-
Type: New Feature
-
Status: Closed
-
Priority: Minor
-
Resolution: Unresolved
-
Affects Version/s: SMP 2.0
-
Fix Version/s: None
-
Component/s: Documentation, XML Schema
-
Labels:None
Currently is redirect responses not signed by the responding SMP server. This makes it possible for man-in-the-middle attacks where a redirect is provided pointing to a location containing invalid SMP response. Such an attack will result in problems delivering transmissions for access points.
By adding a signature to the redirect response is it possible for the client to verify also the redirect in the same manner as service groups.