NVE transit device trust

[mglt]

20. Section 5.3 First paragraph: In general securing nodes, NVEs and transit devices should be beyond the scope of securing Geneve transport. Securing such devices is not specific to Geneve. So the operator should use other best practices for securing those devices and establish trust between those devices and NVAs.

[mglt]

Unless I misunderstand the comment, I think we agree as stated in the text below: """ If the rogue device is in charge of the securing the Geneve packet, then Geneve security mechanisms are not intended to address this threat. """

However, maybe we could to state this as these nodes are able to interfere with Geneve and what makes them different - and out of scope of a Geneve security mechanism is that there are tunnel endpoint. In other words, if they are attacking another NVE-NVE communication they become in scope. Do you want to propose some text ?