ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: WG Review: Open Pluggable Edge Services (opes)

2001-06-20 11:00:03
from [Maciocco, Christian] [Permanent Link] 
but this isn't what's controversial about OPES.  what's controversial is

the notion that > the transformations enabled by OPES might also occur in
the interior of the 

network, without being explicitly authorized by either the source or the

destination.

Keith, 

From what I read from the charter below it seems to at least address some of

your concerns. Answer to these concerns should come from a collaborative
architecture/engineering effort within an IETF WG.

<FROM CHARTER>
Intermediary services provided in this way are not transparent: They have to
be authorized by either the content requestor or the provider, corresponding
to who the service being provided for.

As part of the development of this protocol the working group will produce
an analysis of the security implications of this architecture.  

A secondary task for this working group is to enumerate the requirements for
management policies and associated administrative protocols that allow these
services to be specified and deployed. This includes requirements on the
rule systems used to specify conditions under which services are executed. 
</FROM CHARTER>

Christian



-----Original Message-----
From: Keith Moore [mailto:moore(_at_)cs(_dot_)utk(_dot_)edu]
Sent: Wednesday, June 20, 2001 9:19 AM
To: Abbie Barbir
Cc: Paul Hoffman / IMC; ietf(_at_)ietf(_dot_)org; 
ietf-openproxy(_at_)imc(_dot_)org; Michael
W. Condry
Subject: Re: WG Review: Open Pluggable Edge Services (opes) 




Content/data is/are already being 

changed/modified/adapted/etc  in transit and

the IETF must deal with it sooner or later.


that follows only if the IETF can make a useful contribution 
by "dealing with it".
it's not clear whether this is the case.
 

Ensuring that the edge is dumb is not the way to protect 

the end-to-end model.

The proper way to do it is to ensure that the edge is an 

extension of the

source/origin. 


agree, though I would add "or destination" to the end.

but this isn't what's controversial about OPES.  what's 
controversial is the notion 
that the transformations enabled by OPES might also occur in 
the interior of the 
network, without being explicitly authorized by either the 
source or the destination.

Keith
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: WG Review: Open Pluggable Edge Services (opes), hardie
Next by Date:  Re: WG Review: Open Pluggable Edge Services (opes), Paul Hoffman / IMC
Previous by Thread:  Re: WG Review: Open Pluggable Edge Services (opes), Vernon Schryver
Next by Thread:  Re: WG Review: Open Pluggable Edge Services (opes), Keith Moore
Indexes:  [Date] [Thread] [Top] [All Lists]