Re: Transport multihoming

[Manuel Urueña Pascual <muruenya@it.uc3m.es>]

> > Given the known common presence of man-in-the-middle attacks,
> > I don't see that RR actually buys anything in the way
> > of trust or assurance that one is talking with the party
> > one thinks one is talking with.
>
> Right.  It just prevents someone from "stealing" addresses with
> MIPv6 BUs from an arbitrary location in the Internet, and limits
> the viable attack locations to those on the path.  

IMHO nothing can be do against man-in-the-middle attack but a PKI to
authenticate the other peer. I agree with Pekka that RR is just a
mechanism to limit attacks without the need of crypto.
 
> I *think* (but haven't analyzed in detail) that it would work in the same
> way with end-host multi-homing based on secondary addresses.

I fully agree.

> And we must not forget the danger of and the prevention of flooding,
> either.  Thus, for example, SCTP should use some sort of RR when
> falling to secondary addresses.  I don't know if it currently does.

I think SCTP sends probes periodically to inactive addresses in order to
measure RTT to choose the best alternative path if primary one fails. It
can be seen as a continuous RR check.

--Manuel