I believe we have been supporting Brian's suggestion all along.
There are cases were the end "don't care" and others where
there is conflict:
Client: convert all my pictures to files suitable for my pda
Content owner: never allow my pictures to be shown on a pda
The policy work needs to lead to the tools to resolve this. IMHO the
answer is "CONTENT NOT AVAILABLE" because of a rule
conflict.
At 04:21 PM 6/20/2001 -0500, Brian E Carpenter wrote:
Joseph Hui wrote:
>
> >On Wed, 20 Jun 2001 12:18:32 EDT, Keith Moore said:
> >
> >> but this isn't what's controversial about OPES. what's controversial
> is the notion
> >> that the transformations enabled by OPES might also occur in the
> interior of the
> >> network, without being explicitly authorized by either the source or
> the destination.
> >
> >Amen.
> >
> >A lot of things that OPES wants to do, I might want to use as a content
> provider,
> >or as a content consumer. It's that man-in-the-middle thing that
> bothers me.
> >
> >--
> > Valdis Kletnieks
> > Operating Systems Analyst
> > Virginia Tech
>
> The man-in-the-middle thing can happen irrespective of what OPES does
> or doesn't do, in the absence of end-to-end security, say TLS.
> I fail to see how OPES's charter and its yet-to-be-developed protocol
> would worsen the existing situation.
By appearing to make it legitimate (as RFC 1918 made NAT appear
legitimate). There is a possible way to deal with this though: require an
OPES box to obtain explicit consent from both ends before executing
any content manipulation.
Brian
Michael W. Condry
Director, Network Edge Technology