The Purple Streak, Hilarie Orman wrote:
Are we defining standards that apply to any content transforming
proxy, even those which do not use a callout protocol?
We're chartered to define two things: a "callout protocol" and a
"rules specification method". Obviously, the former applies only to
services using a callout, the later also applies to services that
don't use a callout.
We're further chartered to "draft [a] high-level, overall example OPES
architecture", which is different from "defining a standard".
> Such an entity
might be known as an "IETF standard OPES processor"? From our charter,
I would guess that this is true, and that the callout protocol is a
minor part of the work.
The "high-level, overall example OPES architecture" we're chartered to
*draft* certainly includes this possibility, but I don't see us
chartered to *standardize* it. The draft architecture is expected to
only set the stage for the callout protocol and the rules
specification method.
> However, I'd never really thought of it that
way - we've done so little on authorization, reversibility, "end-to-end"
encryption, policy specification, control by endpoints, tracking,
traceability, etc. that it would be difficult for someone to tell whether
or not a particular content-transforming proxy was "IETF compliant" or not.
Should we be working on this?
I'd say we need to work on this to the extend that we must understand
the implications coming from that for (a) the callout protocol and (b)
the rules specification method.
My impression was that we would have guidelines, but the only thing that
would really be standardized would be a callout protocol and tracing
support. What's the group opinion?
I agree with you, but in addition we're also chartered to standardize
the rules specification method.
-Markus