draft-ietf-cdni-metadata-21.txt   rfc8006.txt 
Network Working Group B. Niven-Jenkins Internet Engineering Task Force (IETF) B. Niven-Jenkins
Internet-Draft R. Murray Request for Comments: 8006 R. Murray
Intended status: Standards Track Velocix (Alcatel-Lucent) Category: Standards Track Nokia
Expires: March 1, 2017 M. Caulfield ISSN: 2070-1721 M. Caulfield
Cisco Systems Cisco Systems
K. Ma K. Ma
Ericsson Ericsson
August 28, 2016 December 2016
CDN Interconnection Metadata Content Delivery Network Interconnection (CDNI) Metadata
draft-ietf-cdni-metadata-21
Abstract Abstract
The Content Delivery Networks Interconnection (CDNI) metadata The Content Delivery Network Interconnection (CDNI) Metadata
interface enables interconnected Content Delivery Networks (CDNs) to interface enables interconnected Content Delivery Networks (CDNs) to
exchange content distribution metadata in order to enable content exchange content distribution metadata in order to enable content
acquisition and delivery. The CDNI metadata associated with a piece acquisition and delivery. The CDNI Metadata associated with a piece
of content provides a downstream CDN with sufficient information for of content provides a downstream CDN with sufficient information for
the downstream CDN to service content requests on behalf of an the downstream CDN to service content requests on behalf of an
upstream CDN. This document describes both a base set of CDNI upstream CDN. This document describes both a base set of CDNI
metadata and the protocol for exchanging that metadata. Metadata and the protocol for exchanging that metadata.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This is an Internet Standards Track document.
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 7841.
This Internet-Draft will expire on March 1, 2017. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc8006.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4 1. Introduction ....................................................5
1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 5 1.1. Terminology ................................................5
1.2. Supported Metadata Capabilities . . . . . . . . . . . . . 5 1.2. Supported Metadata Capabilities ............................6
2. Design Principles . . . . . . . . . . . . . . . . . . . . . . 6 2. Design Principles ...............................................7
3. CDNI Metadata object model . . . . . . . . . . . . . . . . . 7 3. CDNI Metadata Object Model ......................................8
3.1. HostIndex, HostMatch, HostMetadata, PathMatch, 3.1. HostIndex, HostMatch, HostMetadata, PathMatch,
PatternMatch and PathMetadata objects . . . . . . . . . . 8 PatternMatch, and PathMetadata Objects .....................9
3.2. Generic CDNI Metadata Objects . . . . . . . . . . . . . . 10 3.2. Generic CDNI Metadata Objects .............................11
3.3. Metadata Inheritance and Override . . . . . . . . . . . . 13 3.3. Metadata Inheritance and Override .........................14
4. CDNI Metadata objects . . . . . . . . . . . . . . . . . . . . 14 4. CDNI Metadata Objects ..........................................15
4.1. Definitions of the CDNI structural metadata objects . . . 15 4.1. Definitions of the CDNI Structural Metadata Objects .......16
4.1.1. HostIndex . . . . . . . . . . . . . . . . . . . . . . 15 4.1.1. HostIndex ..........................................16
4.1.2. HostMatch . . . . . . . . . . . . . . . . . . . . . . 15 4.1.2. HostMatch ..........................................17
4.1.3. HostMetadata . . . . . . . . . . . . . . . . . . . . 17 4.1.3. HostMetadata .......................................18
4.1.4. PathMatch . . . . . . . . . . . . . . . . . . . . . . 18 4.1.4. PathMatch ..........................................19
4.1.5. PatternMatch . . . . . . . . . . . . . . . . . . . . 19 4.1.5. PatternMatch .......................................20
4.1.6. PathMetadata . . . . . . . . . . . . . . . . . . . . 20 4.1.6. PathMetadata .......................................21
