Reviewer: Shawn Emery
Review result: Ready with nits

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

This draft specifies a system for secure network device attestation between a verifier and attester (i.e. network device - hardware and software).  This protocol utilizes TPMs for signing attestation data and Device IDentity (DevID) from the device.

A privacy considerations section does exist and describes which information would be considered sensitive, for example, log records that could disclose software versions which could be used by an attacker for any known vulnerability with said version(s).

The security considerations section exists and describes the various possible ways in attacking the system.  I believe this section comprehensively accounts for the multitude of attacks and covers the reasonable limitations of defending against said attacks (e.g. device compromise, swapping in TPMs, etc.).

General comments:

Thank you for the privacy considerations section.

Editorial comments:

s/of an network/of a network/
s/likely be/likely to be/
s/as specified in [RFC8572])/(as specified in [RFC8572])/
s/mechanism couple with/mechanism coupled with/
s/[I-D.ietf-sacm-coswid], [RIM]))/([I-D.ietf-sacm-coswid], [RIM])/