I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at < http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. Please resolve these comments along with any other Last Call comments you may receive. Document: draft-ietf-pkix-rfc5280-clarifications-10 Reviewer: Vijay K. Gurbani Review Date: Oct-16-2012 IETF LC End Date: Not known IESG Telechat date: Oct-25-2012 This document is ready as a Proposed Standard. Major: 0 Minor: 0 Nits: 2 Nits: - S1: The fourth paragraph should be put right underneath the second paragraph since the former continues discussion started by the latter. - S1: Last paragraph --- it will be good to provide some documentation regarding the "observed attacks". Especially a link to relevant papers of archival quality discussing the attacks will be helpful. If the attacks are related to the Diginotar and Comodo break-ins, then there is an archival paper [1] at a reasonably high level from IEEE that discusses this and provides a starting point for those who want to learn more. [1] Neal Leavitt, "Internet security under attack: The undermining of digital certificates," pp. 17-20, IEEE Computer, December 2011. Thanks, - vijay -- Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent 1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA) Email: vkg at {bell-labs.com,acm.org} / vijay.gurbani at alcatel-lucent.com Web: http://ect.bell-labs.com/who/vkg/