Document: draft-ietf-dnsext-dns-threats-06
Reviewer: John Loughney
Date: March 15, 2004

This document looks good, I think that even though DNSSEC has been under development
for a long time, capturing the Threat Analysis is a good thing.  I say ship it, I just
have a few nit-picky comments.

1) Abstract:

	Among other drawbacks, this cart-before-the-horse situation

-> The 'cart-before-the-horse' phrase may not be appropriate for an abstact.

2) Section 1:

   - While some participants in the meeting were interested in
     protecting against disclosure of DNS data to unauthorized parties,
     the design team made an explicit decision that "DNS data is
     `public'", and ruled all threats of data disclosure explicitly out
     of scope for DNSSEC.

-> Change ` to ' character.

3) Section 2.1:

   Some of the simplest threats against DNS are various forms of packet
   interception: monkey-in-the-middle attacks,

-> Are 'monkey-in-the-middle attacks' the same as man-in-the-middle attacks?
   If so, perhaps revise.  If it is something else, perhaps a definition is needed.

4) Section 2.3, last paragraph:

   DNSSEC should provide a good defense against most (all?) variations

-> What is the meaning of 'most (all?)'?  Perhaps strike the (all?) or
   change to something like: 

   DNSSEC should provide a good defense against most, if not all, variations

5) Update Copyright statement at the end of the document.