4.1.7. GenericMetadata . . . . . . . . . . . . . . . . . . . 21 4.1.7. GenericMetadata ....................................23
4.2. Definitions of the initial set of CDNI Generic Metadata 4.2. Definitions of the Initial Set of CDNI
objects . . . . . . . . . . . . . . . . . . . . . . . . . 23 GenericMetadata Objects ...................................24
4.2.1. SourceMetadata . . . . . . . . . . . . . . . . . . . 23 4.2.1. SourceMetadata .....................................24
4.2.1.1. Source . . . . . . . . . . . . . . . . . . . . . 24 4.2.1.1. Source ....................................25
4.2.2. LocationACL Metadata . . . . . . . . . . . . . . . . 25 4.2.2. LocationACL Metadata ...............................26
4.2.2.1. LocationRule . . . . . . . . . . . . . . . . . . 27 4.2.2.1. LocationRule ..............................28
4.2.2.2. Footprint . . . . . . . . . . . . . . . . . . . . 27 4.2.2.2. Footprint .................................29
4.2.3. TimeWindowACL . . . . . . . . . . . . . . . . . . . . 29 4.2.3. TimeWindowACL ......................................30
4.2.3.1. TimeWindowRule . . . . . . . . . . . . . . . . . 30 4.2.3.1. TimeWindowRule ............................31
4.2.3.2. TimeWindow . . . . . . . . . . . . . . . . . . . 31 4.2.3.2. TimeWindow ................................32
4.2.4. ProtocolACL Metadata . . . . . . . . . . . . . . . . 31 4.2.4. ProtocolACL Metadata ...............................33
4.2.4.1. ProtocolRule . . . . . . . . . . . . . . . . . . 32 4.2.4.1. ProtocolRule ..............................34
4.2.5. DeliveryAuthorization Metadata . . . . . . . . . . . 33 4.2.5. DeliveryAuthorization Metadata .....................35
4.2.6. Cache . . . . . . . . . . . . . . . . . . . . . . . . 34 4.2.6. Cache ..............................................35
4.2.7. Auth . . . . . . . . . . . . . . . . . . . . . . . . 36 4.2.7. Auth ...............................................37
4.2.8. Grouping . . . . . . . . . . . . . . . . . . . . . . 37 4.2.8. Grouping ...........................................38
4.3. CDNI Metadata Simple Data Type Descriptions . . . . . . . 37 4.3. CDNI Metadata Simple Data Type Descriptions ...............39
4.3.1. Link . . . . . . . . . . . . . . . . . . . . . . . . 37 4.3.1. Link ...............................................39
4.3.1.1. Link Loop Prevention . . . . . . . . . . . . . . 39 4.3.1.1. Link Loop Prevention ......................40
4.3.2. Protocol . . . . . . . . . . . . . . . . . . . . . . 39 4.3.2. Protocol ...........................................40
4.3.3. Endpoint . . . . . . . . . . . . . . . . . . . . . . 39 4.3.3. Endpoint ...........................................40
4.3.4. Time . . . . . . . . . . . . . . . . . . . . . . . . 40 4.3.4. Time ...............................................41
4.3.5. IPv4CIDR . . . . . . . . . . . . . . . . . . . . . . 40 4.3.5. IPv4CIDR ...........................................41
4.3.6. IPv6CIDR . . . . . . . . . . . . . . . . . . . . . . 40 4.3.6. IPv6CIDR ...........................................42
4.3.7. ASN . . . . . . . . . . . . . . . . . . . . . . . . . 41 4.3.7. ASN ................................................42
4.3.8. CountryCode . . . . . . . . . . . . . . . . . . . . . 41 4.3.8. Country Code .......................................42
5. CDNI Metadata Capabilities . . . . . . . . . . . . . . . . . 41 5. CDNI Metadata Capabilities .....................................42
6. CDNI Metadata interface . . . . . . . . . . . . . . . . . . . 42 6. CDNI Metadata Interface ........................................43
6.1. Transport . . . . . . . . . . . . . . . . . . . . . . . . 42 6.1. Transport .................................................44
6.2. Retrieval of CDNI Metadata resources . . . . . . . . . . 43 6.2. Retrieval of CDNI Metadata Resources ......................44
6.3. Bootstrapping . . . . . . . . . . . . . . . . . . . . . . 44 6.3. Bootstrapping .............................................45
6.4. Encoding . . . . . . . . . . . . . . . . . . . . . . . . 44 6.4. Encoding ..................................................46
