I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document provides requirements for improving the tools used to manage team document reviews in IETF. These tools are be used for managing secdir reviews, for example. If you want to get a peek at the next generation of these tools, peruse the document. It looks fine to me and Tero was one of the authors so I expect that he's fine with it. This document is Ready With Nits. The nits are included below. Thanks, Steve ------------------ * The second bullet on page 7 refers to "the above bullet" but it is not clear which bullet is intended. * In the fourth bullet on page 9, "must be able easily" should be "must be able to easily". * In the eighth bullet on page 9, "that have" should be "that they have". * The last sentence in the Security Considerations section seems a bit flippant. It currently reads "None of these [authentication and authorization considerations] have been identified as non-obvious." Although I don't have any material problems with this analysis, I wouldn't want to see other documents taking such a nonchalant approach to security. Instead of that sentence, I suggest "None of these have been identified as differing from the considerations relevant to the existing datatracker."