W3C home > Mailing lists > Public > public-bpwg-ct@w3.org > October 2007

RE: Scope of CT Guidelines

From: Sullivan, Bryan <BS3131@att.com>
Date: Sun, 28 Oct 2007 22:41:11 -0700
Message-ID: <8080D5B5C113E940BA8A461A91BFFFCD05D93CAF@BD01MSXMB015.US.Cingular.Net>
To: "Jo Rabin" <jrabin@mtld.mobi>, <public-bpwg-ct@w3.org>

Jo,
Based upon your responses I think I better understand your objectives
for the CT guidelines. Here are some further comments:

Re "...it's about what is acceptable behavior in the absence of HTTP
based control, and indeed perhaps what should be done outside of HTTP to
allow the user to exert some control": First I think we need to define
the criteria for "acceptable". I take from your statement that the scope
of the CT guidelines extend to a true "service definition" for CT as an
end-to-end service. That would be an ambitious goal, since it could
include e.g. presentation-layer guidelines on when and how to present
options to the user, with presumably some statefulness, to avoid
repeating the options selection each time a page is accessed. In
extending to such a scope, care would need to be taken to balance the
desire for a specific vision of this "service", without restricting CT
product differentiation and innovation, or the roles of the various
actors involved in the service.

On the ability of the CT proxy to "just say no", I agree it's a little
more complicated that I stated. But this statement was meant to test the
result of the earlier discussion around my comments re policy control
functions of CT proxies. So I think we agree there are cases in which
the CT proxy can differ with the requests of the CP or user. You could
consider error correction (e.g. even extending to normal "tidy"
operation) as a policy of the CT proxy, if it improves the
interoperability of the service. This policy could override a CP's
request for no-transform for errored content, and leave some parts
untouched or at least not functionally modified (e.g. as in tidy).

Consent is a much more complicated issue. From a usability and
reliability view, consent at T&C time (service agreement) is the best
approach. Frequent requirements for explicit consent will drive users
away very fast (how many people blindly click past interstitial dialogs,
and will seek more usable services if the interruptions don't diminish
e.g. though server recording of their preferences). Further, Service
Providers are responsible for the overall quality of experience, and
often have to presume some consent on behalf of the user (e.g. to
correct content errors) as this is by "request of the user" in seeking
an overall reliable service.

On the policy control functions (e.g. content insertion/editing and
optimization), we need to be clear about the objectives. For example, is
the objective to improve the usability of the content, or to specify
when/how to layer in additional value-added services (this may extend
the scope into problematic areas, e.g. those already/being considered in
other SDO's).

Re "The case in which the UA and CP are both unaware is the primary use
case...": If this is the case, I recommend that the guidelines focus on
how the CT proxy can provide this service transparently to the user, or
with at most minimal direct user interaction with the CT proxy at the
presentation layer. For example, to select preferences, the CT proxy can
include "switch to mobile" or "switch to desktop" links in a
header/footer. More sophistication than that (e.g. providing
interstitial menus of options) will burden the user and complicate the
guidelines.

On Non-web UA/applications, there are many non-web HTTP clients that
extend the RFC2616 HTTP methods or use other HTTP extensions such as
specialized status codes, headers, etc. However if we assume that the
scope of the CT guidelines are addressing primarily web browsers,
non-web UA/applications are less of an issue. What I meant by the
assumption is that non-web UA/applications are typically configured to
bypass proxy services for various reasons, including the fact that proxy
non-transparency issues do occur or the more basic fact that the proxy
likely provides little if any value-added service to the non-web
UA/applications (thus proxy providers, e.g. Mobile Network Operators,
have a vested interest in ensuring the non-web UA/applications are
pre-configured to bypass the proxy, if only for capacity reasons).

Re "Is it possible or desirable to distinguish the routing or
transformation options on the basis of URIs?": not typically possible,
as mobile browsers (usually) do not selectively control their proxy
settings. Thus the CT proxy may have to keep an untransformed copy of
the original content and serve it locally (thus the URI will be
different from the original content URI). Note this implies a fairly
considerable cache requirement on the CT proxy, so alternatives should
be considered (e.g. the original URI is included as a parameter to a CT
proxy URI, and upon requests to this URI the CT proxy retrieves the
content referenced by the parameter... But this also may break some
services so it's not a perfect solution either).

I am interested to see to what extent we can reliably specify "crude
control of an "unaware" proxy".

Best regards,
Bryan Sullivan | AT&T | Service Standards
bryan.sullivan@att.com

-----Original Message-----
From: public-bpwg-ct-request@w3.org
[mailto:public-bpwg-ct-request@w3.org] On Behalf Of Jo Rabin
Sent: Thursday, October 25, 2007 1:51 AM
To: public-bpwg-ct@w3.org
Subject: RE: Scope of CT Guidelines


Hi Bryan

Interesting thoughts. Some comments interspersed among your text.

