I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments.

This document is very much like RFC 8446 with some tightening of the requirements. As far as security considerations, if follows the example of RFC 8446 in leaving the security considerations section blank, and discussing security issues "throughout this memo," especially in three appendices.  Those appendices are very much copied from RFC 8446, with relatively minor additions.

RRC 8446 was thorough and well done, and this is no different. To quote from Rich Salz's review of the RFC 8446 draft,

    No, seriously, this protocol has been designed with the help of world-class
    cryptographers and academics. It has been analyzed with verification tools.  It
    has been tweaked as necessary to get around middlebox ossification. It is
    available in two highly popular browsers and at least one widely-used open
    source toolkit.

    This document is READY.

I can't agree more, except to say that by now it's implemented in many more browsers and all serious TLS libraries.