6.5. Extensibility . . . . . . . . . . . . . . . . . . . . . . 45 6.5. Extensibility .............................................46
6.6. Metadata Enforcement . . . . . . . . . . . . . . . . . . 46 6.6. Metadata Enforcement ......................................47
6.7. Metadata Conflicts . . . . . . . . . . . . . . . . . . . 46 6.7. Metadata Conflicts ........................................47
6.8. Versioning . . . . . . . . . . . . . . . . . . . . . . . 47 6.8. Versioning ................................................48
6.9. Media Types . . . . . . . . . . . . . . . . . . . . . . . 48 6.9. Media Types ...............................................49
6.10. Complete CDNI Metadata Example . . . . . . . . . . . . . 48 6.10. Complete CDNI Metadata Example ...........................50
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 52 7. IANA Considerations ............................................54
7.1. CDNI Payload Types . . . . . . . . . . . . . . . . . . . 52 7.1. CDNI Payload Types ........................................54
7.1.1. CDNI MI HostIndex Payload Type . . . . . . . . . . . 53 7.1.1. CDNI MI HostIndex Payload Type .....................54
7.1.2. CDNI MI HostMatch Payload Type . . . . . . . . . . . 53 7.1.2. CDNI MI HostMatch Payload Type .....................55
7.1.3. CDNI MI HostMetadata Payload Type . . . . . . . . . . 54 7.1.3. CDNI MI HostMetadata Payload Type ..................55
7.1.4. CDNI MI PathMatch Payload Type . . . . . . . . . . . 54 7.1.4. CDNI MI PathMatch Payload Type .....................55
7.1.5. CDNI MI PatternMatch Payload Type . . . . . . . . . . 54 7.1.5. CDNI MI PatternMatch Payload Type ..................55
7.1.6. CDNI MI PathMetadata Payload Type . . . . . . . . . . 54 7.1.6. CDNI MI PathMetadata Payload Type ..................55
7.1.7. CDNI MI SourceMetadata Payload Type . . . . . . . . . 54 7.1.7. CDNI MI SourceMetadata Payload Type ................56
7.1.8. CDNI MI Source Payload Type . . . . . . . . . . . . . 55 7.1.8. CDNI MI Source Payload Type ........................56
7.1.9. CDNI MI LocationACL Payload Type . . . . . . . . . . 55 7.1.9. CDNI MI LocationACL Payload Type ...................56
7.1.10. CDNI MI LocationRule Payload Type . . . . . . . . . . 55 7.1.10. CDNI MI LocationRule Payload Type .................56
7.1.11. CDNI MI Footprint Payload Type . . . . . . . . . . . 55 7.1.11. CDNI MI Footprint Payload Type ....................56
7.1.12. CDNI MI TimeWindowACL Payload Type . . . . . . . . . 55 7.1.12. CDNI MI TimeWindowACL Payload Type ................57
7.1.13. CDNI MI TimeWindowRule Payload Type . . . . . . . . . 56 7.1.13. CDNI MI TimeWindowRule Payload Type ...............57
7.1.14. CDNI MI TimeWindow Payload Type . . . . . . . . . . . 56 7.1.14. CDNI MI TimeWindow Payload Type ...................57
7.1.15. CDNI MI ProtocolACL Payload Type . . . . . . . . . . 56 7.1.15. CDNI MI ProtocolACL Payload Type ..................57
7.1.16. CDNI MI ProtocolRule Payload Type . . . . . . . . . . 56 7.1.16. CDNI MI ProtocolRule Payload Type .................57
7.1.17. CDNI MI DeliveryAuthorization Payload Type . . . . . 56 7.1.17. CDNI MI DeliveryAuthorization Payload Type ........58
7.1.18. CDNI MI Cache Payload Type . . . . . . . . . . . . . 57 7.1.18. CDNI MI Cache Payload Type ........................58
7.1.19. CDNI MI Auth Payload Type . . . . . . . . . . . . . . 57 7.1.19. CDNI MI Auth Payload Type .........................58
7.1.20. CDNI MI Grouping Payload Type . . . . . . . . . . . . 57 7.1.20. CDNI MI Grouping Payload Type .....................58
7.2. CDNI Metadata Footprint Types Registry . . . . . . . . . 57 7.2. "CDNI Metadata Footprint Types" Registry ..................58
7.3. CDNI Metadata Protocol Types Registry . . . . . . . . . . 58 7.3. "CDNI Metadata Protocol Types" Registry ...................59
8. Security Considerations . . . . . . . . . . . . . . . . . . . 58 8. Security Considerations ........................................60
8.1. Authentication and Integrity . . . . . . . . . . . . . . 59 8.1. Authentication and Integrity ..............................60
