draft-ietf-pim-3228bis-06 reinstates the security section from RFC 3228, which addresses the issue I brought up in my first review.