Markus,
Thanks for your message:
... looking forward to your constructive contributions on
(a) understanding the security implications,
The security implications of breaking the end-to-end model with
general filtering services are such that the most constructive
thing I can suggest is to perform a cost benefit analysis of the
expected added value versus the likely cost of the potential risks.
Then, if the cost benefit analysis is not favorable, recommend
against such services. If it is favorable, you will have learned
more in the analysis than I can presently help you with.
(b) the requirements
There were requirements in the expired draft. I am not sure they
were at all complete. Where is the version of the draft with
the security requirements section referred to on the charter's
web site?
and (c) the solution.
I recommend adopting the end-to-end model, and not trying to build
services which will likely be used to inject aditional advertisements
into what would otherwise be common-carrier traffic, and divert
packet streams of what would otherwise be common-carrier traffic to
third parties.
Is there an alternative solution?
Cheers,
James