8.2. Confidentiality and Privacy . . . . . . . . . . . . . . . 59 8.2. Confidentiality and Privacy ...............................60
8.3. Securing the CDNI Metadata interface . . . . . . . . . . 60 8.3. Securing the CDNI Metadata Interface ......................61
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 60 9. References .....................................................62
10. Contributing Authors . . . . . . . . . . . . . . . . . . . . 60 9.1. Normative References ......................................62
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 61 9.2. Informative References ....................................63
11.1. Normative References . . . . . . . . . . . . . . . . . . 61 Acknowledgments ...................................................65
11.2. Informative References . . . . . . . . . . . . . . . . . 63 Contributors ......................................................65
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 64 Authors' Addresses ................................................66
1. Introduction 1. Introduction
Content Delivery Networks Interconnection (CDNI) [RFC6707] enables a Content Delivery Network Interconnection (CDNI) [RFC6707] enables a
downstream Content Delivery Network (dCDN) to service content downstream Content Delivery Network (dCDN) to service content
requests on behalf of an upstream CDN (uCDN). requests on behalf of an upstream CDN (uCDN).
The CDNI metadata interface is discussed in [RFC7336] along with four The CDNI Metadata interface (MI) is discussed in [RFC7336] along with
other interfaces that can be used to compose a CDNI solution (CDNI four other interfaces that can be used to compose a CDNI solution
Control interface, CDNI Request Routing Redirection interface, CDNI (the CDNI Control interface, the CDNI Request Routing Redirection
Footprint & Capabilities Advertisement interface and CDNI Logging interface, the CDNI Footprint & Capabilities Advertisement interface
interface). [RFC7336] describes each interface and the relationships (FCI), and the CDNI Logging interface). [RFC7336] describes each
between them. The requirements for the CDNI metadata interface are interface and the relationships between them. The requirements for
specified in [RFC7337]. the CDNI Metadata interface are specified in [RFC7337].
The CDNI metadata associated with a piece of content (or with a set The CDNI Metadata associated with a piece of content (or with a set
of content) provides a dCDN with sufficient information for servicing of content) provides a dCDN with sufficient information for servicing
content requests on behalf of an uCDN, in accordance with the content requests on behalf of a uCDN, in accordance with the policies
policies defined by the uCDN. defined by the uCDN.
This document defines the CDNI metadata interface which enables a This document defines a CDNI Metadata interface that enables a dCDN
dCDN to obtain CDNI metadata from an uCDN so that the dCDN can to obtain CDNI Metadata from a uCDN so that the dCDN can properly
properly process and respond to: process and respond to:
o Redirection requests received over the CDNI Request Routing o Redirection requests received over the CDNI Request Routing
Redirection interface [I-D.ietf-cdni-redirection]. Redirection interface [RFC7975].
o Content requests received directly from User Agents. o Content requests received directly from User Agents.
Specifically, this document specifies: Specifically, this document defines:
o A data structure for mapping content requests and redirection o A data structure for mapping content requests and redirection
requests to CDNI metadata objects (Section 3 and Section 4.1). requests to CDNI Metadata objects (Sections 3 and 4.1).
o An initial set of CDNI Generic metadata objects (Section 4.2). o An initial set of CDNI GenericMetadata objects (Section 4.2).
o A HTTP web service for the transfer of CDNI metadata (Section 6). o An HTTP web service for the transfer of CDNI Metadata (Section 6).
