> > - Packet and request hijacking is A Really Evil Thing. So, one goal
> > is the design of protocol and mechanisms for getting clients to
> > discover this additional structure and use it. It can be as simple
> > as discovering an enterprise's egress proxy to discovering Keith's
> > "oracle".
>
> Depends on who you talk to. Large ISPs and Telcos providing
> Internet access to home users have stated they will not accept solutions
> that require end users to configure browsers (required for any other
> proxy solution). Labeling their requirement of transparency as A Really
> Evil Thing may alienate a potentially large user of caching technology.
Right. Exactly. I'm proposing that wrec propose a protocol or mechanism
so that end users *don't* manually configure browsers. While I agree that
hijacking someone's HTTP request meets the nonconfiguration requirement,
there's a legal question about what happens if transparent caching does
the wrong thing. I think there's a company called Digex (I'd have to
check the NANOG mailing list) that's got some difficulties as the result
of "transparent caching." Another conclusion one can draw from the Digex
incident is that transparent caching has so many special cases that it's
a constantly moving configuration and maintenance target.
I think Paul Vixie could clue us on better reasons to avoid packet and
request hijacking.
Which begs the question: Should wrec propose a protocol for browsers
to discover a caching infrastructure and eliminate the need for request
hijacking?
This may turn out to be simply proposing extensions to DHCP. This may
be non-optimal, but it'd be a start.
> While the explicit proxy is more attractive technically, I think
> this working group should consider other alternatives. For instance,
> could request redirection (aka "hijacking") be implemented in such a way
> that it was not Inherently Evil? Just a thought...
Hijacking requests and packets without the user's explicit permission
or configuration is plainly wrong. Take a scenario where HTTP requests
from HP were being hijacked into a transparent cache unbeknownst to
HP -- there's a lot of information to be gleaned from that cache's log
files about HP activities... I just don't see any reason why hijacking
is good.
-scooter
This archive was generated by hypermail 2b29 : Thu Nov 18 2004 - 11:21:25 MST