Multicast is necessarily a LOT weaker:
1) I can get a copy of packets by normal operation
(join a group). there is no equivalent for UDP,
notably for paths that aren't shared.
Again, not in all cases. You over-simplify the effectiveness of scoping.
You can't have it both ways. Yes, there is a situation where you can obtain
a copy of a multicast packet through standard operation. But the fact
that scoping and addressing make it non-trivial and the fact that "normal"
operation doesn't prevent you from snooping UDP packets shrinks the
gap from a "LOT" weaker. And as I said before, if data security is important,
effectively there is no gap.
2) UDP has application, network, and tunnel encryption that
is both widely deployed and widely used. there is
no equivalent for multicast.
I disagree... a number of commercial multicast apps have encryption.
Don't try and argue now that some relative percentage of multicast apps
have less encryption than unicast apps. You're comparing a protocol that
has been around a lot longer than multicast and trying to make an
apples-to-apples comparison based on less availability.
And for the record, multicast is UDP.
-Kevin