draft-ietf-cdni-metadata-13.txt   draft-ietf-cdni-metadata-14.txt 
Network Working Group B. Niven-Jenkins Network Working Group B. Niven-Jenkins
Internet-Draft R. Murray Internet-Draft R. Murray
Intended status: Standards Track Velocix (Alcatel-Lucent) Intended status: Standards Track Velocix (Alcatel-Lucent)
Expires: September 22, 2016 M. Caulfield Expires: October 14, 2016 M. Caulfield
Cisco Systems Cisco Systems
K. Ma K. Ma
Ericsson Ericsson
March 21, 2016 April 12, 2016
CDN Interconnection Metadata CDN Interconnection Metadata
draft-ietf-cdni-metadata-13 draft-ietf-cdni-metadata-14
Abstract Abstract
The Content Delivery Networks Interconnection (CDNI) metadata The Content Delivery Networks Interconnection (CDNI) metadata
interface enables interconnected Content Delivery Networks (CDNs) to interface enables interconnected Content Delivery Networks (CDNs) to
exchange content distribution metadata in order to enable content exchange content distribution metadata in order to enable content
acquisition and delivery. The CDNI metadata associated with a piece acquisition and delivery. The CDNI metadata associated with a piece
of content provides a downstream CDN with sufficient information for of content provides a downstream CDN with sufficient information for
the downstream CDN to service content requests on behalf of an the downstream CDN to service content requests on behalf of an
upstream CDN. This document describes both a base set of CDNI upstream CDN. This document describes both a base set of CDNI
skipping to change at page 1, line 47 skipping to change at page 1, line 47
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 22, 2016. This Internet-Draft will expire on October 14, 2016.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 14, line 36 skipping to change at page 14, line 36
retrieve the complete serialized representation of the property sub- retrieve the complete serialized representation of the property sub-
object. object.
Section 6.5 discusses the ability to extend the base set of Section 6.5 discusses the ability to extend the base set of
GenericMetadata objects specified in this document with additional GenericMetadata objects specified in this document with additional
standards-based or vendor specific GenericMetadata objects that might standards-based or vendor specific GenericMetadata objects that might
be defined in the future in separate documents. be defined in the future in separate documents.
dCDNs and tCDNs MUST support parsing of all CDNI metadata objects dCDNs and tCDNs MUST support parsing of all CDNI metadata objects
specified in this document. A dCDN does not have to implement the specified in this document. A dCDN does not have to implement the
underlying functionality represented by the metadata object (though underlying functionality represented by non-structural
that might restrict the content that a given dCDN will be able to GenericMetadata objects (though that might restrict the content that
serve). uCDNs as generators of CDNI metadata only need to support a given dCDN will be able to serve). uCDNs as generators of CDNI
generating the CDNI metadata that they need in order to express the metadata only need to support generating the CDNI metadata that they
policies required by the content they are describing. need in order to express the policies required by the content they
are describing.
CDNI metadata objects MUST be encoded as I-JSON objects [RFC7493] CDNI metadata objects MUST be encoded as I-JSON objects [RFC7493]
containing a dictionary of (key,value) pairs where the keys are the containing a dictionary of (key,value) pairs where the keys are the
property names and the values are the associated property values. property names and the values are the associated property values.
See Section 6.4 for more details of the specific encoding rules for See Section 6.4 for more details of the specific encoding rules for
CDNI metadata objects. CDNI metadata objects.
Note: In the following sections, the term "mandatory-to-specify" is Note: In the following sections, the term "mandatory-to-specify" is
used to convey which properties MUST be included for a given used to convey which properties MUST be included for a given
structural or GenericMetadata object. When mandatory-to-specify is structural or GenericMetadata object. When mandatory-to-specify is
skipping to change at page 15, line 44 skipping to change at page 15, line 45
Example HostIndex object containing two HostMatch objects, where the Example HostIndex object containing two HostMatch objects, where the
first HostMatch object is embedded and the second HostMatch object is first HostMatch object is embedded and the second HostMatch object is
referenced: referenced:
{ {
"hosts": [ "hosts": [
{ {
<Properties of embedded HostMatch object> <Properties of embedded HostMatch object>
}, },
{ {
"type": "MI.HostMatch.v1", "type": "MI.HostMatch",
"href": "http://metadata.ucdn.example/hostmatch1234" "href": "http://metadata.ucdn.example/hostmatch1234"
} }
] ]
} }
4.1.2. HostMatch 4.1.2. HostMatch
The HostMatch object contains a Hostname or IP address to match The HostMatch object contains a Hostname or IP address to match
against content requests. The HostMatch object also contains a against content requests. The HostMatch object also contains a
HostMetadata object to apply if a match is found. HostMetadata object to apply if a match is found.
