RFC 2187 (rfc2187) - Page 2 of 24

Application of Internet Cache Protocol (ICP), version 2

Alternative Format: Original Text Document
< Previous
Next >
RFC 2187                          ICP                     September 1997


     8.2. Parents, Siblings, Hits and Misses......................... 16
     8.3. Different Roles of ICP..................................... 17
     8.4. Protocol Design Flaws of ICPv2............................. 17
   9.   Security Considerations...................................... 18
     9.1. Inserting Bogus ICP Queries................................ 19
     9.2. Inserting Bogus ICP Replies................................ 19
     9.3. Eavesdropping.............................................. 20
     9.4. Blocking ICP Messages...................................... 20
     9.5. Delaying ICP Messages...................................... 20
     9.6. Denial of Service.......................................... 20
     9.7. Altering ICP Fields........................................ 21
     9.8. Summary.................................................... 22
   10.  References................................................... 23
   11.  Acknowledgments.............................................. 24
   12.  Authors' Addresses........................................... 24

1.  Introduction

   ICP is a lightweight message format used for communicating among Web
   caches.  ICP is used to exchange hints about the existence of URLs in
   neighbor caches.  Caches exchange ICP queries and replies to gather
   information for use in selecting the most appropriate location from
   which to retrieve an object.

   This document describes the implementation of ICP in software.  For a
   description of the protocol and message format, please refer to the
   companion document (RFC 2186).  We avoid making judgments about
   whether or how ICP should be used in particular Web caching
   configurations.  ICP may be a "net win" in some situations, and a
   "net loss" in others.  We recognize that certain practices described
   in this document are suboptimal. Some of these exist for historical
   reasons.  Some aspects have been improved in later versions.  Since
   this document only serves to describe current practices, we focus on
   documenting rather than evaluating.  However, we do address known
   security problems and other shortcomings.

   The remainder of this document is written as follows.  We first
   describe Web cache hierarchies, explain motivation for using ICP, and
   demonstrate how to configure its use in cache hierarchies.  We then
   provide a step-by-step description of an ICP query-response
   transaction.  We then discuss ICP interaction with firewalls, and
   briefly touch on multicasting ICP.  We end with lessons with have
   learned during the protocol development and deployement thus far, and
   the canonical security considerations.

   ICP was initially developed by Peter Danzig, et. al.  at the
   University of Southern California as a central part of hierarchical
   caching in the Harvest research project[3].



Wessels & Claffy             Informational
< Previous
Next >