-----Original Message-----
From: Chan Tat (NRC/Boston)
Sent: August 09, 2002 02:22 PM
To: 'opes-threat(_at_)dnrc(_dot_)bell-labs(_dot_)com';
'opes-enforcement(_at_)dnrc(_dot_)bell-labs(_dot_)com'
Subject: Issues raised in opes-enforcement and
opes-threat conference call
Hi all,
This is my attempt to summarize some of the issues raised
during the opes-enforcement and opes-threat conference call
this morning, with the hope to get a discussion going in the
mailing lists. So, please provide your comments.
Basically, the team agreed to go for the enforcement draft
first. In the meeting, there are at least these four issues
discussed, which should all be included in the enforcement draft.
1. There is a proposal that we have encryption at all points
in the OPES architecture. The supporting view is that for
environment such as in a VPN, they already have network layer
security, for instance, using IPSec. But there is also fear
that making this a requirement would scare implementors away.
Then again, there is also a view saying that IPSec is kind of
gaining momentum.
2. Regarding authorization of OPES devices, do we need to
define a separate protocol, or do we just specify the
requirements and let the implementors decide on what they want to use.
3. Granularity of authorization. How fine-grained should the
authorization be? On one end of the spectrum, we can
authorize individual OPES devices. Once authorized, the OPES
device can perform any kind of transformation. On the other
end, we can have service by service authorization, or even
per-request authorization.
4. Should end-user only authorization be supported? For
instance, if a data consumer wants to perform language
translation to the web page he/she requests, should he/she be
the one who would authorize the OPES device which performs
the transformation. Should the content provider be notified
that the content they provide is being modified? There are
some copyright issues in there, since the transformation may
have already infringed the copyright of the content owner.
If I left out anything, I hope the team would add to it.
Again, we would like to get a discussion going regarding
these issues, so please don't hestitate to provide your
valuable comments.
Best Regards,
Tat Chan
Senior Reserach Engineer
Nokia Research Center
NOKIA INC
5 Wayside Road, Burlington, MA 01803
Phone (781) 993-5776, Fax (781) 993-1907
tat(_dot_)chan(_at_)nokia(_dot_)com