Joseph Hui wrote:
On Wed, 20 Jun 2001 12:18:32 EDT, Keith Moore said:
but this isn't what's controversial about OPES. what's
is the notion
that the transformations enabled by OPES might also occur in the
interior of the
network, without being explicitly authorized by either the source
A lot of things that OPES wants to do, I might want to use as a
or as a content consumer. It's that man-in-the-middle thing that
Operating Systems Analyst
The man-in-the-middle thing can happen irrespective of what OPES does
or doesn't do, in the absence of end-to-end security, say TLS.
I fail to see how OPES's charter and its yet-to-be-developed protocol
would worsen the existing situation.
By appearing to make it legitimate (as RFC 1918 made NAT appear
legitimate). There is a possible way to deal with this though: require
OPES box to obtain explicit consent from both ends before executing
any content manipulation.
There're certainly discerning properties in edge pluggables that
differentiate them from the rogues amid the cloud. If the protocol
is geared toward such properties, the concern that opes abets mayhem
may become a non-issue, or non-critical issue at most.