ietf-openproxy
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Notification

2003-04-08 07:54:15
from [Markus Hofmann] [Permanent Link] 

Alex Rousskov wrote:


I expected you to say that notification goes in opposite direction of
tracing and does not (cannot) be attached to application messages that
it notifies about.
Yup, that's my interpretation of "tracing" and "notification". I would further assume that "tracing" is always-on, just as "tracing" mail servers via headers is always-on.
A major concern with notification is scalability. A content provider certainly is not interested in receiving a notification for every HTTP response sent out. As such, a mechanism for explicit request of notification is required. Now, when exactly would a content provider issue such request? How would such mechanism be used? Randomly, or on a statistical basis? Or manually? Is such a scheme of practical relevance?
Privacy is another concern. Maybe a user doesn't want to reveal to any content provider all the OPES services that have been applied on her behalf. For example, why should every content provider know what exact virus scanner I'm using? Wouldn't that help hackers, for example? 


This opposite-direction, outside-of-message scheme is much more
difficult to support and, frankly, I think it would be a waste of time
developing it. However, it is probably very close to what IAB would
prefer (based on what the Considerations RFC they wrote).
I tend to agree with you that the kind of "opposite-direction, outside-of-message scheme" is quite tricky, and IMHO not very practical. Scalability and also privacy are a big concern here.
However, IAB consideration (3.1) suggests a kind of notification along thos lines: 

   (3.1) Notification: The overall OPES framework needs to assist
   content providers in detecting and responding to client-centric
   actions by OPES intermediaries that are deemed inappropriate by the
   content provider.
Section 3.1 of RFC3238 provides the motivation for this consideration, and there are certainly some very valid arguments. However, maybe there're other means to address these concerns?
Probably best if we check-in with our ADs and the IAB at some point, but I'd first like to discuss this a little bit further and solicit input on this very topic from other folks as well. So, please post your comments on this one! 

-Markus
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Notification, Abbie Barbir
Next by Date:  RE: Notification, Alex Rousskov
Previous by Thread:  RE: Notification, Alex Rousskov
Next by Thread:  Re: Notification, Alex Rousskov
Indexes:  [Date] [Thread] [Top] [All Lists]