Jo

> -----Original Message-----
> From: public-bpwg-ct-request@w3.org
[mailto:public-bpwg-ct-request@w3.org]
> On Behalf Of Sullivan, Bryan
> Sent: 24 October 2007 09:14
> To: public-bpwg-ct@w3.org
> Subject: RE: Scope of CT Guidelines
> 
> 
> Here is my initial input. Overall I agree with Jo's proposal that the 
> initial CT guidelines should focus on a limited scope. To that purpose
I
> suggest we limit the use cases to the three I mention below. There is 
> still plenty of variation around that e.g. the available 
> representations, who selects them, etc.
> 
> First, some assumptions:
> 
> 1) The focus of the CT guidelines is to enable HTTP-based control of
CT
> for wired web content usability (which includes compatibility and
> effectiveness) by mobile UA.

Yes, it's good to be clear about this. I agree that it is in part about
control, but perhaps more importantly, in the first instance at least,
it's about what is acceptable behaviour in the absence of HTTP based
control, and indeed perhaps what should be done outside of HTTP to allow
the user to exert some control. 

E.g. if my web browser and the site I am accessing know nothing about
the niceties of the CTTF-defined HTTP stuff, and this is the starting
point use case, then we might chose to say that the user SHOULD be
presented with a choice. 

> 
> 2) Given user consent for service via a CT proxy for usability
purposes,
> it's expected that a CT proxy will have no reason to violate a CP or 
> user agent directive related to the CT service, even if the directive
is
> incorrect and results in a poor user experience.
> 
I think that's yet to be decided. Firstly what do we mean by user
consent? Is it sufficient for their consent to be buried in the terms of
service of their network provider? What can they do on a case by case
basis about altering that consent?

Also I think we have yet to decide what to do in cases like:

Server sends dangerous markup (in the sense that a proxy thinks this
will trigger a bug in the UA that results in massive misoperation). User
says that in such cases they want the markup fixed. CP says that their
content is not to be altered under any circumstances (that what I take
"no-transform" to mean, because I the server think you the proxy don't
know as much as I do - and this I think implies we need a less stringent
value to mean that content should not in general be altered but may be
at the request of the user).



> 3) There are other roles for CT proxies, but they are not covered by 
> this guideline. They include CT functions related to generic policy 
> control (e.g. content filtering), content (e.g. ad) insertion, 
> optimization, etc. For these roles there are cases in which a CT proxy

> may violate Content Provider (CP) or user agent directives, thus 
> negotiation or at least error handling may apply in those cases.

Well, I'm not clear that it is as clear cut as that. I think we need to
resolve where we want to go on some of the things you mention. Though it
seems clear to me that we are not in the business of filtering, we
probably do need to say things about ad removal and insertion. And we
almost certainly, in my view, need to say things about optimization.

> 
> 4) For secure services (HTTPS), the CT proxy service would normally be

> bypassed for UA invoking TLS tunneling to the CP via the HTTP Connect 
> method. Alternatively, the CT proxy can rewrite CP URLs as local 
> resources (recreating the WAP gap!), but this may not be acceptable
for
> some CP. Thus unless the CT proxy rewrites CP URLs, it can have no
role
> in CT for secure services.

I think that is a possible conclusion, however I think the group would
need to discuss and resolve this.

> 
> 5) The CT guidelines will focus on CT control and thus assumes at
least
> one of the CP or UA is CT-aware. The case in which both CP and UA are 
> CT-unaware will be typical for years to come, but this is 
> business-as-usual for CT proxies.
> 
The case in which the UA and CP are both unaware is the primary use case
and I think that is the one we are most worried about.

> 6) CT proxies will typically be inserted into the request path by 
> UA/application configuration or network routing. Non-web
UA/applications
> will typically be configured to bypass CT proxies. If required, 
> detection of non-web UA/applications will likely use the same approach

> as for CT-unaware UA detection, e.g. UA header filtering.

I'm not sure I understand this point. Non-Web applications typically
simulate Web applications in order to borrow the Web application's
transport/connectivity. 

> 
> Re in "Magnus's original contribution"
> http://lists.w3.org/Archives/Public/public-bpwg-ct/2007Sep/0014.html
> "The content transformation proxy needs to be able to tell the client 
> browser...where to find the original content if it has been
> transformed.": It seems this would be of no use to the UA unless it
can
> selectively bypass the CT proxy. As well, the original request URI 
> should be the same as the location of the original content, unless the

> CT proxy is rewriting the URLs.

Interesting point. Is it possible or desirable to distinguish the
routing or transformation options on the basis of URIs? 

> 
> Re Jo's email:
> "in theory at least there are 64 different combinations of
aware/capable
> component types in the delivery chain":
> I think we should assume the CT proxy is CT-aware. Otherwise all bets 
> are off; it may ignore the new headers etc that are specified. If you 
> accept that and my assumption (5), there are only three combinations, 
> i.e.
> - CT-unaware CP, CT-aware UA
> - CT-aware CP, CT-unaware UA
> - CT-aware CP, CT-aware UA

I think we need to examine what happens in cases where the proxy is CT
unaware. That probably means making sure we scrutinise RFC 2616 for the
bits that say that proxies MUST pass unchanged ... etc. and hope that
there aren't other bits of HTTP that we didn't spot that contradict
that. Having done that we can be confident that a conforming proxy will
behave consistently with what we are trying to achieve, and that the UA
and CP will both be aware of the proxy's presence, aware that it is CT
unaware, but be unsure as to whether it is transformation capable. By
borrowing existing bits of HTTP like "no-transform" the UA and CP should
still be able to exert crude control of an "unaware" proxy, assuming
that it is RFC 2616 conformant.

