At 15.20 -0400 2000-04-07, Bill Sommerfeld wrote:
>I think it's important to carefully distinguish between these sorts of
>redirection. Some clarifying text in the draft to this effect would
>be helpful.
That is what I have asked the authors to do.
The problems with "intercepting proxies" are that:
(1) It breaks the model we use for IP transport. I.e. an IP package
with a specific destination address doesn't reach that destination.
As Christian says,that means among other things that IPSEC will not
work.
(2) On application layer (as Peter Deutch talks about) the user
through the browser want to contact the service according to a
specific URL given. I.e. the user asks to communicate with that
service. That is not what is happening -- and this with neither
client nor server knowing about it or being informed.
As Ted said, if it is the case that an ISP or whatever wants to have
a web-proxy or proxy/cacheing mechanism for some reasons, then that
have to be communicated to the users so they understand why it is
better for them (faster, cheaper, whatever) to use that proxy instead
of talking with services directly.
I have no problem whatsoever to have proxies being part of the
web-model, but I am strongly opposing someone in the middle of the
communication path intercepting and redirecting IP-packages, as the
client will not communicate with whoever he wanted.
Patrik
