I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

The summary of the review is the document is mostly ready, but I would like some clarification.

The document is well written and has good security considerations, however I am unclear as to the purpose of the "authority" field. The authority field points to a public key used for a digital signature. Where is the definition of the signature and how it is generated? Is this the signature on the EAT?  If so why does the authority need to be defined here? No doubt this is explained in another RATS document, but I was not able to find in a quick read of some of the documents.