Dear Yingjie, I think the problem of redistributed ALTO-information is not so easy, some comments below.
> -- "However, there is no mean for the peers to verify whether the > information provided is actually intended > for their usage nor if the information is actually accurate at their > current topological position in the Internet " > > Surely, it's very important to verify the usage and the origination of > the > redistributed information. > I don't think accurate information needs to be redistributed. > Actually, there are kinds of general information that are suitable and > helpful to be redistributed. > E.g. kinds of cost between a particular PID and other PIDs is useful to > all > the peers in the particular PID. > What we should do is to guarantee that general information is > redistributed > within the PID area(maybe multicast) or to guarantee that peer only > request > its PID general information. Agreed, there may be certain use-cases where redistribution may not be problematic. But consider the case where certain information provided by an ALTO-server is _relative_ to that ALTO-server's location in the network. If such information gets redistributed, an ALTO-client not being aware of the original ALTO-server's location may misinterpret this information. In other words, by redistributing guidance information, its original semantic might be disguised. I think this is the problem being addressed in Martin's draft and specifically in the quote above. > ---"First of all does this require public/private key pair, where the > public > key is known to each peer and a trusted third party is required. These > requirements are possible to be fulfilled in certain deployments but > are not > in the general Internet deployment case, which in turn limits the > applicability of this protocol. Second, the receiving peer needs to > contact > the ALTO server at least once to obtain the public key part, or it does > need > to contact another server that provides the public key pair." > > First, Redistribution can be an optional part of the protocol, ALTO > server > can decide whether redistribution is adopted according to internet > environment. Second, peer can contact CA, instead of ALTO server, to > obtain > a public key. In P2PSIP-reload, each peer owns a certificate and every > peer > can contact the CA to authenticate the certificate of other peer. > Reload > regards this an acceptable workload to CA. I think the frequence of > obtaining public key from ALTO server is much fewer than the > authentication > in Reload. So that may be not a probolem. > Whatever, the real workload depends on how we design the redistribution > mechanism. Indeed, a CA-hierarchy is the technical solution. However, practically it is not always the case that two hosts on the Internet share a trusted third party, and certainly there is no overall Internet-wide CA hierarchy trusted by all hosts. In P2PSIP-RELOAD, the assumption is that there is an enrollment server, i.e., a certificate authority which certifies identities in the P2P-network (DHT). In other words, any peer who wants to join the P2PSIP network has to enroll with this identity certification service. I do not think that is a reasonable assumption for ALTO and I think this was the point in the quote above. - Jan > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Y.J. Gu > Sent: Mittwoch, 12. August 2009 11:52 > To: 'alto' > Subject: [alto] [ALTO] Comments on [draft-stiemerling-alto-info-redist- > 00] > > I'm very glad that at last someone notice redistribution. > > I'm not totally agree with some opinions in the draft. > > -- "However, there is no mean for the peers to verify whether the > information provided is actually intended > for their usage nor if the information is actually accurate at their > current topological position in the Internet " > > Surely, it's very important to verify the usage and the origination of > the > redistributed information. > I don't think accurate information needs to be redistributed. > Actually, there are kinds of general information that are suitable and > helpful to be redistributed. > E.g. kinds of cost between a particular PID and other PIDs is useful to > all > the peers in the particular PID. > What we should do is to guarantee that general information is > redistributed > within the PID area(maybe multicast) or to guarantee that peer only > request > its PID general information. > > ---"First of all does this require public/private key pair, where the > public > key is known to each peer and a trusted third party is required. These > requirements are possible to be fulfilled in certain deployments but > are not > in the general Internet deployment case, which in turn limits the > applicability of this protocol. Second, the receiving peer needs to > contact > the ALTO server at least once to obtain the public key part, or it does > need > to contact another server that provides the public key pair." > > First, Redistribution can be an optional part of the protocol, ALTO > server > can decide whether redistribution is adopted according to internet > environment. Second, peer can contact CA, instead of ALTO server, to > obtain > a public key. In P2PSIP-reload, each peer owns a certificate and every > peer > can contact the CA to authenticate the certificate of other peer. > Reload > regards this an acceptable workload to CA. I think the frequence of > obtaining public key from ALTO server is much fewer than the > authentication > in Reload. So that may be not a probolem. > Whatever, the real workload depends on how we design the redistribution > mechanism. > > > > Regards > > Yingjie Gu > > > > _______________________________________________ > alto mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/alto _______________________________________________ alto mailing list [email protected] https://www.ietf.org/mailman/listinfo/alto
