Re: MBone

To: "Kevin C. Almeroth" <almeroth at cs.ucsb.edu>
Subject: Re: MBone
From: Joe Touch <touch at ISI.EDU>
Date: Fri, 13 Sep 2002 10:29:09 -0700
Cc: ietf at ietf.org
References: <200209131650.g8DGo1M01501@cab.cs.ucsb.edu>
Sender: owner-ietf at ietf.org
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.1) Gecko/20020826

Kevin C. Almeroth wrote:

Multicast is necessarily a LOT weaker:

    1) I can get a copy of packets by normal operation
    (join a group). there is no equivalent for UDP,
    notably for paths that aren't shared.

Again, not in all cases. You over-simplify the effectiveness of scoping.


Unicast has TTLs too.

You can't have it both ways.  Yes, there is a situation where you can obtain
a copy of a multicast packet through standard operation.  But the fact
that scoping and addressing make it non-trivial


Agreed - scoping sets some boundaries, but it's primitive as a
'security' mechanism, because everyone within those boundaries can very
easily get a backet.

The same is just not nearly as true for unicast.

    2) UDP has application, network, and tunnel encryption that
    is both widely deployed and widely used. there is
    no equivalent for multicast.

I disagree... a number of commercial multicast apps have encryption.


Agreed. What I am asserting (by the above) is that security is clearly
important to the average user, and that the average user won't accept
obfuscation as a solution.

Joe

References:
- Re: MBone
  - From: Kevin C. Almeroth

Prev by Date: Re: MBone
Next by Date: RE: Multihoming Issues
Previous by thread: Re: MBone
Next by thread: Re: MBone
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: MBone

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.