mglt
commented
5 years ago - Section 5.2 SEC-GEN-8 and SEC-GEN-9 – these are only optimizations and should not be specified as requirements. Authentication of end points is the only requirement that we should look at, which is already captured in first statement of SEC-OP4. Partial authentication of headers etc., is an optimization and not essential to secure the communication between NVEs. Also SEC-GEN-9 specification of transit node behavior is not needed, and hence to be removed (also see comment 17).