Check out the new USENIX Web site.
... Shenker1
ICSI Center for Internet Research (ICIR), Berkeley, shenker@icsi.berkeley.edu 
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
... identifier2
In the implementation presented in this paper, we use $m = 256$. Such a large value of $m$ allows end hosts to choose trigger identifiers independently since the chance of collision is minimal. In addition, a large $m$ makes it very hard for an attacker to guess a particular trigger identifier. 
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
... refreshed.3
To make $i3$server failure completely transparent to end-hosts, $i3$can replicate triggers [6]. 
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
... server4
Since the trigger can be reused across connections, the $O(\log n)$ traversal only needs to be done when $i3$servers fail or when using a trigger for the first time. 
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
... 5
Note this is a generalized form of triggers, which allows a trigger to send a packet to another identifier rather than to an address. 
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
... UDP.6
In order to avoid fragmentation due to the encapsulation, the maximum segment size (MSS) TCP header option in a SYN packet is decremented accordingly. 
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
... TUN7
The TUN virtual interface is implemented by the Universal TUN/TAP driver, which is included as a standard feature of the kernel in Linux 2.4 and later. 
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
... servers.8
There is little performance improvement for more than $2N$ servers because at that point, each domain is likely to have a server. 
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
... stretch9
Calculated as the ratio of the path latency using a particular mobility scheme to the shortest path latency on the underlying network topology. 
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
... Infrastructure.10
Another possibility would be to use DNS to store public keys, but then ROAM would be as secure as the DNS. 
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.