RE: IAB Requirement for OPES
2001-11-19 14:15:41
At 12:44 PM 11/19/2001, Ian Cooper wrote:
The problem here seems to be one of determining when something is an "OPES
service". For example, an existing proxy with no "OPES framework" stuff
inside it could be used to gather logs and perform some kind of billing.
That wouldn't be covered by this IAB requirement. A similar system that
just happened to have used the OPES framework to provide the
logging/billing "plug-in" would be covered.
Humm. A proxy that just does a service is ok to do but a proxy that
supports a standardized IETF approved set of protocols has to live by
different rules?
Issues of "wiretapping" etc. ignored for the timebeing, since these will
obviously vary from country to country. (Urgh, didn't we have a huge
"debate" about *that* issue at a plenary?)
I can understand Leslie's comment, but while it's a good thing to try and
make sure that OPES does things the right way we already have plenty of
systems out there doing similar things in very different ways (which are
equally "bad"). I'm not sure that its particularly useful - in this
corner case - to be able to point a finger to say "you're not standards
compliant because you've not got permission to do that".
--On Monday, November 19, 2001 20:30 +0100 Patrik Johansson
<patrik(_at_)lokomo(_dot_)com> wrote:
I agree with you Leslie. Reading can definitely be destructive. For me
it's like tapping a phone conversation, you "read" without "modifying".
By the way, according to Swedish law, if the security police wants to tap
a telephone conversation a public prosecutor first must approve. But if
one person taking part in the tele conversation is aware of the bugging no
approval is needed. You don't even have to be a police to tap it.
So I also recommend at least one-party consent for reading.
/Patrik
-----Original Message-----
From: owner-ietf-openproxy(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-openproxy(_at_)mail(_dot_)imc(_dot_)org]On Behalf Of Leslie
Daigle
Sent: Monday, November 19, 2001 5:21 PM
To: Markus Hofmann
Cc: Ian Cooper; OPES Group; floyd(_at_)aciri(_dot_)org
Subject: Re: IAB Requirement for OPES
Howdy,
Speaking for myself, I would propose that even "read only" services
like logging/billing should require at least one-party consent.
It's still a traffic diversion, and reading is sometimes as
destructive
as a modify.
Leslie.
Markus Hofmann wrote:
>
> Ian Cooper wrote:
>
> > The examples you give seem more closely related to ones
that could be
> > performed in a proxy, or indeed a router (depending on
which layer you
> > want your logs/bills to consider). As such I don't
really see what they
> > would have to do with OPES per se., though I can
understand why you're
> > asking the question.
>
> Yup, agreed, the given services are typically more closely
related to
> devices such as the ones you mentioned (hmm..., a "proxy" could
> possible run a local OPES proxylet for logging/billing, what about
> this case?).
>
> I'm just wondering whether this consideration rules out
realizing such
> services in an OPES framework and whether this is intentional or
> whether we need more clarification on this.
>
> -Markus
--
-------------------------------------------------------------------
"An essential element of a successful journey
is recognizing when you have arrived."
-- ThinkingCat
Leslie Daigle
leslie(_at_)thinkingcat(_dot_)com
-------------------------------------------------------------------
Michael W. Condry
Director, Network Edge Technology
|
|