skipping to change at page 16, line 48 skipping to change at page 16, line 48
<Properties of embedded HostMetadata object> <Properties of embedded HostMetadata object>
} }
} }
Example HostMatch object referencing (via a Link object, see Example HostMatch object referencing (via a Link object, see
Section 4.3.1) a HostMetadata object: Section 4.3.1) a HostMetadata object:
{ {
"host": "video.example.com", "host": "video.example.com",
"host-metadata" : { "host-metadata" : {
"type": "MI.HostMetadata.v1", "type": "MI.HostMetadata",
"href": "http://metadata.ucdn.example/host1234" "href": "http://metadata.ucdn.example/host1234"
} }
} }
4.1.3. HostMetadata 4.1.3. HostMetadata
A HostMetadata object contains the CDNI metadata properties for A HostMetadata object contains the CDNI metadata properties for
content served for a particular host (defined in the HostMatch content served for a particular host (defined in the HostMatch
object) and possibly child PathMatch objects. object) and possibly child PathMatch objects.
skipping to change at page 19, line 15 skipping to change at page 19, line 15
Example PathMatch object referencing the PathMetadata object to use Example PathMatch object referencing the PathMetadata object to use
for URIs that match the case-sensitive URI path pattern "/movies/*" for URIs that match the case-sensitive URI path pattern "/movies/*"
(contained within an embedded PatternMatch object): (contained within an embedded PatternMatch object):
{ {
"path-pattern": { "path-pattern": {
"pattern": "/movies/*", "pattern": "/movies/*",
"case-sensitive": true "case-sensitive": true
}, },
"path-metadata": { "path-metadata": {
"type": "MI.PathMetadata.v1", "type": "MI.PathMetadata",
"href": "http://metadata.ucdn.example/host1234/pathDCE" "href": "http://metadata.ucdn.example/host1234/pathDCE"
} }
} }
4.1.5. PatternMatch 4.1.5. PatternMatch
A PatternMatch object contains the pattern string and flags that A PatternMatch object contains the pattern string and flags that
describe the pattern expression. describe the pattern expression.
Property: pattern Property: pattern
skipping to change at page 24, line 6 skipping to change at page 24, line 6
Type: List of Source objects (see Section 4.2.1.1) Type: List of Source objects (see Section 4.2.1.1)
Mandatory-to-Specify: No. Default is to use static Mandatory-to-Specify: No. Default is to use static
configuration, out-of-band from the metadata interface. configuration, out-of-band from the metadata interface.
Example SourceMetadata object (which contains two Source objects) Example SourceMetadata object (which contains two Source objects)
that describes which servers the dCDN should use for acquiring that describes which servers the dCDN should use for acquiring
content for the applicable URI path and/or host: content for the applicable URI path and/or host:
{ {
"generic-metadata-type": "MI.SourceMetadata.v1" "generic-metadata-type": "MI.SourceMetadata"
"generic-metadata-value": "generic-metadata-value":
{ {
"sources": [ "sources": [
{ {
"endpoints": [ "endpoints": [
"a.service123.ucdn.example", "a.service123.ucdn.example",
"b.service123.ucdn.example" "b.service123.ucdn.example"
], ],
"protocol": "http1.1" "protocol": "http1.1"
}, },
skipping to change at page 26, line 20 skipping to change at page 26, line 20
(blocks) delivery based on the User Agent's location. (blocks) delivery based on the User Agent's location.
Type: List of LocationRule objects (see Section 4.2.2.1) Type: List of LocationRule objects (see Section 4.2.2.1)
Mandatory-to-Specify: No. Default is allow all locations. Mandatory-to-Specify: No. Default is allow all locations.
