[please read this email to the very end, as it requires the attention of the whole WG!]
Hi Ben, all, This is in response to your point 27. I will use a separate thread, as this deserves more attention by the WG. > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Ben Niven-Jenkins > Sent: Friday, April 29, 2011 1:53 PM > To: [email protected] > Subject: [alto] Comments on draft-ietf-alto-reqs-08 > [...] > 27) > REQ. ARv08-55: The ALTO client protocol SHOULD be defined in a way, > that the operator of one ALTO server cannot easily deduce the > resource identifier (e.g., file name in P2P file sharing) which the > resource consumer seeking ALTO guidance wants to access. > > Is the intent > A) A P2P (or other) client does not want to expose themselves or their > clients to revealing the actual resources they intend to > access/distribute; or > B) A P2P (or other) client may be willing to reveal the resource they > intend to access to their local ALTO server but does not want that > information being redistributed? It is A, as an early outcome of WG discussions and finally a WG decision. It is was feared that ALTO could be used to collect information about p2p clients and to further use this information in other contexts. > > Given that ALTO is independent of resource identifier and is about > relationships between end points not between resources it seems to be > an irrelevant requirement. Or if the intent is (A) it is probably Well, one outcome of this requirements is that ALTO is independent of the resource identifier. So this makes this requirement still relevant. > better stated along those lines, e.g. that the ALTO protocol SHOULD NOT > require the specific resource to be accessed to be included in ALTO > requests. Let's wait with the wording until we have finished the point below :) > > I can see that an ALTO server may want to return different responses > depending on the category of resource (or possibly more precisely the > category of consumer) and we don't want to preclude that, e.g. > returning a different response to a P2P client than it would to a CDN. The assumption until now was really focused on the p2p use case and not on the CDN use case. However, I can see that in the CDN use case, an ALTO server may return a different response for CDN. For P2P on the other hand, we definitely do not want to identify the resource category. Adding the possibility to identify the category of resource to the ALTO requirements would require a WG consensus IMHO. The requirements would read along these lines: (a) that the ALTO protocol MUST NOT require the specific resource to be accessed to be included in ALTO requests. (b) that the ALTO protocol SHOULD allow to specify the resource to be accessed to be included in ALTO requests. (a) rules out the requirement to have it in all requests, while (b) allows the protocol to have such a capability. Martin [email protected] NEC Laboratories Europe - Network Research Division NEC Europe Limited | Registered Office: NEC House, 1 Victoria Road, London W3 6BL | Registered in England 2832014 _______________________________________________ alto mailing list [email protected] https://www.ietf.org/mailman/listinfo/alto
