I reviewed this document as part of the Security Directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the Security Area Directors.  Document authors, document editors, and WG chairs should treat these comments just like any other IETF Last Call comments.

The document is clear and well-written. It does not define a new protocol, yet it discusses the security considerations arising from the operational perspective. I agree with the considerations outlined and I find the proposed mitigations effective. I have no additional considerations pertaining to the proposed framework.