Sebastian,
Thanks for bringing that up. Here's my (libertarian) take: No services
should be required. An ALTO server should be free to implement as many, or
as few, services as needed by its customer base. The IRD provides a
wonderful way to describe the services that an ALTO server chooses to
provide. Let's use it!
I expect that ALTO servers will fall into two broad categories. Some will
be "private" servers. They'll operate behind the scenes, serving a small,
select group of clients, probably internal to network operators. These
ALTO servers will know their clients. They'll provide the services their
clients demand, and skip the unnecessary ones.
The others will be "public" servers. Network providers will advertise
these to the world (e.g., to p2p trackers). If these public servers don't
provide enough services, or they're too hard to use, their potential
clients will simply say "fuggedaboutit" and refuse to use them. (Okay, I'm
a New Jersey girl. I had to get that in sometime!).
In other words, let the marketplace decide what services are necessary.
- Wendy Roome
>From: Sebastian Kiesel <[email protected]>
>Subject: Re: [alto] Security problem: DoS attacks via overload
>
>Wendy,
>
>thanks for bringing this back to our attention again.
>Some thoughts on that:
>......
>4. If we make the full cost map optional, what would be the
> "MUST implement" part of the ALTO protocol? If all map, property,
> and filtering services are optional this may harm interoperability.
_______________________________________________
alto mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/alto