Example LocationACL object that allows the dCDN to deliver content to Example LocationACL object that allows the dCDN to deliver content to
any location/IP address: any location/IP address:
{ {
"generic-metadata-type": "MI.LocationACL.v1" "generic-metadata-type": "MI.LocationACL"
"generic-metadata-value": "generic-metadata-value":
{ {
} }
} }
Example LocationACL object (which contains a LocationRule object Example LocationACL object (which contains a LocationRule object
which itself contains a Footprint object) that only allows the dCDN which itself contains a Footprint object) that only allows the dCDN
to deliver content to User Agents in the USA: to deliver content to User Agents in the USA:
{ {
"generic-metadata-type": "MI.LocationACL.v1" "generic-metadata-type": "MI.LocationACL"
"generic-metadata-value": "generic-metadata-value":
{ {
"locations": [ "locations": [
{ {
"action": "allow", "action": "allow",
"footprints": [ "footprints": [
{ {
"footprint-type": "countrycode", "footprint-type": "countrycode",
"footprint-value": ["us"] "footprint-value": ["us"]
} }
skipping to change at page 29, line 28 skipping to change at page 29, line 28
Type: List of TimeWindowRule objects (see Section 4.2.3.1) Type: List of TimeWindowRule objects (see Section 4.2.3.1)
Mandatory-to-Specify: No. Default is allow all time windows. Mandatory-to-Specify: No. Default is allow all time windows.
Example TimeWIndowACL object (which contains a TimeWindowRule object Example TimeWIndowACL object (which contains a TimeWindowRule object
which itself contains a TimeWIndow object) that only allows the dCDN which itself contains a TimeWIndow object) that only allows the dCDN
to deliver content to clients between 09:00 01/01/2000 UTC and 17:00 to deliver content to clients between 09:00 01/01/2000 UTC and 17:00
01/01/2000 UTC: 01/01/2000 UTC:
{ {
"generic-metadata-type": "MI.TimeWindowACL.v1" "generic-metadata-type": "MI.TimeWindowACL"
"generic-metadata-value": "generic-metadata-value":
{ {
"times": [ "times": [
{ {
"action": "allow", "action": "allow",
"windows": [ "windows": [
{ {
"start": 946717200, "start": 946717200,
"end": 946746000 "end": 946746000
} }
skipping to change at page 32, line 6 skipping to change at page 32, line 6
denies (blocks) delivery based on delivery protocol. denies (blocks) delivery based on delivery protocol.
Type: List of ProtocolRule objects (see Section 4.2.4.1) Type: List of ProtocolRule objects (see Section 4.2.4.1)
Mandatory-to-Specify: No. Default is allow all protocols. Mandatory-to-Specify: No. Default is allow all protocols.
Example ProtocolACL object (which contains a ProtocolRule object) Example ProtocolACL object (which contains a ProtocolRule object)
that only allows the dCDN to deliver content using HTTP/1.1: that only allows the dCDN to deliver content using HTTP/1.1:
{ {
"generic-metadata-type": "MI.ProtocolACL.v1" "generic-metadata-type": "MI.ProtocolACL"
"generic-metadata-value": "generic-metadata-value":
{ {
"protocol-acl": [ "protocol-acl": [
{ {
"action": "allow", "action": "allow",
"protocols": ["http1.1"] "protocols": ["http1.1"]
} }
] ]
} }
} }
skipping to change at page 33, line 20 skipping to change at page 33, line 20
request. request.
Type: List of Auth objects (see Section 4.2.7) Type: List of Auth objects (see Section 4.2.7)
Mandatory-to-Specify: No. Default is no authorization Mandatory-to-Specify: No. Default is no authorization
required. required.
Example DeliveryAuthorization object (which contains an Auth object): Example DeliveryAuthorization object (which contains an Auth object):
{ {
"generic-metadata-type": "MI.DeliveryAuthorization.v1" "generic-metadata-type": "MI.DeliveryAuthorization"
"generic-metadata-value": "generic-metadata-value":
{ {
"delivery-auth-methods": [ "delivery-auth-methods": [
{ {
"auth-type": <CDNI Payload Type of this Auth object>, "auth-type": <CDNI Payload Type of this Auth object>,
"auth-value": "auth-value":
{ {
<Properties of this Auth object> <Properties of this Auth object>
} }
} }
skipping to change at page 34, line 10 skipping to change at page 34, line 10
Type: List of String Type: List of String
Mandatory-to-Specify: No. Default is to consider query string Mandatory-to-Specify: No. Default is to consider query string
parameters when comparing URIs. parameters when comparing URIs.
