Hi, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is Ready with nits: • section 1: Introduction However, an RPKI relying party may want to override some of the information expressed via putative TAs and the certificates It seems that TA is being used for the first time here. The acronym should be extended to ease the reading of the document. I am reading it as Trust Anchor. • section 2. RPKI RPs with SLURM SLURM provides a simple way to enable RPs to establish a local, It seems to me the acronym RP is used for the first time. It seems that it should be expanded to ease the reading of the document. I am reading it as Relaying Party. • section 6 Security considerations I My reading is that the section catches the criticality of the SLURM files and that network operators are already familiar provisioning critical data. As such I believe the section is sufficiently clear. • whole document: It seems that BGPSec, and BGPsec are used together. I believe this should be harmonized to BGPsec. Yours, Daniel