> 
> Case 3 "Client goes ahead and simulates desktop...this could land the 
> user in a delay and cost nightmare...":
> UA that attempt to simulate desktops should support advanced HTTP 
> features such as persistent connections and multiple outstanding 
> requests. Other than that, I think it should be outside (these) CT 
> guidelines scope to address optimization. That begins to get into the 
> policy/value-added-service area, in which as I mentioned before, CP or

> UA directives may be violated by the CT proxy.

And as I mentioned above, I'm not clear exactly what represents a
deciding line for "policy" related issues. Also I think that things like
Opera Mini / Onspeed whatever need to be considered in this context.

> 
> Best regards,
> Bryan Sullivan | AT&T | Service Standards bryan.sullivan@att.com 
> -----Original Message-----
> From: public-bpwg-ct-request@w3.org
> [mailto:public-bpwg-ct-request@w3.org] On Behalf Of Jo Rabin
> Sent: Tuesday, October 23, 2007 10:12 AM
> To: public-bpwg-ct@w3.org
> Subject: Scope of CT Guidelines
> 
> 
> I thought it worth making a note and stimulating further discussion 
> following today's productive CT TF call.
> 
> I'm worried that if we step into the space of how to do 3 way content 
> negotiation we will be opening the lid on Pandora's box.
> 
> The starting point, I think, is that there are three types of
component,
> server, proxy and browser. Each of those can be capable of 
> transformation. Add to this that each of them will independently also
be
> aware or unaware of whatever our guidelines state about how to 
> cooperate. So in theory at least there are 64 different combinations
of
> aware/capable component types in the delivery chain. That's a bit too 
> complicated for my taste.
> 
> So I wonder if it's worth considering the question of repurposing the 
> presentation separately from markup and formatting fixups?
> 
> So far as presentation is concerned I think there's a relatively small

> set of cases, though each of them undoubtedly has its own complexity.
> 
> Case 1.
> a) the Server has only a desktop oriented presentation only
> b) the browser has mobile presentation only
> 
> A proxy may have a useful role in re-presenting the content.
> 
> Note though, that in this case, the server's desktop presentation may 
> actually be a universal presentation (call my web pages boring but
they
> are designed to render across all delivery contexts) so in that case
the
> proxy should not interfere either.
> 
> Case 2.
> a) The Server has both a mobile and a desktop experience
> b) Client has mobile experience only
> 
> Server presents mobile experience. Proxy stays out of the way.
> 
> Case 3.
> a) The Server has a desktop oriented presentation only
> b) Client can simulate desktop
> 
> Client goes ahead and simulates desktop
> 
> (There is an argument that says that this could land the user in a
delay
> and cost nightmare. So is that an argument against the concept of 
> simulating desktop on a mobile, or is it an argument for saying that 
> there is a role for transforming proxy to reduce that delay and cost
> nightmare?)
> 
> Also same case as in 1, where the server has a single presentation,
but
> that presentation is suitable across the board.
> 
> Case 4.
> a) The server has a choice of presentations
> b) The client has a choice of presentations
> 
> The user should be able to get either i) the mobile presentation ii)
the
> simulated desktop presentation. That choice may be triggered by 
> selection locally to the client or at the server.
> 
> Case 5.
> 
> Although this looks like a Web request, in fact it isn't. It's some ad

> hoc protocol xmlhttprequest-like thingy.
> 
> (Proxy leaves well alone)
> 
> I'm assuming that this is a more of less complete list of scenarios 
> where the presentation is adjusted at most once.
> 
> Now I think that we can consider on top of this whether the proxy has
a
> role adjusting not the presentation, but details of the formatting - 
> e.g. to tweak the content type header, or to tweak the DOCTYPE to
avoid
> problems. Possibly to re-render images from one format to another.
> 
> To my mind, that is almost certainly enough to do deal with in volume
1
> of the guidelines. I think we should leave the door open to later 
> elaborations that discuss 3 way content negotiation, servers 
> deliberately delegating formatting or presentation tasks to proxies
and
> so on. However all that falls firmly in a volume 2.
> 
> I'm hoping that by restricting the initial scope we stand a chance of 
> meeting the proposed timescales for the deliverable, and of addressing

> in a timely way the key point of the Task Force's existence - which is

> to provide a way for Transforming Proxies to get out of the way of 
> mobile ready content.
> 
> Hope this makes sense and looking forward to comments.
> 
> Jo
Received on Monday, 29 October 2007 05:41:51 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:10:36 GMT