1.1. Terminology 1.1. Terminology
This document reuses the terminology defined in [RFC6707]. This document reuses the terminology defined in [RFC6707].
Additionally, the following terms are used throughout this document Additionally, the following terms are used throughout this document
and are defined as follows: and are defined as follows:
o Object - a collection of properties. o Object - a collection of properties.
o Property - a key and value pair where the key is a property name o Property - a key and value pair where the key is a property name
and the value is the property value or another object. and the value is the property value or another object.
This document uses the phrase "[Object] A contains [Object] B" for This document uses the phrase "[Object] A contains [Object] B" for
simplicity when a strictly accurate phrase would be "[Object] A simplicity when a strictly accurate phrase would be "[Object] A
contains or references (via a Link object) [Object] B". contains or references (via a Link object) [Object] B".
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
1.2. Supported Metadata Capabilities 1.2. Supported Metadata Capabilities
Only the metadata for a small set of initial capabilities is Only the metadata for a small set of initial capabilities is
specified in this document. This set provides the minimum amount of specified in this document. This set provides the minimum amount of
metadata for basic CDN interoperability while still meeting the metadata for basic CDN interoperability while still meeting the
requirements set forth by [RFC7337]. requirements set forth by [RFC7337].
The following high-level functionality can be configured via the CDNI The following high-level functionality can be configured via the CDNI
metadata objects specified in Section 4: Metadata objects specified in Section 4:
o Acquisition Source: Metadata for allowing a dCDN to fetch content o Acquisition Source: Metadata for allowing a dCDN to fetch content
from a uCDN. from a uCDN.
o Delivery Access Control: Metadata for restricting (or permitting) o Delivery Access Control: Metadata for restricting (or permitting)
access to content based on any of the following factors: access to content based on any of the following factors:
* Location * Location
* Time Window * Time window
* Delivery Protocol * Delivery protocol
o Delivery Authorization: Metadata for authorizing dCDN user agent o Delivery Authorization: Metadata for authorizing dCDN User Agent
requests. requests.
o Cache Control: Metadata for controlling cache behavior of the o Cache Control: Metadata for controlling cache behavior of
dCDN. the dCDN.
The metadata encoding described by this document is extensible in The metadata encoding described by this document is extensible in
order to allow for future additions to this list. order to allow for future additions to this list.
The set of metadata specified in this document covers the initial The set of metadata specified in this document covers the initial
capabilities above. It is only intended to support CDN capabilities above. It is only intended to support CDNI for the
interconnection for the delivery of content by a dCDN using HTTP/1.1 delivery of content by a dCDN using HTTP/1.1 [RFC7230] and for a dCDN
[RFC7230] and for a dCDN to be able to acquire content from a uCDN to be able to acquire content from a uCDN using either HTTP/1.1 or
using either HTTP/1.1 or HTTP/1.1 over TLS [RFC2818]. HTTP/1.1 over Transport Layer Security (TLS) [RFC2818].
Supporting CDN interconnection for the delivery of content using Supporting CDNI for the delivery of content using unencrypted HTTP/2
unencrypted HTTP/2 [RFC7540] (as well as for a dCDN to acquire [RFC7540] (as well as for a dCDN to acquire content using unencrypted
content using unencrypted HTTP/2 or HTTP/2 over TLS) requires the HTTP/2 or HTTP/2 over TLS) requires the registration of these
registration of these protocol names in the CDNI Metadata Protocol protocol names in the "CDNI Metadata Protocol Types" registry
Types registry Section 7.3. (Section 7.3).
Delivery of content using HTTP/1.1 over TLS or HTTP/2 over TLS SHOULD Delivery of content using HTTP/1.1 over TLS or HTTP/2 over TLS SHOULD
follow the guidelines set forth in [RFC7525]. Offline configuration follow the guidelines set forth in [RFC7525]. Offline configuration
of TLS parameters between CDNs is beyond the scope of this document. of TLS parameters between CDNs is beyond the scope of this document.
