Re: Content Vectoring Protocol (CVP)

[Darren Reed <darrenr () reed wattle id au>]

In some email I received from John Labovitz, sie wrote:
> On Tue, Aug 15, 2000 at 11:25:30PM +1000, Darren Reed wrote:
> > If anyone has started work on a spec/requirements for a CVP, can you
> > post a URL for others to review ?
>
> There seemed to be a try, with the CCIAPI project:
>
>     http://www.stardust.com/cciapi/
>
> However, the project is apparently dormant.

Hmmm, if I didn't know better I'd say this was kicked off by Checkpoint
in order to show that their approach was right.

The problem, as I see it, with this approach is that it is upto the
firewall vendor to supply a "binary" library for the other vendor to use,
and in doing so must come up with their own proprietary protocol for the
library to talk to the firewall with.

It means more work for the firewall vendor (need to implement the library
in addition to the firewall end of it) and gives them complete control over
how things work.

The big problem with this is you can't have one content inspection thing
serve two different firewalls because it can only be run against a single
API, whereas if the common element was just a protocol, the web you can
weave is less restricted.

In essence I think it boils down to us needing to define a protocol for
this to work over.

Darren

_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards