On Tue, 12 Aug 2003, Markus Hofmann wrote:
I don't see the need to formally define the term "OPES system". If
we've the notion of an OPES domain as indicated above - in which
draft and where would we need the term "OPES system"?
Tracing/bypass draft. We need to define either "OPES system" or "OPES
domain" as the primary traceable/addressable entity. OPES system is
not currently defined. OPES domain is semi-defined in
draft-ietf-opes-architecture-04.
Let's simply say that "An OPES domain describes all OPES entities
operated by a single provider". I would assume that's all we need in
the context we talked about.
I have to disagree. If Disney distributes its content with the help of
Akamai, Akamai entities belong to the same OPES domain/system as
Disney entities but are not operated by Disney. In fact, from an end
user or trust point of view, Disney and Akamai are (should be)
indistinguishable in this case -- they form a single OPES
system/domain.
Also, please keep in mind Hilarie's view on the need to identify
every single OPES processor and post your thoughts to the list. If
consensus would be that each single OPES processor needs to be
identified, we might not even need the notion of an "OPES domain".
I think it is totally unrealistic to expect/require every single OPES
processor to be identified in a trace. Moreover, I see no practical
value of such trace for the other side (the side reading the trace).
Internal structure of an OPES system is that system internal matter.
Knowing internals does not help the other side.
Tracing and bypass requirements must be defined for OPES
systems/domains.
Here is where I would start:
OPES system: OPES system is a set of OPES entities
defined for a given application message. The formation of an
OPES system is recursive: OPES system starts with either data
provider or data consumer (for the given message); OPES system
then includes any OPES entity trusted by (accepting authority
from) an entity already in the OPES system. The trust and
authority delegation is viewed in the context of the given
application message. As implied by the above definition, some
OPES entities in the system may not participate in the
processing of a given message.
Or we can use the "coloring" trick from
draft-ietf-opes-architecture-04. Just make sure that the end
(provider/consumer) is included in the OPES domain/system and that the
definition is based on a given message.
The above definition puts both Disney and Akamai into one OPES system,
for a given application message they may process. Moreover, if Disney
uses both Akamai and Mirror Image (or whatever) for content
distribution, the distinction would be made on a per-message
(per-content) basis, which is the right thing to do because Akamai and
Mirror Image do not necessarily belong to the same OPES domain/system.
Alex.