I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

The summary of the review is: ready

Comments:

* congratulations on a very well written document.  Far cleaner than many others 
  I've reviewed :-)

* 1.3 4th paragarph: ...amount of traffic *that* may be delegated.

* general: I assume that there is a business relationship where one can has a legal
  disincentive to hurt the other?  Eg false information about rates/loads or similar
  are not a concern because the relationship has mechanisms for general resolution outside
  the scope of the features being transmitted?

* 2.1.1.2: the name parameter is discussed as if it's an id, so I'd either change the property
  name or make the text match the property name.  (and I hope no one would violate that SHOULD
  as it really kills monitoring agents when things names change).

* 2.1.1.2: Data percentile: you should (SHOULD) probably use "mean" instead of "average"
  to be mathematically precise.

* 2.2.1.1: I suggest putting a hyphen in "limit types" to make it match the property name above.