Last Call Review of draft-ietf-ippm-initial-registry-12
review-ietf-ippm-initial-registry-12-secdir-lc-wouters-2019-11-01-00

I have reviewed this document as part of the security directorate's  ongoing
effort to review all IETF documents being processed by the  IESG.  These
comments were written primarily for the benefit of the  security area
directors.  Document editors and WG chairs should treat these comments just
like any other last call comments.

As this document populates an IANA registry with metrics values, no security
considerations apply. This is stated in the Security Section.

Normally, the IANA considerations are within one section and all other sections
are written as if this has already been done, except with a [TBD] for any value
IANA needs to put in. But this document uses text outside the Iana
Considerations section like:

      "IANA is asked to assign different numeric identifiers to each of the two
      Named Metrics."

It is better to rewrite this with clear text stating Name X is assigned value
[TBD]

Similarly, the document has "Change Controller", but the way this is normally
phrased is to be part of the new Registry definition of "Registration
Procedure(s)" which has defined values like "Expert review", "Specification
Required", "First Come First Serve", etc. The document should be changed to
reflect these standard types of policies, and ask IANA to create the Registries
with the standarized procedure terms for updating those registries.