Security review of Extensions to Automatic Certificate Management Environment for end-user S/MIME certificates draft-ietf-acme-email-smime-10 Do not be alarmed. I generated this review of this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving security requirements and considerations in IETF drafts. Comments not addressed in last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last call comments. This is much improved over the -8 version, and it is, in my opinion, READY. Hilarie