On Thu, 10 Apr 2003, The Purple Streak, Hilarie Orman wrote:
Are we defining standards that apply to any content transforming
proxy, even those which do not use a callout protocol?
Some of our standards will apply to content transforming proxies
(OPES processors) that do not use OCP.
Such an entity
might be known as an "IETF standard OPES processor"?
Something like that. Just "OPES processor" is probably sufficient.
From our charter, I would guess that this is true, and that the
callout protocol is a minor part of the work.
The same conclusion can be derived from already published drafts.
we've done so little on authorization, reversibility, "end-to-end"
encryption, policy specification, control by endpoints, tracking,
traceability, etc. that it would be difficult for someone to tell whether
or not a particular content-transforming proxy was "IETF compliant" or not.
"OPES compliant". IETF may have other standards related to
content-transforming proxies.
It is impossible to tell right now whether something is OPES
compliant, of course.
- tracing: We have made very good progress on tracing (IMO, most major
decisions either have been made or have known options to chose from).
Abbie is already working on the second revision of the draft that will
cover tracing (at least).
- We talked about authorization a little bit (its bypass form)
- I am not sure what reversibility is.
- "end-to-end" encryption seems to be out of scope
- policy specification is out of scope if you mean "privacy policy
specification"
- control by endpoints: same as authorization?
Should we be working on this?
Yes, and we are.
My impression was that we would have guidelines, but the only thing
that would really be standardized would be a callout protocol and
tracing support. What's the group opinion?
and bypass (or other form(s) of authorization)
Alex.