I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. IPFIX is a structured information model and protocol for transmitting information about data flows. This document extends the model with structured data, basically several types of lists. I have not reviewed the document in full, rather I have looked at the security aspects only. The Security Considerations refer the reader to the IPFIX protocol and data model RFCs, and I mostly agree, with one exception. I suggest to add text similar to the next paragraph: The addition of complex data types necessarily complicates the implementation of the Collector. This could easily result in new security vulnerabilities (e.g., buffer overflows); this creates additional risk in cases where either DTLS is not used, or if the Observation Point and Collector belong to different trust domains. Thanks, Yaron