I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  Document editors and WG chairs should treat these comments just
like any other last call comments.

This draft specifies a new WebSocket sub-protocol as a reliable
transport mechanism between MSRP (Message Session Relay Protocol)
clients and relays. It depends on the use of secure WebSocket
connections (TLS) and existing authentication mechanisms. I am not
particularly familiar with WebSockets or MSRP but the Security
Considerations section looks adequate to me.

There are a lot of example message flows in this document that i don't
really know enough to evaluate.

Nits:

It is peculiar that Sections 10, Section 11, and Appendix A have only
a single subsection aa their entire content. In the case of Sections
10 and 11, I think the 10.1 and 11.1 headers should just be
eliminated. In the case of Appendix A, probably the A.1 heading should
be moved up to the A level.

Thanks,
Donald
===============================
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 155 Beaver Street, Milford, MA 01757 USA
 d3e3e3 at gmail.com