I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

The summary of the review is Ready

I have one question.  The document takes a field that previously held one reason and allows to hold multiple reasons. Since this behavior is only allowed for protocols that define multiple reasons, it seems the exposure to existing implementations would be small, however it's possible that this behavior will leak into some existing cases. Do we have any implementation experience as to what existing implementations will do if the receive multiple reasons that they do not expect? 

Thanks,

Joe