I have been selected as the General Area Review Team (Gen-ART) reviewer for this draft (for background on Gen-ART, please see http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html). Please resolve these comments along with any other Last Call comments you may receive. Document: draft-cain-post-inch-phishingextns-04.txt Reviewer: Brian Carpenter Review Date: 2008-05-30 IETF LC End Date: 2008-06-20 IESG Telechat date: (if known) Summary: Ready, one question Comments: This draft seems to be in good shape. Had you considered including actual DNS entries with the DomainData? I understand that not only may the fraudulent domain be transitory, but also its actual IP address may be transitory too. So logging the observed A, AAAA or CNAME entries within the DomainData could be of forensic value.