The is short little document that put size constraints on the OCPS nonce extension. In particular, it requires the nonce be between 1 and 32 octets long. Since there's no bits on the wire changes, I think it's fine there's no new ASN.1 module. My technical nits include: 0. s2.1: Consider also throwing an error if the OCTET STRING is zero bytes in length. You throw one if it's too long, but not if it's too short. 1. s2.1, 4th paragraph: Consider adding reference to RFC 4086 for randomness requirements. My editorial nits include: 0. Abstract: missing period at the end of paragraph. 1. s2.1, 3rd para: missing period at end of paragraph 2. s4: I think the indentation is off by a couple of characters.