This review updates my previous review of the -15 draft (see https://datatracker.ietf.org/doc/review-ietf-teas-yang-te-topo-15-secdir-lc-shore-2018-06-07/). I'm pleased to see the update to the security considerations sections, although it's still fairly generic and doesn't describe the threat environment (this may seem like a nit but it's not: describing how changes to individual subtrees may impact the system does not really detail how a malicious actor may subvert or disable the system). I think this section arguably does conform to the yang-security-guidelines template despite the missing detail and modulo the missing mandatory references to 5246 and 6536. I'm torn between marking this has "Has Issues" (because of the lack of threat description in the Security Considerations) and "Not Ready" (because of the missing mandatory references) but am going with the latter, and it's up to the IESG how heavily they'd like to weight the generic descriptions of modified subtree impacts.