2. Design Principles 2. Design Principles
The CDNI metadata interface was designed to achieve the following The CDNI Metadata interface was designed to achieve the following
objectives: objectives:
1. Cacheability of CDNI metadata objects; 1. Cacheability of CDNI Metadata objects;
2. Deterministic mapping from redirection requests and content 2. Deterministic mapping from redirection requests and content
requests to CDNI metadata properties; requests to CDNI Metadata properties;
3. Support for DNS redirection as well as application-specific 3. Support for DNS redirection as well as application-specific
redirection (for example HTTP redirection); redirection (for example, HTTP redirection);
4. Minimal duplication of CDNI metadata; and 4. Minimal duplication of CDNI Metadata; and
5. Leveraging of existing protocols. 5. Leveraging of existing protocols.
Cacheability can decrease the latency of acquiring metadata while Cacheability can decrease the latency of acquiring metadata while
maintaining its freshness, and therefore decrease the latency of maintaining its freshness and can therefore decrease the latency of
serving content requests and redirection requests, without serving content requests and redirection requests, without
sacrificing accuracy. The CDNI metadata interface uses HTTP and its sacrificing accuracy. The CDNI Metadata interface uses HTTP and its
existing caching mechanisms to achieve CDNI metadata cacheability. existing caching mechanisms to achieve CDNI Metadata cacheability.
Deterministic mappings from content to metadata properties eliminates Deterministic mapping from content to metadata properties eliminates
ambiguity and ensures that policies are applied consistently by all ambiguity and ensures that policies are applied consistently by all
dCDNs. dCDNs.
Support for both HTTP and DNS redirection ensures that the CDNI Support for both HTTP and DNS redirection ensures that the CDNI
metadata meets the same design principles for both HTTP and DNS based Metadata meets the same design principles for both HTTP-based and
redirection schemes. DNS-based redirection schemes.
Minimal duplication of CDNI metadata improves storage efficiency in Minimal duplication of CDNI Metadata improves storage efficiency in
the CDNs. the CDNs.
Leveraging existing protocols avoids reinventing common mechanisms Leveraging existing protocols avoids reinventing common mechanisms
such as data structure encoding (by leveraging I-JSON [RFC7493]) and such as data structure encoding (by leveraging I-JSON (Internet JSON)
data transport (by leveraging HTTP [RFC7230]). [RFC7493]) and data transport (by leveraging HTTP [RFC7230]).
3. CDNI Metadata object model 3. CDNI Metadata Object Model
The CDNI metadata object model describes a data structure for mapping The CDNI Metadata object model describes a data structure for mapping
redirection requests and content requests to metadata properties. redirection requests and content requests to metadata properties.
Metadata properties describe how to acquire content from an uCDN, Metadata properties describe how to acquire content from a uCDN,
authorize access to content, and deliver content from a dCDN. The authorize access to content, and deliver content from a dCDN. The
object model relies on the assumption that these metadata properties object model relies on the assumption that these metadata properties
can be grouped based on the hostname of the content and subsequently can be grouped based on the hostname of the content and subsequently
on the resource path (URI) of the content. The object model on the resource path (URI) of the content. The object model
associates a set of CDNI metadata properties with a Hostname to form associates a set of CDNI Metadata properties with a hostname to form
a default set of metadata properties for content delivered on behalf a default set of metadata properties for content delivered on behalf
of that Hostname. That default set of metadata properties can be of that hostname. That default set of metadata properties can be
overridden by properties that apply to specific paths within a URI. overridden by properties that apply to specific paths within a URI.
