Thanks for great feedback! I've tried to address all of your comments. I'm planning to add this paragraph to the security considerations. PIM-SM link-local messages can be authenticated using IPsec, see [RFC7761] section 6.3 and [RFC5796]. Since PFM messages are link-local messages sent hop by hop, a link-local PFM message can be authenticated using IPsec such that a router can verify that a message was sent by a trusted neighbor and has not been modified. However, to verify that a received message contains correct information announced by the originator specified in the message, one will have to trust every router on the path from the originator and that each router has authenticated the received message. Let me know if you have any comments on that paragraph. Thanks, Stig On Sun, Jan 7, 2018 at 10:22 PM, Liang Xia <frank.xialiang@xxxxxxxxxx> wrote: > Reviewer: Liang Xia > Review result: Has Issues > > Nits: > 1. In Abstract, the abbreviation is missed when the Term are firstly appeared, > such as: Sparse-Mode, Rendezvous Point; 2. Every word in the section titles > should be in the capital form > > Issues: > 1. In Security Considerations section, should one sentence be "even if the > sources are actually not active"? 2. Generally, the peer authentication (by > certificate, shared key...) and the message integration protection are always > helpful to defend against the forged routers and PEM messages, even the > resulted resource consumption. But in current Security Considerations section, > there is nothing discussed about these countermeasures, even in the general > way. Suggest to consider this point personally. >