This document has been reviewed as part of the transport area review team's
ongoing effort to review key IETF documents. These comments were written
primarily for the transport area directors, but are copied to the document's
authors and WG to allow them to address any issues raised and also to the IETF
discussion list for information.

When done at the time of IETF Last Call, the authors should consider this
review as part of the last-call comments they receive. Please always CC
tsv-art@ietf.org if you reply to or forward this review.

Thank you for a well written document, and it's description of the service to
be provided.

This is proposed as a "lightweight" reporting mechanism.

The method states it can be used over TCP. In this case, TCP provides the
necessary congestion control, flow control and segmentation. I did not see
additional transport concerns.

Thius is an updated review for -07, which addressed some of the previous issues.

The method also states it can be used over UDP - which is equally recommended.
However, the specification for use over UDP is incomplete and raises some
transport concerns:

1. There is a recommendation to use DNS COOKIEs [RFC7873] over UDP (PS), but no
statement about how to mitigate the effects when these are not used. What ought
someone to do when this is not done?

2. New text was added to note how to handle reports larger than the maximum UDP
datagram payload. (This is likely resolved in -07.)

3. I think this method could in some uses generate a stream of reports at a
rate that could be more than a few UDP datagrams per RTT, (e.g., if implementing
automated responses). In this case, I think method would need to provide some
basic rate-limiting (or implement a form of congestion control). I understand the rate 
is usually "damped" by caching to one message/TTL perreport, but I am unsure 
whether this is sufficient to mitigate any congestion control concerns.
Additional text may still be needed.