Educause Security Discussion mailing list archives
Re: Internet Content Caching Devices
From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Thu, 3 Dec 2009 15:35:16 -0500
On Thu, 03 Dec 2009 09:04:47 EST, Peter Charbonneau said:
We do not block P2P at the present time,
As far as I know, nobody's making a content caching appliance that will cache P2P traffic, so this will probably reduce the effectiveness of a cache. If somebody knows of a P2P-aware cache, feel free to enlighten me.
so there is some concern that the appliance might cache copyrighted content.
Actually, you *know* the content will be copyrighted, because it was almost certainly produced in a country that's a signatory to the Berne conventions, which means it acquires *some* sort of copyright the instant it's created. It's actually harder to get something into true 'public domain' status than you think. The *important* question is "did the owner of the copyright want it to be cached or not". It's a somewhat subtle but important distinction - "might cache copyrighted content" and "might cache *infringing* content" are very different beasts indeed. And it turns out you're *mostly* off the hook on this one, at least in the US. http://www.law.cornell.edu/uscode/html/uscode17/usc_sec_17_00000512----000-.html 17 USC 512 (b) addresses system caching, and for the most part it basically says "if it's in your cache because a user requested it it's not your fault". 17 USC 512 (b)(2)(D) seems to be the hardest one to fulfill: "D) if the person described in paragraph (1)(A) has in effect a condition that a person must meet prior to having access to the material, such as a condition based on payment of a fee or provision of a password or other information, the service provider permits access to the stored material in significant part only to users of its system or network that have met those conditions and only in accordance with those conditions; and " Basically, if the data is behind a paywall only 3 of your users have access to, you can only serve it from your cache to those 3 users. The fun part is determining "is this behind a paywall?" - no I don't have any words of wisdom on this one. 17 USC 512(b)(2)(E) is a takedown section - if you accidentally cached infringing content that somebody else put up without authorization, you need to be able to flush it out of your cache upon request.
Is there an Educause white paper on this already? Has the community determined that they are all junk and not worth the money?
If they're not worth the money, why is Aakamai still in business? :) Seriously, it's all going to be about the hit ratio - what percent of your traffic is cacheable. And quite frankly, I'd expect it won't really do that much to save traffic because most of the time people are hitting all sorts of different pages as they browse the web. The one exception is if there's a "ZOMG! Michael Jackson Died!!" event where everybody is hitting the same page(s) over and over, where it can cut down a lot on the traffic. Of course, those are the moments you most want a cache in place...
Attachment:
_bin
Description:
Current thread:
- Internet Content Caching Devices Peter Charbonneau (Dec 03)
- <Possible follow-ups>
- Re: Internet Content Caching Devices Di Fabio, Andrea (Dec 03)
- Re: Internet Content Caching Devices Valdis Kletnieks (Dec 03)
- Re: Internet Content Caching Devices Joe St Sauver (Dec 03)
- Re: Internet Content Caching Devices Peter Charbonneau (Dec 04)
- Re: Internet Content Caching Devices Valdis Kletnieks (Dec 04)