client
Click on the red underlined text to get to the source
... For the purpose of these requirements, I will assume that the OP is
implemented using a client-server model, where the OP client is
installed on the user's computer and the server is installed on a
...
... requirements, I will assume that the OP is
implemented using a client-server model, where the OP client is
installed on the user's computer and the server is installed on a
computer run by a law or copyright enforcement organization. OP
...
... installed on the user's computer and the server is installed on a
computer run by a law or copyright enforcement organization. OP
Clients would register with all OP Servers that pertain to the legal
jurisdiction in which the client ...
... Clients would register with all OP Servers that pertain to the legal
jurisdiction in which the client is located each time the computer is
started. OP Servers would then, on whatever schedule they have been
configured to use, send OP Queries ...
... started. OP Servers would then, on whatever schedule they have been
configured to use, send OP Queries to OP Clients to find out if the
computer operator has engaged in an illegal act of interest to the
operator of the OP Server. Future versions ...
...
OR1: The OP client must be able to install itself into all types of
computers over the objections of the computer user.
...
...
Discussion: The OP client would be installed by legal mandate in
all new computers, but since there are hundreds of millions of
existing computers, the OP client ...
... client would be installed by legal mandate in
all new computers, but since there are hundreds of millions of
existing computers, the OP client must be able to install itself
in all of these existing computers in order to afford universal
coverage of all possible miscreants. This installation must be
...
... it.
OR2: True OP clients must not be findable by the computer user by any
means, including commercial virus detectors, but all hackers'
...
... means, including commercial virus detectors, but all hackers'
programs that mimic OP clients must be easily findable by
commercial virus detectors.
...
... Discussion: Since anyone whose intent was to violate the law
would not want the OP client to be watching their action, they
would try to disable the OP client. Thus the OP Client ...
... would not want the OP client to be watching their action, they
would try to disable the OP client. Thus the OP Client, once
installed, should be invisible to all methods ...
... client to be watching their action, they
would try to disable the OP client. Thus the OP Client, once
installed, should be invisible to all methods a user might
...
... even under these circumstances. Meeting this requirement may
require that the OP client be able to reconfigure the user's
machine into a cell phone or to implement GMPLS-WH [GMPLS-WH ...
... GMPLS-WH].
OR4: Neither the operation of the OP client or the OP server must be
able to be spoofed.
...
... create their own
version of an OP client that can fool the OP server. Nor can it
be possible for someone to create their own OP server that can
...
... Discussion: Because of the potential for a user to hide their
illicit activities by mimicking the operation of the OP client
on their machine, it must not be possible to do so. In the same
vein, because of the potential for violating the user's privacy ...
... privacy,
it must not be possible for a non-authorized OP server to be
seen as authorized by OP clients. Since there will be an
arbitrary, and changing, number of OP servers, at least one for
each type of protected material, OP authentication ...
... authorization must be able to be accomplished with no prior
knowledge of a particular OP server by the OP client.
OR5: The OP client ...
... client.
OR5: The OP client must be able to be installed on any portable
device that can be used to play protected material or execute
protected software.
...
... are becoming the preferred method of playing back prerecorded
music and videos, they must all include OP clients. OP clients
must be able to be automatically installed on all such existing
...
... method of playing back prerecorded
music and videos, they must all include OP clients. OP clients
must be able to be automatically installed on all such existing
devices.
...
...
FR1: The OP client must be able to determine the user's intent.
Discussion ...
... bit-for-bit illegal
reproduction. The OP client must be able to differentiate
between copies that were created for the purpose of backup, and
...
... created for the
purpose of illegal distribution. In the case of some types of
software, the OP client must be able to determine the intent of
the user for the software. An example of this need is related
to the U.S. Digital Millennium Copyright Act (DMCA) and similar
...
... good, something which may be illegal under current law.
FR2: The OP client must be able to remotely differentiate between
illegal material and other material with the same file name.
...
... into thinking that the user's file is a protected one.
FR3: The OP client must be able to find illegal copies, even if the
filename has been changed.
...
... work by just changing its name.
FR4: The OP client must be able to find illegal copies, even if the
user has modified the work in some way.
...
... threshold.
FR5: The OP client must not be able to be run by a hacker, and the OP
interface into a user's computer must not be able to be
...
...
Discussion: OP clients will be attractive targets for hackers
since they will have full access within a user's computer. The
...
... since they will have full access within a user's computer. The
interface between the OP client and server must be secure
against all possible hacking attacks.
...
... attacks.
FR6: The OP client must be able to discern the motives of the
operator of the OP server and not run if those motives are not
pure.
...
... Discussion: Since it cannot be assumed that the operators of the
OP server will always have the best motives, the OP client must
be able to reject requests from the OP server if the operator of
the server has an evil (or illegal) intent. For example, the OP
...
... be able to reject requests from the OP server if the operator of
the server has an evil (or illegal) intent. For example, the OP
client must block any operation that might stem from a vendetta
that the OP server operator might have against the user.
...
... that the OP server operator might have against the user.
FR7: The OP client must not be able to be used to extract information
from a user's computer that is unrelated to illegal copies.
...
... In order to minimize the threat to the privacy of the user, the
OP client must not be able to be used to extract information
from the user's computer that is not germane to determining if
the user has illegal copies of works or intends to use protected
...
... works in illegal ways.
FR8: The OP client must be able to differentiate between protected
material that was placed on the user's computer by the user and
...
... third party to put
protected material on a user's computer for the purpose of
incriminating the user. The OP client must be able to know,
with certainty, who placed material on each computer, even in
the cases where a third party ...
... password.
FR9: The OP client must only implement the laws that apply to the
specific computer that it is running on.
...
... Discussion: Since the Internet crosses many legal boundaries, an
OP client will have to know just where, in geo-political space,
the computer it is running in is currently located in order to
know what set of laws to apply when it is scanning the user's
...
... the computer it is running in is currently located in order to
know what set of laws to apply when it is scanning the user's
computer. The OP client must also be able to be automatically
updated if the laws change or the computer is moved to a
location where the laws are different. Note that this
...
... location where the laws are different. Note that this
requirement also implies that the OP client knows where its OP
server is located to know if the client and server are both in
...
... requirement also implies that the OP client knows where its OP
server is located to know if the client and server are both in
the same legal jurisdiction. The OP client must know what to
...
... server is located to know if the client and server are both in
the same legal jurisdiction. The OP client must know what to
do, or not do, when they are not in the same legal jurisdiction.
The OP client ...
... client must know what to
do, or not do, when they are not in the same legal jurisdiction.
The OP client must also include a mechanism to automatically
retrieve any applicable new laws or court decisions and properly
interpret them.
...
...
The OP requires strong authentication of the clients and servers to
ensure that they cannot be spoofed. It also requires the use of
strong integrity ...
... strong integrity technology to ensure that the messages between the
client and server cannot be modified in flight. It also requires
strong encryption to be sure that the communication between the
...
... strong encryption to be sure that the communication between the
client and the server cannot be observed. All of this is required in
an environment where many of the users are in full control of their
computers and will be actively hostile to the reliable operation of
...