ietf-openproxy
[Top] [All Lists]

OCP support

2003-12-30 05:36:03

Alex,
I apologize because the business we talked about and I expected to fund an OPES development has been hampered by an intermediary who wanted to black mail it. It is now stabilizing but without the initial funding I expected. All this disconnected me totally from the work in this group.

Now, I work on contingency plans to develop OPES. As you know I am interested in DNS security and value added. I started rising the concern about the impact of DNS failures for companies, users, nations. This concerns takes off well. Also, I wish to find solutions where I can certify who reached what - for access gateway, certified mail, DNS updates, spam filtering, etc..

I follow three directions in parallel targeting large customers working on their common industrialization of free softwares (a started organization of large and committed organizations)- but to say large says slow.

1. to try to get a legal obligation in here to have a DNS contingency plan to get a DNS insurance. We have right now a vote on the Internet law and I proposed it. We start also dialoguing with the insurances association. The idea is to call for a stand-alone DNS+ system. Nothing fancy but something approved by insurances.

2. to develop a dedicated secure and stable hardware. The idea right now is an OpenBSD version stripped off everything we do not need for a named/Apache/postfix system + network and security control tools. The idea behind the hardware is to stabilize solutions, to deliver binaries only and to get an insurance company/legal stamp on it. A manufacturer is supporting.

3. to build a software architecture as an OPES filter and an OPES processor - probably 8 machines in a team (two for backup)
   - two to carry http, smtp and dns filtering
   - two to carry DNS+ services (named and rerouting)
   - two to carry security checking
   - two controllers (or external softwares)

Kind of services:
- changing the dns request for a reroute, for vernacular name support (from jeanfrançois.fra to jefsey.com), or for critical situations - changing the LHS of mails to permit sending/receiving mails with vernacular addresses to/from ASCII addresses - verifying the origin of the call and the reached site, through external multi channel checking
- introducing access menus in a relation
- gateway access
- weemail support (a project of mine documented in French at http://weemail.org using standard smtp to send value added pointers rather than texts - with a totally different approach for spammers and compatible with existing e-mail).

I would be extremely interested in comments from everyone interested.
jfc

















<Prev in Thread] Current Thread [Next in Thread>