There seems to be consensus that OPES services would have to be
authorized explicitly and must not be transparent to both end-points.
This is in line with the discussion we had at the OPES BOF in
Minneapolis and is also reflected in the group description on the web
page ("Intermediary services provided in this way are not transparent:
They have to be authorized by either the content requester or the
provider, corresponding to who the service being provided for"). Looks
like this should be made explicit in a charter.
The charter currenting has OPES first working on a callout services protocol
and the requirements for the policies that control the system. The
implication is that the policies don't get real work until the group is
rechartered. Given the nature of these discussions and this emerging
consensus, is this portion of the charter in need of some attention?
Lee M. Rafalow
Voice: 1-919-254-4455, Fax: 1-919-254-6243
IBM Internet Technology Management
P.O. Box 12195, BRQA/502
RTP, NC 27709 USA
Alternate email: rafalow(_at_)us(_dot_)ibm(_dot_)com
Personal email: lrafalow(_at_)mindspring(_dot_)com