Interesting discussion. Couple of thoughts:
The use of words such as right and wrong or good an bad applied to the
engineering seem a bit premature, as the "engineering" work
doesn't yet exist. It would be more intellectually honest to say
that the end goal of the proposed work does not match your value system,
which itself may not match the value system of others on this list.
It appears that there are four interests at work here: that of the
network owner, the content provider, the content user, and the
middleman. The role of the middleman may or may not be useful from
the perspective of the other three. Whether and how the middleman
is used may/should involve the explicit knowledge and consent of the
other three interested parties. The network provider may not want
his network abused by the traffic it carries, the content provider may
want control over how it is displayed, the user may want control over
what is presented or not. I would require that the roles and
relationships be detectable and allow all possible relationship
combinations. In the end the market will determine what works and
what doesn't (good/bad).
I have not seen where layering has been violated, as these all seem to be
occurring in the application layer above the core network layers and thus
end-to-end. If I have misunderstood this, then please explain to me
how email is end-to-end.
Perhaps a set of objectives would help clarify/constrain the solution to
an acceptable end-result. It might also be useful to describe some
of the potential middlemen and their functions that would be
"good" to have, as well as some potentail "bad" ones
and how they can be mitigated.
Mike
At 10:11 AM 6/20/2001 -0400, Abbie Barbir wrote:
Paul,
very good points.
Content/data is/are already being
changed/modified/adapted/etc in transit and
the IETF must deal with it sooner or later.
Ensuring that the edge is dumb is not the way to protect the
end-to-end model.
The proper way to do it is to ensure that the edge is an
extension of the
source/origin. OPES can be used as a starting point.
abbie
> -----Original Message-----
> From: Paul Hoffman / IMC [mailto:phoffman(_at_)imc(_dot_)org]
> Sent: Tuesday, June 19, 2001 7:13 PM
> To: ietf(_at_)ietf(_dot_)org; ietf-openproxy(_at_)imc(_dot_)org
> Subject: Re: WG Review: Open Pluggable Edge Services (opes)
>
>
> Has everyone who has a reallyreallyreally strong opinion on this
> matter actually read the charter? Right there near the top, it says:
>
> >Intermediary services provided in this way are not transparent:
> >Either the content requestor or provider will be aware that a
> >tranformation has been performed.
>
> OK, so the spelling is not so great, but it sure is clear. What some
> people seem to be up in arms about is that the IETF would even think
> of helping someone change the content in HTTP. Data mungers are doing
> that already, and it is bad, and it is untraceable. So what should
> the IETF do?
>
> - Bury our head in the sand and at the same time keep yelling
> "end-to-end", thereby getting sand in our mouths and having the other
> people on the beach laugh at our collective and rapidly-aging rear
> ends
>
> - Let some other group create a standard, even though that group
> probably cares much less about both end-to-end integrity or alerting
> one or both sides than the IETF does
>
> - Create a standard that does a really good job of allowing one end
> (or, hopefully both ends) know what has been changed and why, in an
> interoperable fashion
>
> If my data coming or going gets changed, I want to be notified; that
> cannot happen now.
>
> As for the argument about "TLS everywhere", you have to ask who is
> going to pay for it. The end-user cannot demand it; only the server
> can. TLS is universally available today, and servers rarely use it
> for anything other than getting credit cards or passwords.
>
> Data is already being changed, some of in ways that we should really
> be unhappy about, and there is no way for the folks changing it to
> tell either end. OPES gives them that capability. Post-OPES, data
> will still get changed silently without using OPES, but at least
> there can be pressure put on the changers to use OPES so that someone
> sees what is happening. Without OPES, they never will.
>
> --Paul Hoffman, Director
> --Internet Mail Consortium
>
>