Looking at the current draft, a few thoughts....
The usage cases may be too broad. EG, local mirror/caching discovery
for conventional CDN operation doesn't need to rely on alto, and would
probably not benefit, as the conventional CDNs have solved the problem
"good enough", and it also interacts with their OWN secret-sauce.
My thought would be focus on the two useage cases which count:
Bulk data P2P peer localization, and P2P hashtable localization, where
the first is about saving cost while providing the same service, while
the latter is reducing latency.
On security considerations, any open-world P2P system per file can be
tracked from one or more nodes by creating sybils, so ALTO doesn't
make the problem easier, and any P2P system which deliberately hides
this (eg, by onion-routing data) is not going to WANT localization and
increased localization increases the power of traffic analysis.
Thus I believe that ALTO should NOT attempt to be privacy preserving,
because the protocols that use it won't be privacy preserving anyway.
_______________________________________________
alto mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/alto
