I think this is long from sorting out. I would like the thoughts of
others on the list in how they view the administrative services
to be done in expected environment. We have represented
the architecture with one Admin server but we expected
there would be one Admin server for many OPES boxes.
How do others feel this will be used and what services will be
provided there?
At 03:54 PM 2/13/2001 -0800, Yang, Lily L wrote:
I sense some confusion here about exactly what goes into the Admin Server.
Or it could just be my own confusion:
The framework draft (http://draft-tomlinson-epsfw-00.txt ) page 11 suggests
that the Admin server performs
1) "downloading of proxylets at a higher trust level" and, I would add --
validation of proxylets (against the local policy, sandbox constraints,
etc.) before loading the proxylet into the OPES boxes.
2) "the collection of accounting and log data, and other administrative
tasks on the service environment caching proxy".
"a standardized logging format" as suggested by Markus might be sufficient
to serve purpose #2 for accounting and logging.
But what about 1)? What do we need to do to facilitate the proxylet loading
from Admin server to the OPES box? Here are just some ideas/alternatives:
-- proxylet meta-data definition
-- proxylet base class API (for loading, updating, deleting, etc.)
-- proxylet loading protocol?
Now what about rules loading? Are the rules loaded onto Admin box first and
compile into internal representation before shipping to OPES box (in binary
format)? Or should it be loaded onto OPES box directly via XML format?
Does it matter at all which model we choose? In first model, Admin box from
Company A then would not be able to talk to OPES box from company B. So to
achieve interoperability, either we stick with the second model, or we
define a standardized binary format. I would vote for the second model then.
Lily
> -----Original Message-----
> From: Markus Hofmann [mailto:hofmann(_at_)bell-labs(_dot_)com]
> Sent: Saturday, February 10, 2001 9:11 AM
> To: Maciocco, Christian; ietf-openproxy(_at_)imc(_dot_)org
> Subject: RE: OPES protocols ?
>
>
> Christian,
>
>
> > - Rule base needs to be delivered to the OPES box. Is there
> > a published format or object APIs for the rule base, or
> > just standardize the delivery of the rule modules ?
>
> First, we need a standardized format/language for the rule modules.
> PSRL tries to address this problem (Note that we will put out an
> updated draft renaming PSRL into IRML - Intermediary Rule Markup
> Language). In addition to the language, we need a standardized way to
> deliver the IRML rule descriptions to the OPES boxes. We probably can
> use some existing protocols and mechanisms for the delivery (secure,
> scalable, etc. - let's start with the requirements for that protocol).
> The OPES box will then translate the IRML rules into an internal rule
> base. What this internal rule base looks like is up to each
> implementor, it's a local implementation issue. There is no need to
> standardize the rule base format/representation. The "outside"
> interface will be the rule markup language.
>
> > Additionally http://draft-tomlinson-epsfw-00.txt shows the
> > Administrative Server. I assume that the intend is to have
> > an OPES box from company A communicates w/ Administration
> > Server from company B. Are there any protocols, accounting
> > requirements defined ?
>
> How about just using a standardized logging format? The OPES box would
> transmit (detailed) log files using a standarized format and a
> standarized protocol (e.g. secure file transfer etc.) to the
> Administration server. The Administration server can then get all the
> information it wants from the log files and do accounting based on
> local decisions.
>
> -Markus
>
>
Michael W. Condry
Director, Network Edge Technology