At 09:02 AM 18/04/00 -0600, Vernon Schryver wrote:
>You're mistaken, as America Online's SMTP redirection proxies demonstrate.
>As I pointed out in the main IETF list, AOL is openly redirecting all SMTP
>traffic from their dialups and nominally IP-addresed to the Internet at
>large to boxes operated by AOL. Currently those seem to boxes do no
>more than add SMTP Received: headers, but realsoonnow are supposed to
>added an X-Apparently-From: header and to filter the entire message if
>the box considers it spam.
I don't think I'm mistaken - perhaps I wasn't clear. What I mean is that
ISPs do this for their own customers only. Isn't that what you are saying
AOL does?
The point is that I know of no ISP who applies an interception proxy to,
say, traffic transiting their network from a peer.
>For at least a year, I think HTTP redirection proxies have been operated by
>some ISP's, justified by the familiar efficiency reasoning.
Yes - true...?
>In both cases the ISP must be viewed as a third party, and in
>security terms, a man in the middle.
OK. That is the confusion. I was viewing the ISP as being in the same
administrative domain, at least that is true for most dialup ISPs. In this
case, the customer has a choice to change ISP if they don't like their
policies.
>Yes, and no one I know really objects to those techniques...well, sometimes
>I grumble about it when one of Akamai's servers hiccups as seems to be
>happening a lot this week. And some of those techniques make it between
>hard and impossible to save useful bookmarks.
I suspect that those techniques will ultimately lead to a deprecation in
the use of interception proxies at source (for web traffic). But that is a
few years away and we still have the problem of 100 or so Akamai-like
companies - how does the user determine the closest / best proxy?
I still believe the key is in proxy discovery. Or rather, replica discovery
- since the content will be controlled by the content provider, even if is
distributed by a third party. This will lead to a brokerage system similar
to the peering and transit relationships we have already between ISPs...
but what is still missing is how the user gets told where to look. DNS is
one answer but may not be the best. E.g. I may not want the fastest /
closest but rather the cheapest.
This is what I hope we can start to work on in WREC. But first, we need to
get our current documents rock solid, get some wider review (particularly
of the known problems) and get them published and discussed widely.
John
---------------------------------------------------------------
Network Appliance Direct / Voicemail: +31 23 567 9615
Kruisweg 799 Fax: +31 23 567 9699
NL-2132 NG Hoofddorp Main Office: +31 23 567 9600
---------------------------------------------------------------
This archive was generated by hypermail 2b29 : Thu Nov 18 2004 - 11:21:28 MST