Example Cache object that instructs the dCDN to ignore all query Example Cache object that instructs the dCDN to ignore all query
parameters: parameters:
{ {
"generic-metadata-type": "generic-metadata-type":
"MI.Cache.v1" "MI.Cache"
"generic-metadata-value": "generic-metadata-value":
{ {
"ignore-query-string": [] "ignore-query-string": []
} }
} }
Example Cache object that instructs the dCDN to ignore the (case- Example Cache object that instructs the dCDN to ignore the (case-
insensitive) query parameters named "sessionid" and "random": insensitive) query parameters named "sessionid" and "random":
{ {
"generic-metadata-type": "generic-metadata-type":
"MI.Cache.v1" "MI.Cache"
"generic-metadata-value": "generic-metadata-value":
{ {
"ignore-query-string": ["sessionid", "random"] "ignore-query-string": ["sessionid", "random"]
} }
} }
4.2.7. Auth 4.2.7. Auth
An Auth object defines authentication and authorization methods to be An Auth object defines authentication and authorization methods to be
used during content acquisition and content delivery, respectively. used during content acquisition and content delivery, respectively.
skipping to change at page 35, line 7 skipping to change at page 35, line 7
associated with the Registered Auth type. associated with the Registered Auth type.
Type: GenericMetadata Object Type: GenericMetadata Object
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Example Auth object: Example Auth object:
{ {
"generic-metadata-type": "generic-metadata-type":
"MI.Auth.v1" "MI.Auth"
"generic-metadata-value": "generic-metadata-value":
{ {
"auth-type": <CDNI Payload Type of this Auth object>, "auth-type": <CDNI Payload Type of this Auth object>,
"auth-value": "auth-value":
{ {
<Properties of this Auth object> <Properties of this Auth object>
} }
} }
} }
skipping to change at page 35, line 38 skipping to change at page 35, line 38
Type: String Type: String
Mandatory-to-Specify: No. Default is an empty string. Mandatory-to-Specify: No. Default is an empty string.
Example Grouping object that specifies a Content Collection Example Grouping object that specifies a Content Collection
Identifier for the content associated with the Grouping object's Identifier for the content associated with the Grouping object's
parent HostMetdata and PathMetadata: parent HostMetdata and PathMetadata:
{ {
"generic-metadata-type": "generic-metadata-type":
"MI.Grouping.v1" "MI.Grouping"
"generic-metadata-value": "generic-metadata-value":
{ {
"ccid": "ABCD", "ccid": "ABCD",
} }
} }
4.3. CDNI Metadata Simple Data Type Descriptions 4.3. CDNI Metadata Simple Data Type Descriptions
This section describes the simple data types that are used for This section describes the simple data types that are used for
properties of CDNI metadata objects. properties of CDNI metadata objects.
skipping to change at page 36, line 44 skipping to change at page 36, line 44
Mandatory-to-Specify: No. If the container specifies the type Mandatory-to-Specify: No. If the container specifies the type
(e.g., the HostIndex object contains a list of HostMatch (e.g., the HostIndex object contains a list of HostMatch
objects, so a Link object in the list of HostMatch objects must objects, so a Link object in the list of HostMatch objects must
reference a HostMatch), then it is not necessary to explicitly reference a HostMatch), then it is not necessary to explicitly
specify a type. specify a type.
Example Link object referencing a HostMatch object: Example Link object referencing a HostMatch object:
{ {
"type": "MI.HostMatch.v1", "type": "MI.HostMatch",
"href": "http://metadata.ucdn.example/hostmatch1234" "href": "http://metadata.ucdn.example/hostmatch1234"
} }
Example Link object referencing a HostMatch object, without an Example Link object referencing a HostMatch object, without an
explicit type, inside a HostIndex object: explicit type, inside a HostIndex object:
{ {
"hosts": [ "hosts": [
{ {
<Properties of embedded HostMatch object> <Properties of embedded HostMatch object>
skipping to change at page 44, line 37 skipping to change at page 44, line 37
enforce" metadata associated with the content cannot be enforced. enforce" metadata associated with the content cannot be enforced.
