6. Security Considerations
RFC 9962 points to Section 9 of RFC 9301 for the complete list of LISP security mechanisms and threat-analysis references. When DNS is used for the pull-based Mapping System, DNSSEC from RFC 9364 is recommended to improve DNS lookup security.
Replay attacks, spoofing, and trust relationships are discussed in detail in RFC 9301 and RFC 9303.