but this isn't what's controversial about OPES. what's controversial is
the notion that > the transformations enabled by OPES might also occur in
the interior of the
network, without being explicitly authorized by either the source or the
destination.
Keith,
From what I read from the charter below it seems to at least address some of
your concerns. Answer to these concerns should come from a collaborative
architecture/engineering effort within an IETF WG.
<FROM CHARTER>
Intermediary services provided in this way are not transparent: They have to
be authorized by either the content requestor or the provider, corresponding
to who the service being provided for.
As part of the development of this protocol the working group will produce
an analysis of the security implications of this architecture.
A secondary task for this working group is to enumerate the requirements for
management policies and associated administrative protocols that allow these
services to be specified and deployed. This includes requirements on the
rule systems used to specify conditions under which services are executed.
</FROM CHARTER>
Christian
-----Original Message-----
From: Keith Moore [mailto:moore(_at_)cs(_dot_)utk(_dot_)edu]
Sent: Wednesday, June 20, 2001 9:19 AM
To: Abbie Barbir
Cc: Paul Hoffman / IMC; ietf(_at_)ietf(_dot_)org;
ietf-openproxy(_at_)imc(_dot_)org; Michael
W. Condry
Subject: Re: WG Review: Open Pluggable Edge Services (opes)
Content/data is/are already being
changed/modified/adapted/etc in transit and
the IETF must deal with it sooner or later.
that follows only if the IETF can make a useful contribution
by "dealing with it".
it's not clear whether this is the case.
Ensuring that the edge is dumb is not the way to protect
the end-to-end model.
The proper way to do it is to ensure that the edge is an
extension of the
source/origin.
agree, though I would add "or destination" to the end.
but this isn't what's controversial about OPES. what's
controversial is the notion
that the transformations enabled by OPES might also occur in
the interior of the
network, without being explicitly authorized by either the
source or the destination.
Keith