I will start working on these issues and will post suggested
> I hope I can fix all of them except I am not quite sure about
the "inadequate security considerations section" comment. I can
address the latter by providing a list of Security Sections in the
other drafts, but doing so seems silly/redundant.
My feeling is that this might be sufficient, since I believe the
security considerations are already address elsewhere, we just need to
point it out. If we can address the comment and thereby pass IESG
review, we should do so.
The example you suggest may not be appropriate because
pro-actively notifying 3rd parties of viruses and such is becoming less
and less popular idea (there were some IETF drafts about that IIRC).
You're right, I remember previous comments along those lines. Any
other suggestions, anyone?