Internet Draft                                      Ingrid Melve
draft-melve-clientcache-com-00.txt

                       Client-Cache Communication

Status of this Memo

   This document is an Internet-Draft.  Internet-Drafts are working
   documents of the Internet Engineering Task Force (IETF), its areas,
   and its working groups.  Note that other groups may also distribute
   working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as ``work in progress.''

   To learn the current status of any Internet-Draft, please check the
   ``1id-abstracts.txt'' listing contained in the Internet-Drafts Shadow
   Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe),
   munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or
   ftp.isi.edu (US West Coast).

Abstract

   This document gives an overview of the current state of the art in
   web client proxy configuration.  The two most common ways of
   configuring a client to use proxy are manual configuration and the
   semi-manual Automatic Proxy Configuration (PAC).

   Other proposals are briefly presented.

   Some information on HTTP and security is present, these issues are
   not fully documented in this draft.

Manual configuration

   Manual configuration of web browers is a common way to configure a
   proxy.  Manual configuration of large user communities, with users
   changing preferences, is not a simple and easy task, but rather more
   of a nightmare.

Finding a proxy: PAC

   Netscape Automatic Proxy Configuration
     * [1]Automatic Proxy Configuration




Melve                                                           [Page 1]

Client-Cache Communication          November 1998


   Implemented in most web clients.

   A JavaScript page on a web server hands out information on where to
   find proxies.  Clients need to point at the URL of this page.  No
   bootstrap mechanism, manual configuration necessary.  Manual
   configuration is made easier by centralizing the script to one URL.

   PAC is better than "manual proxy configuration" because with PAC
   administrators can update the proxy configuration without user
   intervention.

   Interoperability of PAC files is not as good as one wanted, since
   more popular browsers have slightly different interpretation of the
   script.

Finding a proxy: WPAD

   Web Proxy Autodiscovery
     * [2]Web Proxy Autodiscovery

   WPAD uses a collection of pre-existing Internet resource discovery
   mechanisms to perform web proxy auto-discovery.

   The only goal of WPAD is to locate the PAC URL.  WPAD does not
   specify which proxies will be used.  WPAD gets you to the PAC URL,
   and the PAC script chooses the proxies for you.

   The WPAD protocol specifies the following:
     * how to use each mechanism for the specific purpose of web proxy
       auto-discovery
     * the order in which the mechanisms should be performed
     * the minimal set of mechanisms which must be attempted by a WPAD
       compliant web client

   The resource discovery mechanisms utilized by WPAD are as follows:
     * Dynamic Host Configuration Protocol DHCP
     * Service Location Protocol SLP
     * "Well Known Aliases" using DNS A records
     * DNS SRV records
     * "service: URLs" in DNS TXT records

   WPAD is a proposal.

CARP

   Cache Array Routing Protocol
     * [3]draft-vinod-carp-v1-03.txt




Melve                                                           [Page 2]

Client-Cache Communication          November 1998


   Clients may use CARP directly as a hash function based proxy
   selection mechanism.  They need to be configured with the location of
   the cluster information.

   CARP is implemented in proxy servers.  ( Actual implementations in
   clients?? )

   The CARP document also specifies a "CARP config file format" so that
   a CARP-cluster proxy can tell a child cache how to configure itself.


HTTP

   HTTP is used for communicating with a web proxy. A web proxy may also
   support other protocols.

   HTTP/1.1 added support for cache directives. These cache directives
   provides information on cacheability of web objects and time to live
   for objects in cache, as well as other information for the cache to
   use.

   The privacy issue goes both ways with proxies.  Proxies may be used
   to anonymize users to web servers, and they may be used to keep track
   of every web movement the user makes.

Security

   Redirecting users through a proxy server gives access to all
   information about usage and content of documents. This may be a
   security risk, or it may create a single check point for communcation
   as in firewalls.

   Access controls based on IP numbers are not indicated in HTTP
   headers, and caches have no way of knowing if a web object was access
   restricted unless additional headers were provided by the web origin
   server.


Acknowledgements

   Thanks to Duane Wessels for comments.

References

   1. http://home.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-
   live.html

   2. http://egg.microsoft.com/wpad/



Melve                                                           [Page 3]

Client-Cache Communication          November 1998


   3. ftp://ftp.nordu.net/internet-drafts/draft-vinod-carp-v1-03.txt


Authors' Addresses

   Ingrid Melve
   UNINETT
   Tempeveien 22, Trondheim, NORWAY
   Phone: +47 73 55 79 07
   Email: Ingrid.Melve@uninett.no









































Melve                                                           [Page 4]