6.7. Metadata Conflicts 6.7. Metadata Conflicts
It is possible that new metadata definitions will obsolete or It is possible that new metadata definitions will obsolete or
conflict with existing GenericMetadata (e.g., a future revision of conflict with existing GenericMetadata (e.g., a future revision of
the CDNI metadata interface could redefine the Auth GenericMetadata the CDNI metadata interface could redefine the Auth GenericMetadata
object or a custom vendor extension could implement an alternate Auth object or a custom vendor extension could implement an alternate Auth
metadata option). If multiple metadata (e.g., MI.Auth.v2, metadata option). If multiple metadata (e.g., MI.Auth.v2,
vendor1.Auth, and vendor2.Auth) all conflict with an existing vendor1.Auth, and vendor2.Auth) all conflict with an existing
GenericMetadata object (i.e., MI.Auth.v1) and all are marked as GenericMetadata object (i.e., MI.Auth) and all are marked as
"mandatory-to-enforce", it could be ambiguous which metadata should "mandatory-to-enforce", it could be ambiguous which metadata should
be applied, especially if the functionality of the metadata overlap. be applied, especially if the functionality of the metadata overlap.
As described in Section 3.3, metadata override only applies to As described in Section 3.3, metadata override only applies to
metadata objects of the same exact type found in HostMetadata and metadata objects of the same exact type found in HostMetadata and
nested PathMetadata structures. The CDNI metadata interface does not nested PathMetadata structures. The CDNI metadata interface does not
support enforcement of dependencies between different metadata types. support enforcement of dependencies between different metadata types.
It is the responsibility of the CSP and the CDN operators to ensure It is the responsibility of the CSP and the CDN operators to ensure
that metadata assigned to a given piece of content do not conflict. that metadata assigned to a given piece of content do not conflict.
Note: Because metadata is inherently ordered in HostMetadata and Note: Because metadata is inherently ordered in HostMetadata and
PathMetadata lists, as well as in the PathMatch hierarchy, multiple PathMetadata lists, as well as in the PathMatch hierarchy, multiple
conflicting metadata types MAY be used, however, metadata hierarchies conflicting metadata types MAY be used, however, metadata hierarchies
SHOULD ensure that independent PathMatch root objects are used to SHOULD ensure that independent PathMatch root objects are used to
prevent ambiguous or conflicting metadata definitions. prevent ambiguous or conflicting metadata definitions.
6.8. Versioning 6.8. Versioning
The version of CDNI metadata objects is conveyed inside the CDNI The version of CDNI metadata objects is conveyed inside the CDNI
Payload Type that is included in the HTTP Content-Type header, for Payload Type that is included in the HTTP Content-Type header, for
example: "Content-Type: application/cdni; ptype=MI.HostIndex.v1". example: "Content-Type: application/cdni; ptype=MI.HostIndex". We
Upon responding to a request for an object, a CDNI metadata server intentionally omit the ".v1" on the initial versions of metadata, for
MUST include a Content-Type header with the CDNI Payload Type simplicity. Subsequent versions of those metadata MUST postpend a
containing the version number of the object. HTTP requests sent to a version string (e.g., ".v2"). Upon responding to a request for an
object, a CDNI metadata server MUST include a Content-Type header
with the CDNI Payload Type containing the version number (or
implicitly, version 1) of the object. HTTP requests sent to a
metadata server SHOULD include an Accept header with the CDNI Payload metadata server SHOULD include an Accept header with the CDNI Payload
Type (which includes the version) of the expected object. Metadata Type (which includes the version) of the expected object. Metadata
clients can specify multiple CDNI Payload Types in the Accept header, clients can specify multiple CDNI Payload Types in the Accept header,
for example if a metadata client is capable of processing two for example if a metadata client is capable of processing two
different versions of the same type of object (defined by different different versions of the same type of object (defined by different
CDNI Payload Types) it might decide to include both in the Accept CDNI Payload Types) it might decide to include both in the Accept
header. header.
GenericMetadata objects include a "type" property which specifies the
CDNI Payload Type of the GenericMetadata value. Any document which
defines a new GenericMetadata type MUST specify the version number
which it describes, for example: "MI.Location.v1". The version of
each object defined by this document is version 1.
6.9. Media Types 6.9. Media Types
All CDNI metadata objects use the Media Type "application/cdni". The All CDNI metadata objects use the Media Type "application/cdni". The
CDNI Payload Type for each object then contains the object name of CDNI Payload Type for each object then contains the object name of
that object as defined by this document, prefixed with "MI.". that object as defined by this document, prefixed with "MI.".
Table 4 lists the CDNI Paylod Type for the metadata objects Table 4 lists the CDNI Paylod Type for the metadata objects
(resources) specified in this document. (resources) specified in this document.
