Re: Comments on requirements draft
2009-03-01 16:08:43 GMT
Looking at the current draft, a few thoughts.... The usage cases may be too broad. EG, local mirror/caching discovery for conventional CDN operation doesn't need to rely on alto, and would probably not benefit, as the conventional CDNs have solved the problem "good enough", and it also interacts with their OWN secret-sauce. My thought would be focus on the two useage cases which count: Bulk data P2P peer localization, and P2P hashtable localization, where the first is about saving cost while providing the same service, while the latter is reducing latency. On security considerations, any open-world P2P system per file can be tracked from one or more nodes by creating sybils, so ALTO doesn't make the problem easier, and any P2P system which deliberately hides this (eg, by onion-routing data) is not going to WANT localization and increased localization increases the power of traffic analysis. Thus I believe that ALTO should NOT attempt to be privacy preserving, because the protocols that use it won't be privacy preserving anyway.