ietf-openproxy
[Top] [All Lists]

RE: Capability Negotiation for OCP

2003-04-18 09:44:43

On Fri, 18 Apr 2003, Reinaldo Penno wrote:

In order to leverage cached negotiations, we can ask every
negotiation to bear a identification number that is unique. Other
negotiations can refer to it.

Yes, of course, but I am worried about potential security-related
attacks on such cached IDs as well as stale information. For example,
"Yeah, I am the same guy who just talked to you and gave you
negotiation ID 12313". I would like, ideally, to reuse an existing
scheme that allows that sort of optimization rather than invent our
own negotiation caching scheme. Are there other protocols that are
concerned with the cost of renegotiation across independent
transport connections?

Thanks,

Alex.