+-----------------------+-----------------------------+ +-----------------------+--------------------------+
| Data Object | CDNI Payload Type | | Data Object | CDNI Payload Type |
+-----------------------+-----------------------------+ +-----------------------+--------------------------+
| HostIndex | MI.HostIndex.v1 | | HostIndex | MI.HostIndex |
| HostMatch | MI.HostMatch.v1 | | HostMatch | MI.HostMatch |
| HostMetadata | MI.HostMetadata.v1 | | HostMetadata | MI.HostMetadata |
| PathMatch | MI.PathMatch.v1 | | PathMatch | MI.PathMatch |
| PatternMatch | MI.PatternMatch.v1 | | PatternMatch | MI.PatternMatch |
| PathMetadata | MI.PathMetadata.v1 | | PathMetadata | MI.PathMetadata |
| SourceMetadata | MI.SourceMetadata.v1 | | SourceMetadata | MI.SourceMetadata |
| Source | MI.Source.v1 | | Source | MI.Source |
| LocationACL | MI.LocationACL.v1 | | LocationACL | MI.LocationACL |
| LocationRule | MI.LocationRule.v1 | | LocationRule | MI.LocationRule |
| Footprint | MI.Footprint.v1 | | Footprint | MI.Footprint |
| TimeWindowACL | MI.TimeWindowACL.v1 | | TimeWindowACL | MI.TimeWindowACL |
| TimeWindowRule | MI.TimeWindowRule.v1 | | TimeWindowRule | MI.TimeWindowRule |
| TimeWindow | MI.TineWindow.v1 | | TimeWindow | MI.TineWindow |
| ProtocolACL | MI.ProtocolACL.v1 | | ProtocolACL | MI.ProtocolACL |
| ProtocolRule | MI.ProtocolRule.v1 | | ProtocolRule | MI.ProtocolRule |
| DeliveryAuthorization | MI.DeliveryAuthorization.v1 | | DeliveryAuthorization | MI.DeliveryAuthorization |
| Cache | MI.Cache.v1 | | Cache | MI.Cache |
| Auth | MI.Auth.v1 | | Auth | MI.Auth |
| Grouping | MI.Grouping.v1 | | Grouping | MI.Grouping |
+-----------------------+-----------------------------+ +-----------------------+--------------------------+
Table 4: CDNI Payload Types for CDNI Metadata objects Table 4: CDNI Payload Types for CDNI Metadata objects
6.10. Complete CDNI Metadata Example 6.10. Complete CDNI Metadata Example
A dCDN requests the HostIndex and receive the following object with a A dCDN requests the HostIndex and receive the following object with a
CDNI payload type of "MI.HostIndex.v1": CDNI payload type of "MI.HostIndex":
{ {
"hosts": [ "hosts": [
{ {
"host": "video.example.com", "host": "video.example.com",
"host-metadata" : { "host-metadata" : {
"type": "MI.HostMetadata.v1", "type": "MI.HostMetadata",
"href": "http://metadata.ucdn.example/host1234" "href": "http://metadata.ucdn.example/host1234"
} }
}, },
{ {
"host": "images.example.com", "host": "images.example.com",
"host-metadata" : { "host-metadata" : {
"type": "MI.HostMetadata.v1", "type": "MI.HostMetadata",
"href": "http://metadata.ucdn.example/host5678" "href": "http://metadata.ucdn.example/host5678"
} }
} }
] ]
} }
If the incoming request has a Host header with "video.example.com" If the incoming request has a Host header with "video.example.com"
then the dCDN would fetch the HostMetadata object from then the dCDN would fetch the HostMetadata object from
"http://metadata.ucdn.example/host1234" expecting a CDNI payload type "http://metadata.ucdn.example/host1234" expecting a CDNI payload type
of "MI.HostMetadata.v1": of "MI.HostMetadata":
{ {
"metadata": [ "metadata": [
{ {
"generic-metadata-type": "generic-metadata-type":
"MI.SourceMetadata.v1", "MI.SourceMetadata",
"generic-metadata-value": { "generic-metadata-value": {
"sources": [ "sources": [
{ {
"endpoint": "acq1.ucdn.example", "endpoint": "acq1.ucdn.example",
"protocol": "http1.1" "protocol": "http1.1"
}, },
{ {
