I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is ready. >From the abstract, "This document specifies a set of extensions to PCEP to support dissemination of Flow Specifications. This allows a PCE to indicate what traffic should be placed on each path that it is aware of." The security considerations section says that this mechanism has all of the same security considerations of the underlying PCEP protocol, and that all of the same security considerations in RFC5440, RFC6952, and RFC8253 apply. It also mentions some additional privacy considerations, and that order of installation for overlapping flow specs may have unexpected consequences that could be exploited by an attacker. I don't have additional concerns.