Reviewer: Ines Robles Review result: Ready with Issues Hello, I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please treat these comments just like any other last call comments. For more information, please see the FAQ at <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>. Document: draft-ietf-lamps-rfc5750-bis-05 Reviewer: Ines Robles Review Date: 27-04-2018 IETF LC End Date: 27-04-2018 IESG Telechat date: --- Summary: I believe the draft is technically good. This document is well written and clear to understand. Some minor concerns are mentioned that should be resolved before publication. Major issues: No major issues found. Minor issues: Section 1.6: It would be nice to start the section with some text like "This document obsoletes 5750 due to the addition of the following information...." Section 2.3: "but SHOULD use some other mechanism to determine ...." => It would be nice to mention some examples of the other mechanism "...but SHOULD use some other mechanism (such as ....) to determine..." Section 4: Related to this: "Another method under consideration by the IETF is to provide certificate retrieval services as part of the existing Domain Name System (DNS)" - This text seems to be out of the date (since belongs as well to RFC5750 (2010)), maybe it would be nice to re-write it (e.g. method under consideration => method approved) and add a reference of the proposed methods. Would it be RFC 8162 [1] a good reference for this topic? [1] https://tools.ietf.org/html/rfc8162: Using Secure DNS to Associate Certificates with Domain Names for S/MIME Nits/editorial comments: Section 2.3: CertificateSet --> Certificate Set Section 4.4.1: basicConstraints --> basic Constraints Thanks for this document! Ines.