[squid-dev] [RFC] Dynamic Hostnames and urls and StoreID, what do you think?

[Eliezer Croitoru]

Currently the Internet is in a more of a "static" state and there are 
couple moving parts in this whole big system.
Most of it is "binded" by the ipv4 and the domain name system.
With the developments of encryption including Diffie–Hellman and couple 
other ideas I have seen that it is possible that in the future(distance 
or not.) there is a possibility for a change in how things works.
Currently Google implements couple "moving" targets in their systems 
that gives them the option to redirect from one point to another in 
couple layers\levels and it's nice but it means that StoreID now is 
built based on the assumption or the idea of semi-static targets.

 From the admin point of view or the script, the target needs to be 
known in advance to the actual fetch. In the not so long past 
Google\YouTube "cachers" used a nice trick that was described by Amos as 
"redirection attack" in order to prepare for an attack. Sometimes it was 
on specific hosts and in others it was on specific urls\objects.
I tried to track this issue for a very long time and it seems that these 
attacks was mitigated by Google\YouTube by adding the HTTPS level.

Now that we have ssl-bump in a very good shape I was wondering to 
myself, what would be the next move of Google\YouTube service?
Moving targets around the globe 24/7?
What or Why actually Google\YouTube care about when some local ISP or an 
internal proxy caches their content services?

I am looking for couple new angles to look at the subject, please share 
your opinion about the subject and also if you think I have a wrong one 
please add comments.

Eliezer

* Saying to someone as a joke in the middle of the work "Somebody from 
Google was just looking for you." was one of the devious things I have 
heard in my life!!!