Joseph Hui wrote:
On Wed, 20 Jun 2001 12:18:32 EDT, Keith Moore said:
but this isn't what's controversial about OPES. what's controversial
is the notion
that the transformations enabled by OPES might also occur in the
interior of the
network, without being explicitly authorized by either the source or
A lot of things that OPES wants to do, I might want to use as a content
or as a content consumer. It's that man-in-the-middle thing that
Operating Systems Analyst
The man-in-the-middle thing can happen irrespective of what OPES does
or doesn't do, in the absence of end-to-end security, say TLS.
I fail to see how OPES's charter and its yet-to-be-developed protocol
would worsen the existing situation.
By appearing to make it legitimate (as RFC 1918 made NAT appear
legitimate). There is a possible way to deal with this though: require an
OPES box to obtain explicit consent from both ends before executing
any content manipulation.