RE: Comments to Problem Statement Document 1f

Jo,
Thanks for the explanations. AT&T, as a typical mobile web service
provider, operate proxies for various purposes. Our role in that comes
with certain responsibilities that we must fulfill, and some of those
relate to our control of the service provided by the proxies in
particular contexts. To provide the transformation flexibility
envisioned by BPWG, there is an inherent need for negotiation between
the various entities according to their roles. That negotiation
capability is what is missing in the current standards environment, and
I think forms a key difference that we have with the problem statement.
So I could offer a different proposal for [4], which I think catpures
the flexibility needed:

Re "4. Origin servers must be able to selectively enable or disable
features of transforming proxies.": This should be "Origin servers and
transforming proxies must be able to selectively negotiate use of
transforming proxy features." Further, Requirements [6] and [11] each
are detailed requirements based upon [4].

I agree that the response to negotiation failure e.g. returning an
error, is a consequence of negotiation and can be addressed in the
specifications that follow. But the core requirement that leads to that
response (negotiation itself) is a key problem with the current
standards environment, and should be in the problem statement.

Best regards,
Bryan Sullivan | AT&T | Service Standards
bryan.sullivan@att.com
-----Original Message-----
From: Jo Rabin [mailto:jrabin@mtld.mobi] 
Sent: Thursday, October 11, 2007 9:48 AM
To: Sullivan, Bryan; public-bpwg-ct@w3.org
Subject: RE: Comments to Problem Statement Document 1f

Hi Bryan

Interesting points. 

I suppose that I see this as an issue where the choice is in the hands
of the user and the content provider. Not the intermediary. The
intermediary can be seen as acting on behalf of the user if the user has
given their consent to the proxy so acting. So, if I have signed up to a
bad-word removal service and use it as a proxy and it refuses to honour
the no-transform directive, that's OK. As it's my choice.

Equally the content provider's choice is being thwarted. Consequently I
agree that in this case the proxy should (Or MUST return a response with
a status indicating that it could not comply with both the user's and
the content provider's wishes). However, I think that this is at the
level of a guideline and not a requirement and hence think that this
should feature in that document, not the problem statement. i.e. it's
not a problem today because no one does it. It is a consequence of some
likely proposed solution so should be dealt with in that context.

In any case if the content provider is not prepared to honour the
no-transform directive then the one thing that the proxy must not do is
alter the content and forward it - causing the error message we agree
should be displayed. That means that the server has in fact been
successful in prohibiting transformation.

The wording "request" suggests that the proxy has a choice. And though I
guess we need to work though detailed use cases before saying "never" I
think that in general at least the proxy, and its owner, does not have
that choice of independent action.

Jo


> -----Original Message-----
> From: public-bpwg-ct-request@w3.org
[mailto:public-bpwg-ct-request@w3.org]
> On Behalf Of Sullivan, Bryan
> Sent: 11 October 2007 09:53
> To: public-bpwg-ct@w3.org
> Subject: Comments to Problem Statement Document 1f
> 
> 
> Hi all,
> Here are some comments to the current version
>
http://www.w3.org/2005/MWI/BPWG/Group/TaskForces/CT/editors-drafts/Probl
> emStatement/071008
> 
> Re "4. Origin servers must be able to selectively enable or disable 
> features of transforming proxies.":
> [bryan] I would say here "must be able to request selective enabling
or
> disabling...". It may not be the policy of the CT proxy provider to 
> allow sites to control the proxy's behavior. For example, a CT proxy 
> that removes "bad words" etc as a "Parental Control" feature may not 
> allow content providers to disable this function. Another example is
the
> insertion of content, e.g. footers or ads, which the CT proxy may not 
> allow to be disabled per the service agreement betweem the CT proxy 
> provider and the user. I agree that selective control will be useful, 
> but compliance by the CT proxy cannot be mandated in all cases.
> 
> Re "5. Origin servers and proxies must be able to identify the actual 
> identity of components of the delivery context, including (other) 
> proxies and browsers.":
> [bryan] For proxies, it's not the "identity" that is important but the

> configuration of the proxy for the current delivery context. One proxy

> can provide different CT service for different users and delivery 
> context attributes (e.g. mobile access network in use). What the 
> downstream proxies and origin servers (may) need to know is what the 
> proxy is configured to do in the current context.
> 
> Re "6. Origin servers must be able to prohibit any kind of 
> transformation of its content.":
> [bryan] This should be covered by [4] above, and is subject to the
same
> limitations per CT proxy provider policy.
> 
> Re "2.2.2.2 Non Web Applications":
> [bryan] The same comment as for [6] applies, otherwise an alternate 
> requirement is proposed: "Transforming proxies must be configurable to

> disable transformation for non-web applications, e.g. if
transformation
> would serve no useful purpose or break non-web applications.". The key

> difference here is that the control of the transformation disabling is

> in the configuration of the CT proxy, and thus does not require 
> transformation-control enhancements to arbitrary non-web application 
> protocols.
> 
> Re "2.2.2.3 Legal, Moral and Commercial Issues":
> [bryan] The same comment as for [6] applies.
> 
> Re "11. It must be possible for origin servers selectively to indicate

> that content of various types must not be removed, replaced or
inserted
> by transforming proxies."
> [bryan] This should be covered by [4] above, as a detailed feature of 
> transforming proxies.
> 
> One additional requirement that could be added as a compromise on the 
> policy control issues, is that "Transforming proxies must return an 
> error response to the user agent if the transforming proxy cannot
comply
> with an origin server request to enable or disable a transformation 
> proxy feature".
> 
> Best regards,
> Bryan Sullivan
>

Received on Thursday, 11 October 2007 20:03:56 UTC