A few minor issues for the Security Considerations section:

1. RFC 2119 keywords are used for some but not all bounds mentioned in this section. Is there a reason we don't use SHOULD and RECOMMEND for the maximum acceptable value for the LEASE values? 

2. It would be useful for the document to also RECOMMEND a minimum interval between updates.

3. More broadly, ISTM that all the recommended values here (minimum interval between updates, lease renewal min and max) should be moved up into the main content of the document. A too-short lease, for e.g., has implications not just for security but operation in general. 

4. Is the "public key signing" a reference to SIG(0) [RFC 2931]?

5. Again, the language is in the last para of the Security Considerations section around auth strategy is not very strong. Perhaps a reference to RFC 3007 would help.

6. "conver" in the last sentence of this section seems like a typo, I'm not sure what this sentence means.