"endpoint": "acq2.ucdn.example", "endpoint": "acq2.ucdn.example",
"protocol": "http1.1" "protocol": "http1.1"
} }
] ]
} }
}, },
{ {
"generic-metadata-type": "generic-metadata-type":
"MI.LocationACL.v1", "MI.LocationACL",
"generic-metadata-value": { "generic-metadata-value": {
"locations": [ "locations": [
{ {
"footprints": [ "footprints": [
{ {
"footprint-type": "IPv4CIDR", "footprint-type": "IPv4CIDR",
"footprint-value": "192.0.2.0/24" "footprint-value": "192.0.2.0/24"
} }
], ],
"action": "deny" "action": "deny"
} }
] ]
} }
}, },
{ {
"generic-metadata-type": "generic-metadata-type":
"MI.ProtocolACL.v1", "MI.ProtocolACL",
"generic-metadata-value": { "generic-metadata-value": {
"protocol-acl": [ "protocol-acl": [
{ {
"protocols": [ "protocols": [
"http1.1" "http1.1"
], ],
"action": "allow" "action": "allow"
} }
] ]
} }
} }
], ],
"paths": [ "paths": [
{ {
"path-pattern": { "path-pattern": {
"pattern": "/video/trailers/*" "pattern": "/video/trailers/*"
}, },
"path-metadata": { "path-metadata": {
"type": "MI.PathMetadata.v1", "type": "MI.PathMetadata",
"href": "http://metadata.ucdn.example/host1234/pathABC" "href": "http://metadata.ucdn.example/host1234/pathABC"
} }
}, },
{ {
"path-pattern": { "path-pattern": {
"pattern": "/video/movies/*" "pattern": "/video/movies/*"
}, },
"path-metadata": { "path-metadata": {
"type": "MI.PathMetadata.v1", "type": "MI.PathMetadata",
"href": "http://metadata.ucdn.example/host1234/pathDEF" "href": "http://metadata.ucdn.example/host1234/pathDEF"
} }
} }
] ]
} }
Suppose the path of the requested resource matches the "/video/ Suppose the path of the requested resource matches the "/video/
movies/*" pattern, the next metadata requested would be for movies/*" pattern, the next metadata requested would be for
"http://metadata.ucdn.example/host1234/pathDCE" with an expected CDNI "http://metadata.ucdn.example/host1234/pathDCE" with an expected CDNI
payload type of "MI.PathMetadata.v1": payload type of "MI.PathMetadata":
{ {
"metadata": [], "metadata": [],
"paths": [ "paths": [
{ {
"path-pattern": { "path-pattern": {
"pattern": "/videos/movies/hd/*" "pattern": "/videos/movies/hd/*"
}, },
"path-metadata": { "path-metadata": {
"type": "MI.PathMetadata.v1", "type": "MI.PathMetadata",
"href": "href":
"http://metadata.ucdn.example/host1234/pathDEF/path123" "http://metadata.ucdn.example/host1234/pathDEF/path123"
} }
} }
] ]
} }
Finally, if the path of the requested resource also matches the Finally, if the path of the requested resource also matches the
"/videos/movies/hd/*" pattern, the dCDN would also fetch the "/videos/movies/hd/*" pattern, the dCDN would also fetch the
following object from "http://metadata.ucdn.example/host1234/pathDEF/ following object from "http://metadata.ucdn.example/host1234/pathDEF/
path123" with CDNI payload type "MI.PathMetadata.v1": path123" with CDNI payload type "MI.PathMetadata":
{ {
"metadata": [ "metadata": [
{ {
"generic-metadata-type": "generic-metadata-type":
"MI.TimeWindowACL.v1", "MI.TimeWindowACL",
"generic-metadata-value": { "generic-metadata-value": {
"times": [ "times": [
"windows": [ "windows": [
{ {
"start": "1213948800", "start": "1213948800",
"end": "1327393200" "end": "1327393200"
} }
], ],
"action": "allow" "action": "allow"
] ]
skipping to change at page 50, line 15 skipping to change at page 50, line 15
includes a SourceMetadata, a LocationACL, a ProtocolACL, and a includes a SourceMetadata, a LocationACL, a ProtocolACL, and a
TimeWindowACL. TimeWindowACL.
