At 15.20 -0400 2000-04-07, Bill Sommerfeld wrote:
>I think it's important to carefully distinguish between these sorts of
>redirection.  Some clarifying text in the draft to this effect would
>be helpful.

That is what I have asked the authors to do.

The problems with "intercepting proxies" are that:

(1) It breaks the model we use for IP transport. I.e. an IP package 
with a specific destination address doesn't reach that destination. 
As Christian says,that means among other things that IPSEC will not 

(2) On application layer (as Peter Deutch talks about) the user 
through the browser want to contact the service according to a 
specific URL given. I.e. the user asks to communicate with that 
service. That is not what is happening -- and this with neither 
client nor server knowing about it or being informed.

As Ted said, if it is the case that an ISP or whatever wants to have 
a web-proxy or proxy/cacheing mechanism for some reasons, then that 
have to be communicated to the users so they understand why it is 
better for them (faster, cheaper, whatever) to use that proxy instead 
of talking with services directly.

I have no problem whatsoever to have proxies being part of the 
web-model, but I am strongly opposing someone in the middle of the 
communication path intercepting and redirecting IP-packages, as the 
client will not communicate with whoever he wanted.


Reply via email to