Hi Jan, See in line pls. Regards
Yingjie Gu > -----Original Message----- > From: Jan Seedorf [mailto:[email protected]] > Sent: Wednesday, August 12, 2009 11:15 PM > To: Y.J. Gu; alto > Subject: RE: [alto] [ALTO] Comments on > [draft-stiemerling-alto-info-redist-00] > > Dear Yingjie, > > I think the problem of redistributed ALTO-information is not > so easy, some comments below. > Agreed, there may be certain use-cases where redistribution > may not be problematic. But consider the case where certain > information provided by an ALTO-server is _relative_ to that > ALTO-server's location in the network. If such information > gets redistributed, an ALTO-client not being aware of the > original ALTO-server's location may misinterpret this > information. In other words, by redistributing guidance > information, its original semantic might be disguised. I > think this is the problem being addressed in Martin's draft > and specifically in the quote above. > I think "Redistribution" should not be unlimited. First of all, not all information is redistributed. Second, redistributed information must include accurate ALTO SERVER INFORMATION, e.g. network position or name, and what kind of information it is, so that client can judge the usage of the information. Last but not least, client must cognize his ALTO SERVER INFORMATION and share a unified information description language among all clients, at least those in one application swarm. Richard Alimi gave excellent examples in his email. Of course, there maybe other methods. By this mean, client can find suitable redistributed information. > Indeed, a CA-hierarchy is the technical solution. However, > practically it is not always the case that two hosts on the > Internet share a trusted third party, and certainly there is > no overall Internet-wide CA hierarchy trusted by all hosts. > In P2PSIP-RELOAD, the assumption is that there is an > enrollment server, i.e., a certificate authority which > certifies identities in the P2P-network (DHT). In other > words, any peer who wants to join the P2PSIP network has to > enroll with this identity certification service. I do not > think that is a reasonable assumption for ALTO and I think > this was the point in the quote above. > > - Jan Instead of an overall trusted third party, a dedicated CA for a particular network position, neither too small nor too big, will work. Applications can make their clients cognize the dedicated CA as they notice clients about dedicated ALTO servers. _______________________________________________ alto mailing list [email protected] https://www.ietf.org/mailman/listinfo/alto
