I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

I had previously reviewed 02 of this draft for an early review request and had issues with this version due to its susceptibility to remote side-channel attacks.  Subsequently, the authors have updated the draft, based on my proposed text, in 03 to disclose this possible attack and ways to mitigate against this threat.  Therefore I've marked this draft as Ready.