Currently is redirect responses not signed by the responding SMP server. This makes it possible for man-in-the-middle attacks where a redirect is provided pointing to a location containing invalid SMP response. Such an attack will result in problems delivering transmissions for access points.

By adding a signature to the redirect response is it possible for the client to verify also the redirect in the same manner as service groups.