I have reviewed this document as part of the Operational directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving the operational aspects of the IETF drafts. Comments that are not addressed in last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last call comments. Noting that I'm certainly not an expert on the subject matter, I've found this document to be READY. I found it well-written, it contains plenty of detailed examples (which I believe are really important for API and programming-heavy documents), and includes plenty of references as well. Please do not forget to remove "Appendix B. Change log". A minor observation, not even a nit, is that the text in the Security Considerations "While formally the JSEP interface is an API, it is better to think of it is an Internet protocol, with the JS being untrustworthy from the perspective of the endpoint. " could be more clear. thanks! /Carlos