I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should
treat these comments just like any other last call comments.

This document's Security Considerations section is appropriately brief because it doesn't introduce much in the way of new ones: the security model for JMAP MDN isn't essentially different from the security model for the analogous IMAP functionality. But had I reviewed RFC 8098, I would have urged some changes to the Privacy Considerations section of that document. It's not that anything is wrong or overlooked, but its emphasis is odd. It focuses mostly on leakage of impersonal details like OS version and network topology, with nothing but a parenthetical mention given to the significant personal intrusion of monitoring message read times. Every abusive boss knows this trick: send your subordinates an email at 5:00 AM on Saturday and watch when the delivery receipts come in. I wish that something in the corpus of MDN-related RFCs would do a better job of acknowledging this, even if this one in particular is not the most appropriate place for it.