I have reviewed this document as part of the Operational directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written with the intent of improving the operational aspects of the IETF drafts. Comments that are not addressed in last call may be included in AD reviews during the IESG review.  Document editors and WG chairs should treat these comments just like any other last call comments.   This document discusses requirements for providing end to end security to protect Attribute-Value Pairs between non-neighboring Diameter nodes and I think it is almost ready for publication. But I have a few editorial comments as follows: 1.        Section 3, 1 st paragraph: AAA broker is usually referred to intermediate node that support AAA functionality, I am not sure one network can be labeled as AAA broker. Change AAA broker into AAA broker network? 2.        Section 3, 1 st bullet on eavesdropping In 1 st bullet, it mentions AAA broker network. It will be nice to give a definition of AAA broker and AAA broker network in the terminology section. 3.        Section 3, 2 nd bullet on Injection and Manipulation s/and inject/manipulate/to inject or manipulate 4.        Section 4, the 2 nd ,3 rd , 4 th scenarios How do you prevent man in middle attack by introducing Diameter proxy? How Diameter Proxy establish trust relationship with either Diameter client or Diameter Server? Is there security requirements for this? 5.        Section 4, last paragraph It looks these paragraph discusses security consideration and should be moved to section 6. 6.        Section 5, requirement 4 Is there any authorization approval before delegate security functionality to another entity?     -Qin Wu