[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FW: Issues raised in opes-enforcement and opes-threat conference call

To: <ietf-openproxy@xxxxxxx>
Subject: FW: Issues raised in opes-enforcement and opes-threat conference call
From: <Tat.Chan@xxxxxxxxx>
Date: Mon, 12 Aug 2002 08:22:28 -0400
List-archive: <http://www.imc.org/ietf-openproxy/mail-archive/>
List-id: <ietf-openproxy.imc.org>
List-unsubscribe: <mailto:ietf-openproxy-request@imc.org?body=unsubscribe>
Sender: owner-ietf-openproxy@xxxxxxxxxxxx
Thread-index: AcI/0V7RRcK+A5chROyOwmrQejdezgCKTfzA
Thread-topic: Issues raised in opes-enforcement and opes-threat conference call



>  -----Original Message-----
> From: 	Chan Tat (NRC/Boston)  
> Sent:	August 09, 2002 02:22 PM
> To:	'opes-threat@xxxxxxxxxxxxxxxxxx'; 
> 'opes-enforcement@xxxxxxxxxxxxxxxxxx'
> Subject:	Issues raised in opes-enforcement and 
> opes-threat conference call
> 
> Hi all,
> 
> This is my attempt to summarize some of the issues raised 
> during the opes-enforcement and opes-threat conference call 
> this morning, with the hope to get a discussion going in the 
> mailing lists. So, please provide your comments.
> 
> Basically, the team agreed to go for the enforcement draft 
> first. In the meeting, there are at least these four issues 
> discussed, which should all be included in the enforcement draft. 
> 
> 1. There is a proposal that we have encryption at all points 
> in the OPES architecture. The supporting view is that for 
> environment such as in a VPN, they already have network layer 
> security, for instance, using IPSec. But there is also fear 
> that making this a requirement would scare implementors away. 
> Then again, there is also a view saying that IPSec is kind of 
> gaining momentum. 
> 
> 2. Regarding authorization of OPES devices, do we need to 
> define a separate protocol, or do we just specify the 
> requirements and let the implementors decide on what they want to use.
> 
> 3. Granularity of authorization. How fine-grained should the 
> authorization be? On one end of the spectrum, we can 
> authorize individual OPES devices. Once authorized, the OPES 
> device can perform any kind of transformation. On the other 
> end, we can have service by service authorization, or even 
> per-request authorization. 
> 
> 4. Should end-user only authorization be supported? For 
> instance, if a data consumer wants to perform language 
> translation to the web page he/she requests, should he/she be 
> the one who would authorize the OPES device which performs 
> the transformation. Should the content provider be notified 
> that the content they provide is being modified? There are 
> some copyright issues in there, since the transformation may 
> have already infringed the copyright of the content owner. 
> 
> If I left out anything, I hope the team would add to it. 
> Again, we would like to get a discussion going regarding 
> these issues, so please don't hestitate to provide your 
> valuable comments. 
> 
> Best Regards,
> 
> Tat Chan
> Senior Reserach Engineer
> Nokia Research Center
> NOKIA INC
> 5 Wayside Road, Burlington, MA 01803
> Phone (781) 993-5776, Fax (781) 993-1907
> tat.chan@xxxxxxxxx
>

Follow-Ups:
- Re: FW: Issues raised in opes-enforcement and opes-threat conference call
  - From: Arumugam K

Prev by Date: I-D ACTION:draft-ietf-opes-scenarios-01.txt
Next by Date: Re: FW: Issues raised in opes-enforcement and opes-threat conference call
Previous by thread: I-D ACTION:draft-ietf-opes-scenarios-01.txt
Next by thread: Re: FW: Issues raised in opes-enforcement and opes-threat conference call
Index(es):
- Date
- Thread