| If intermediate systems take actions on behalf of one or more parties | to the communication or affecting the communication, a good rule of | thumb is they should only take actions that are beneficial to or | approved by one or more of the parties, within the operational | parameters of the service-specific protocol, or otherwise unlikely to | lead to widespread evasion by the user community. I think this statement gives dangerously wide latitude for intermediate systems to damage end-to-end-ness. It seems to me that a router should only do something outside fundamental routing behaviour when this has been explicitly approved, either through protocol negotiation or through manual configuration, by sufficiently many affected parties that the others can't tell that anything out of the ordinary is happening. To perceive some action as "beneficial to ... one or more of the parties" does not make it so. Not only is human history in general littered with examples of evil done "for their own good", but also within recent networking history some of the problems that the draft is responding to have been caused by intermediate systems trying to be helpful. A major problem is that most of these attempts to be helpful are attempts to be helpful to humans, which end up being unhelpful to computers and to those humans that interact with computers as we do; few people outside the IETF are truly competent to judge what is beneficial to someone else within the context of computer networking. Do not underestimate the degree to which computer systems are designed by managers. In the nexxt clause, it's not clear whether "within the operational parameters of the service-specific protocol" is intended to be ANDed or ORed with the "beneficial ... or approved ..." clause. If it is intended to be ORed, I find this also to be dangerously broad. Finally, "unlikely to lead to widespread evasion" is another criterion that anyone who needs to be told this rule won't be competent to judge. Overall, I think that, particularly in such an official statement as this, the IAB needs to be very conservative about Internet architectural matters. We should maintain the current situation wherein firewalls are recognisably a breach of the Internet architecture, at least until we've worked out a way to do them that doesn't cause surprising behaviour. This Internet works (ish), and we need to keep it that way: if we break it now, we'll probably never be able to get the popular momentum required to replace it with a new one that works. -zefram