Re: AW: [Handle-info] CNRI Handle Extension for Firefox

[Eric Auer <eric.auer@mpi.nl>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi Sean,

> Performance, with the obvious exception of those behind
> strict firewalls

Which might be quite many...

> will be far better (maybe even noticeably!) for clients
> that are capable of sending/receiving UDP messages.

I doubt that people notice how many Handles they can resolve
per second, but it gives a big negative feeling to see that
it takes minutes to resolve ONE Handle because of firewalls.

So my opinion is that the plugin default should be HTTP even
if that reduces maximum speed as estimated by you from 20 to
two Handles resolved per second...

> Security is always improved using the native resolution protocol because
> it avoids the possibility of DNS cache poisoning, DNS messages spoofing,
> and general interference with the non-SSL hdl.handle.net or dx.doi.org

Interesting point. How does performance of "signed native
protocol" compare to "HTTP via SSL" proxy based resolution?

> Reliability... the HTTP protocol has no built-in reliability

You can let the proxy server name point to several servers
for load balancing and fail-over, and the plugin could know
a number of proxy servers to have alternatives if one fails.

> As for scalability, as the number of DOIs and handles continue
> increasing, the proxy system will eventually reach a point where it
> receives too much traffic and is too costly to maintain.

I agree that browser plugins / clients should be configured
to use a nearby proxy, or able to autodetect one in some way.

If there will be a config interface, it can also be used to
enable UDP resolution manually - or even in a scripted way
for those who do mass-installs of Firefox... Having config
interfaces, even GUI ones, is common for Firefox plugins.

Regards, Eric

> On Mar 11, 2009, at 8:49 AM, John S. Erickson wrote:
> 
>> The following was asked earlier, but in gentler terms: Could someone
>> please explain to me the point of the native service, if the rollover
>> and default answer in (arguably) the common case (organizations behind
>> firewalls) is http and the proxy?
>>
>> Given the performance numbers cited in this thread (and if I
>> understand them...), if for some reason I need "native" (quotes
>> intentional) resolution I'll continue to use the iGoogle gadget I
>> wrote a couple years ago (there are now a few others)...which
>> "instantly" resolves and works in all browsers...


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFJt/He99dkROyhRRsRAmbjAJ4w+9svHnK7gZJ2xErNBtPMaKLwWwCeJ5uV
50wEUCGVHgIzMr3Q7aOKUkI=
=0ZBM
-----END PGP SIGNATURE-----


_______________________________________________
Handle-Info mailing list
Handle-Info@cnri.reston.va.us
http://www.handle.net/mailman/listinfo/handle-info