A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : A Rationale for Fine-grained Intermediary-aware End-to-End Protocols
Authors : Dan Druta
Thomas Fossati
Marcus Ihlar
Guenter Klas
Diego R. Lopez
Julian F. Reschke
Filename : draft-reschke-objsec-00.txt
Pages : 12
Date : 2014-10-27
Abstract:
A tremendous growth in different uses of the Internet has led to a
growing need to protect data sent over public networks, including
data sent via HTTP. Resorting to the use of end-to-end TLS and https
for the majority of traffic looks at first like a most feasible
response. However, the more sophisticated the web architecture
becomes as it goes beyond the simple client-server model, the more
the end-to-end use of TLS shows its downside as it excludes the use
of beneficial intermediaries like caches or proxies that provide
instrumental services. The need for greater privacy seems to collide
with the equally growing desire for better end-to-end performance and
user experience. As an example, the use of TLS and https often
appears to maximise the benefit for the first but not the benefit for
the combination of both.
This document describes this dilemma and lays out a number of
objectives of what should ideally be achieved, namely catering for
sufficient security and privacy whilst providing users with the
opportunity to make use of intermediaries' services where considered
beneficial. We then introduce a number of characteristics potential
solutions could have, with the hope that those will steer us towards
suitable protocol mechanisms and data formats. End-to-end protocols
which are aware of intermediaries should enable users and/or content
providers to exercise fine-grained control over what intermediaries
shall be able to do and what exposure to data or metadata they shall
be permitted to get. The document then highlights anticipated
benefits to key stakeholders like users, content providers and
intermediaries. As elements like object security can play a useful
role, we encourage the analysis of related pieces of work in order to
discern their applicability, limitations, and coverage of use cases.
This will allow us to frame an overall architecture and motivate more
detailed work on protocols and mechanisms in the future.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-reschke-objsec/
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-reschke-objsec-00
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
