> > I think the security section misses a comment on 'open' proxies.
> > Probably one of the most common issue on abusing caching proxies today,
> > this should go into the Authentication section, since obviously
> > a proxy here hides the client's IP address from the server,
> > and makes it more difficult to trace the attacker.
>
> It is an issue, but is it an issue with replication and caching, or is
> it a generic proxy issue? I decided to leave it out, as it is proxy
> related and adding caching does not change the picture
>
> > Somehow related would be also implications on IP based authentication,
> > however I'm not sure if this fits into the security section at all ?
>
> When you do IP based authentication at the server,
> you assume that the end-to-end properties of the Internet are intact;
> and you assume that you are connecting client-server (not
> proxy-server). This is another of the cases where proxies and security
> have fun.
>
> The thing to do would probably be to add a clarification that generic
> proxy security issues are not covered.
>
Right. Both belong to proxy security issues, not caching and replication.
But since most people think 'proxy' when they hear 'cache' (myself
included), you probably would be right just to mention in
the security section that these topic are not covered in this draft ?
or don't bother at all ?
Hm, on the other hand, while the title says it's about caching,
most of the contents is about proxies (transparent, reverse and whatever) ..
--w
This archive was generated by hypermail 2b29 : Thu Nov 18 2004 - 11:21:27 MST