Connection rotation would be fine for improving a node's knoweldge
about available peers and making the network stronger against
partitioning.

It's also the first/next step towards decentralising the DNS seeds (for SPV clients), as it'd allow each node to explore the network and return better quality results in getaddr.

If you rotate where you send out your transactions then with
very high probability a sybil pretending to be many nodes will observe
you transmitting directly.

This is sort of what Tor is going through with their guard nodes and how often to rotate them.

I think the attack Ivan is talking about does not require sybil attacks to work though, just listening to lots of peers. Raising the bar to require the attacker to receive lots of connections seems like a win.