 version was put out. That version fixes many of the problems, and makes the document tolerable... though it still needs quite a bit of editing. It might need more editing than is reasonable to pass last call and IESG, and expect the RFC editor to handle. If the authors would like, I'm willing to take an editing pass through the document. If they want me to do that, they should send me, privately, the XML source, and I'll have a go. Barry -- Barry Leiba (barryleiba at computer.org) http://internetmessagingtechnology.org/