I'm not sure if this is a real issue or not. If not, which is quite possible, then this'd be ready. I wondered if this setup might create potential reflection attacks, but am not sure. The attack might happen if bad-device-A sends packets to B, as if those are from real-A, and then B sends those back to real-A. If that could happen, it would seem like a reflection attack vector that could be part of a DoS. If that can't happen, it might be no harm to say why in the security considerations section.