RE: IAB Requirement for OPES

At 12:44 PM 11/19/2001, Ian Cooper wrote:

> The problem here seems to be one of determining when something is an "OPES 
> service".  For example, an existing proxy with no "OPES framework" stuff 
> inside it could be used to gather logs and perform some kind of billing. 
> That wouldn't be covered by this IAB requirement.  A similar system that 
> just happened to have used the OPES framework to provide the 
> logging/billing "plug-in" would be covered.
Humm. A proxy that just does a service is ok to do but a proxy that 
supports a standardized IETF approved set of protocols has to live by 
different rules?


> Issues of "wiretapping" etc. ignored for the timebeing, since these will 
> obviously vary from country to country.  (Urgh, didn't we have a huge 
> "debate" about *that* issue at a plenary?)
>
> I can understand Leslie's comment, but while it's a good thing to try and 
> make sure that OPES does things the right way we already have plenty of 
> systems out there doing similar things in very different ways (which are 
> equally "bad").  I'm not sure that its particularly useful - in this 
> corner case - to be able to point a finger to say "you're not standards 
> compliant because you've not got permission to do that".
>
> --On Monday, November 19, 2001 20:30 +0100 Patrik Johansson 
> <patrik(_at_)lokomo(_dot_)com> wrote:
> > I agree with you Leslie. Reading can definitely be destructive. For me
> > it's like tapping a phone conversation, you "read" without "modifying".
> >
> > By the way, according to Swedish law, if the security police wants to tap
> > a telephone conversation a public prosecutor first must approve. But if
> > one person taking part in the tele conversation is aware of the bugging no
> > approval is needed. You don't even have to be a police to tap it.
> >
> > So I also recommend at least one-party consent for reading.
> >
> > /Patrik
> >
> >
> > > -----Original Message-----
> > > From: owner-ietf-openproxy(_at_)mail(_dot_)imc(_dot_)org
> > > [mailto:owner-ietf-openproxy(_at_)mail(_dot_)imc(_dot_)org]On Behalf Of Leslie 
> > > Daigle
> > > Sent: Monday, November 19, 2001 5:21 PM
> > > To: Markus Hofmann
> > > Cc: Ian Cooper; OPES Group; floyd(_at_)aciri(_dot_)org
> > > Subject: Re: IAB Requirement for OPES
> > >
> > >
> > >
> > > Howdy,
> > >
> > > Speaking for myself, I would propose that even "read only" services
> > > like logging/billing should require at least one-party consent.
> > > It's still a traffic diversion, and reading is sometimes as
> > > destructive
> > > as a modify.
> > >
> > > Leslie.
> > >
> > > Markus Hofmann wrote:
> > > >
> > > > Ian Cooper wrote:
> > > >
> > > > > The examples you give seem more closely related to ones
> > > that could be
> > > > > performed in a proxy, or indeed a router (depending on
> > > which layer you
> > > > > want your logs/bills to consider).  As such I don't
> > > really see what they
> > > > > would have to do with OPES per se., though I can
> > > understand why you're
> > > > > asking the question.
> > > >
> > > > Yup, agreed, the given services are typically more closely
> > > related to
> > > > devices such as the ones you mentioned (hmm..., a "proxy" could
> > > > possible run a local OPES proxylet for logging/billing, what about
> > > > this case?).
> > > >
> > > > I'm just wondering whether this consideration rules out
> > > realizing such
> > > > services in an OPES framework and whether this is intentional or
> > > > whether we need more clarification on this.
> > > >
> > > > -Markus
> > >
> > > --
> > >
> > > -------------------------------------------------------------------
> > > "An essential element of a successful journey
> > >     is recognizing when you have arrived."
> > >    -- ThinkingCat
> > >
> > > Leslie Daigle
> > > leslie(_at_)thinkingcat(_dot_)com
> > > -------------------------------------------------------------------
Michael W. Condry
Director,  Network Edge Technology