I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. This review is in response to a request for early Gen-ART review. Document: draft-ietf-tls-downgrade-scsv-03 Reviewer: Russ Housley Review Date: 2015-01-19 IETF LC End Date: 2015-01-23 IESG Telechat date: unknown Summary: Almost Ready. Major Concerns: None. Minor Concerns: The upper-right corner of the title page and the abstract disagree. One says that this document updates 3 RFCs, and the other says that it updates 4 RFCs. I think that both are wrong based on this text from the introduction: This specification applies to implementations of TLS 1.0 [RFC2246], TLS 1.1 [RFC4346], and TLS 1.2 [RFC5246], and to implementations of DTLS 1.0 [RFC4347] and DTLS 1.2 [RFC6347]. Please correct the title page header and the abstract. Other Comments: In the introduction, I suggest the following editorial change to improve clarity: OLD: ... they can be particularly critical if they mean losing the TLS extension feature (when downgrading to SSL 3.0). NEW: ... they can be particularly harmful when the result is loss of the TLS extension feature by downgrading to SSL 3.0. Further down in the introduction, there is a missing word: OLD: ... is not suitable substitute ... NEW: ... is not a suitable substitute ...