|
Awareness of transformation
2001-03-26 14:33:41
This belonged in a separate thread to start with. My apologies for not
breaking it out earlier.
At 17:54 3/23/2001 -0700, Hilarie Orman wrote:
My comments in brackets.
Hilarie
>>> Ian Cooper <icooper(_at_)equinix(_dot_)com> 03/23/01 09:13AM >>>
At 07:21 3/23/2001 -0800, Michael W. Condry wrote:
>Intermediary services provided in this way are not
>transparent: Either the content requestor or provider will
>be aware that a transformation has been performed.
Did we remove the case where the access provider is the one controlling the
transformation?
[The security model will have to clarify this. "Controlling" the
transformation might be a different role than "authorizing" or
"delegating" the transformation. So the access provider may
simply be carrying out the intent of the requestor or provider.]
Also "..the content requestor.. will be aware that a transformation has
been performed". Would this be similar to the notional Warning headers
that I've never seen used in HTTP/1.1? The content consumer may have
requested that services be provided, but when do they know if the trigger
has fired and the transformation has been carried out?
[Again, the security work needs to clarify this; "awareness" might be
as little as "authorization", or as intrusive as "click here for element
transformation 'Language Translation English to Chinese' action".
Agreed that we need to do work in this area - I was trying to get some
discussion going ;-)
What I was trying to get at was the fact that a rule may not trigger for
every request a specific content consumer requests. And the "click here
for action" is rather too intrusive, perhaps. So perhaps this is a
candidate for an update to 2616 for some additional Warning header material?
This is a case where "you signed on the dotted line" doesn't work. The
user may be aware that a certain transformation *could* occur, but I think
they also need to know when it *has* occurred.
So while I agree that there needs to be some work within the security text,
I also think there's a real protocol element to it.
| <Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Charter updates, changes, etc., Michael W. Condry
- Re: Charter updates, changes, etc., Hilarie Orman
- Awareness of transformation,
Ian Cooper <=
- Re: Charter updates, changes, etc., Thomas Hardjono
- Re: Charter updates, changes, etc., Hilarie Orman
- Re: Charter updates, changes, etc., Ian Cooper
- Re: Charter updates, changes, etc., Thomas Hardjono
|
| Previous by Date: |
Re: Charter updates, changes, etc., Hilarie Orman |
| Next by Date: |
Re: Charter updates, changes, etc., Ian Cooper |
| Previous by Thread: |
Re: Charter updates, changes, etc., Hilarie Orman |
| Next by Thread: |
Re: Charter updates, changes, etc., Thomas Hardjono |
| Indexes: |
[Date]
[Thread]
[Top]
[All Lists] |
|
|