Hello, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The document is straightforward and well written. I just have a couple of nits, but think the document is ready otherwise. Suggest replacing 'must' with 'should' since the discussion is on interpretation. Change from: Receipt of an ICMP Source Quench message must not be interpreted as an attempt to attack the receiver. To: Receipt of an ICMP Source Quench message should not be interpreted as an attempt to attack the receiver. It is already clear from the rest of the draft and this section, that there is no risk by ignoring ICMP source quench messages, which is done by 'virtually all current implementations of TCP'. Should this say, virtually all current implementations of 'IP' or 'TCP' and 'ICMP'? The discussion covers source quench being deprecated (RFC1812) by router implementations 20 years ago and now formally deprecates this within TCP. Thank you, Kathleen