7. IANA Considerations 7. IANA Considerations
7.1. CDNI Payload Types 7.1. CDNI Payload Types
This document requests the registration of the following CDNI Payload This document requests the registration of the following CDNI Payload
Types under the IANA CDNI Payload Type registry: Types under the IANA CDNI Payload Type registry:
+-----------------------------+---------------+ +--------------------------+---------------+
| Payload Type | Specification | | Payload Type | Specification |
+-----------------------------+---------------+ +--------------------------+---------------+
| MI.HostIndex.v1 | RFCthis | | MI.HostIndex | RFCthis |
| MI.HostMatch.v1 | RFCthis | | MI.HostMatch | RFCthis |
| MI.HostMetadata.v1 | RFCthis | | MI.HostMetadata | RFCthis |
| MI.PathMatch.v1 | RFCthis | | MI.PathMatch | RFCthis |
| MI.PatternMatch.v1 | RFCthis | | MI.PatternMatch | RFCthis |
| MI.PathMetadata.v1 | RFCthis | | MI.PathMetadata | RFCthis |
| MI.SourceMetadata.v1 | RFCthis | | MI.SourceMetadata | RFCthis |
| MI.Source.v1 | RFCthis | | MI.Source | RFCthis |
| MI.LocationACL.v1 | RFCthis | | MI.LocationACL | RFCthis |
| MI.LocationRule.v1 | RFCthis | | MI.LocationRule | RFCthis |
| MI.Footprint.v1 | RFCthis | | MI.Footprint | RFCthis |
| MI.TimeWindowACL.v1 | RFCthis | | MI.TimeWindowACL | RFCthis |
| MI.TimeWindowRule.v1 | RFCthis | | MI.TimeWindowRule | RFCthis |
| MI.TimeWindow.v1 | RFCthis | | MI.TimeWindow | RFCthis |
| MI.ProtocolACL.v1 | RFCthis | | MI.ProtocolACL | RFCthis |
| MI.ProtocolRule.v1 | RFCthis | | MI.ProtocolRule | RFCthis |
| MI.DeliveryAuthorization.v1 | RFCthis | | MI.DeliveryAuthorization | RFCthis |
| MI.Cache.v1 | RFCthis | | MI.Cache | RFCthis |
| MI.Auth.v1 | RFCthis | | MI.Auth | RFCthis |
| MI.Grouping.v1 | RFCthis | | MI.Grouping | RFCthis |
+-----------------------------+---------------+ +--------------------------+---------------+
[RFC Editor: Please replace RFCthis with the published RFC number for [RFC Editor: Please replace RFCthis with the published RFC number for
this document.] this document.]
7.1.1. CDNI MI HostIndex Payload Type 7.1.1. CDNI MI HostIndex Payload Type
Purpose: The purpose of this payload type is to distinguish HostIndex Purpose: The purpose of this payload type is to distinguish HostIndex
MI objects (and any associated capabilitiy advertisement) MI objects (and any associated capabilitiy advertisement)
Interface: MI/FCI Interface: MI/FCI
skipping to change at page 57, line 42 skipping to change at page 57, line 42
Content provider origin and policy information is conveyed through Content provider origin and policy information is conveyed through
the CDNI metadata interface. The distribution of this information to the CDNI metadata interface. The distribution of this information to
another CDN could introduce potential privacy concerns for some another CDN could introduce potential privacy concerns for some
content providers, for example, dCDNs accepting content requests for content providers, for example, dCDNs accepting content requests for
a content provider's content might be able to obtain additional a content provider's content might be able to obtain additional
information and usage patterns relating to the users of a content information and usage patterns relating to the users of a content
provider's services. Content providers with such concerns can provider's services. Content providers with such concerns can
instruct their CDN partners not to use CDN interconnects when instruct their CDN partners not to use CDN interconnects when
delivering that content provider's content. delivering that content provider's content.
An attacker performing a "man in the middle" attack could monitor and An attacker performing a "man in the middle" attack could monitor
prevent caching of metadata in order to obtain usage patters relating metadata in order to obtain usage patterns relating to the users of a
to the users of a content provider's services. content provider's services.
An implementation of the CDNI metadata interface SHOULD use strong An implementation of the CDNI metadata interface SHOULD use strong
encryption and mutual authentication to prevent unauthorized encryption and mutual authentication to prevent unauthorized
monitoring of metadata. monitoring of metadata.
8.5. Securing the CDNI Metadata interface 8.5. Securing the CDNI Metadata interface
An implementation of the CDNI metadata interface MUST support TLS An implementation of the CDNI metadata interface MUST support TLS
transport as per [RFC2818] and [RFC7230]. The use of TLS for transport as per [RFC2818] and [RFC7230]. The use of TLS for
transport of the CDNI metadata interface messages allows: transport of the CDNI metadata interface messages allows:
 End of changes. 38 change blocks. 
98 lines changed or deleted 96 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/