Different Hostnames and URI paths will be associated with different Different hostnames and URI paths will be associated with different
sets of CDNI metadata properties in order to describe the required sets of CDNI Metadata properties in order to describe the required
behaviour when a dCDN surrogate or request router is processing User behavior when a dCDN Surrogate or request router is processing User
Agent requests for content at that Hostname and URI path. As a Agent requests for content at that hostname and URI path. As a
result of this structure, significant commonality could exist between result of this structure, significant commonality could exist between
the CDNI metadata properties specified for different Hostnames, the CDNI Metadata properties specified for different hostnames,
different URI paths within a Hostname and different URI paths on different URI paths within a hostname, and different URI paths on
different Hostnames. For example the definition of which User Agent different hostnames. For example, the definition of which User Agent
IP addresses should be grouped together into a single network or IP addresses should be grouped together into a single network or
geographic location is likely to be common for a number of different geographic location is likely to be common for a number of different
Hostnames; although a uCDN is likely to have several different hostnames; although a uCDN is likely to have several different
policies configured to express geo-blocking rules, it is likely that policies configured to express geo-blocking rules, it is likely that
a single geo-blocking policy could be applied to multiple Hostnames a single geo-blocking policy could be applied to multiple hostnames
delivered through the CDN. delivered through the CDN.
In order to enable the CDNI metadata for a given Hostname and URI In order to enable the CDNI Metadata for a given hostname and URI
Path to be decomposed into reusable sets of CDNI metadata properties, path to be decomposed into reusable sets of CDNI Metadata properties,
the CDNI metadata interface splits the CDNI metadata into separate the CDNI Metadata interface splits the CDNI Metadata into separate
objects. Efficiency is improved by enabling a single CDNI metadata objects. Efficiency is improved by enabling a single CDNI Metadata
object (that is shared across Hostname and/or URI paths) to be object (that is shared across hostnames and/or URI paths) to be
retrieved and stored by a dCDN once, even if it is referenced by the retrieved and stored by a dCDN once, even if it is referenced by the
CDNI metadata for multiple Hostnames and/or URI paths. CDNI Metadata for multiple hostnames and/or URI paths.
Important Note: Any CDNI metadata object A that contains another CDNI Important Note: Any CDNI Metadata object A that contains another CDNI
metadata object B can include a Link object specifying a URI that can Metadata object B can include a Link object specifying a URI that can
be used to retrieve object B, instead of embedding object B within be used to retrieve object B, instead of embedding object B within
object A. The remainder of this document uses the phrase "[Object] A object A. The remainder of this document uses the phrase "[Object] A
contains [Object] B" for simplicity when a strictly accurate phrase contains [Object] B" for simplicity when a strictly accurate phrase
would be "[Object] A contains or references (via a Link object) would be "[Object] A contains or references (via a Link object)
[Object] B". It is generally a deployment choice for the uCDN [Object] B". It is generally a deployment choice for the uCDN
implementation to decide when to embed CDNI metadata objects and when implementation to decide when to embed CDNI Metadata objects and when
to reference separate resources via Link objects. to reference separate resources via Link objects.
Section 3.1 introduces a high level description of the HostIndex, Section 3.1 introduces a high-level description of the HostIndex,
HostMatch, HostMetadata, PathMatch, PatternMatch and PathMetadata HostMatch, HostMetadata, PathMatch, PatternMatch, and PathMetadata
objects, and describes the relationships between them. objects, and describes the relationships between them.
Section 3.2 introduces a high level description of the CDNI Section 3.2 introduces a high-level description of the CDNI
GenericMetadata object which represents the level at which CDNI GenericMetadata object, which represents the level at which CDNI
metadata override occurs between HostMetadata and PathMetadata Metadata override occurs between HostMetadata and PathMetadata
objects. objects.
Section 4 describes in detail the specific CDNI metadata objects and Section 4 describes in detail the specific CDNI Metadata objects and
properties specified by this document which can be contained within a properties specified by this document that can be contained within a
CDNI GenericMetadata object. CDNI GenericMetadata object.
3.1. HostIndex, HostMatch, HostMetadata, PathMatch, PatternMatch and 3.1. HostIndex, HostMatch, HostMetadata, PathMatch, PatternMatch, and
PathMetadata objects PathMetadata Objects
The relationships between the HostIndex, HostMatch, HostMetadata, The relationships between the HostIndex, HostMatch, HostMetadata,
PathMatch, PatternMatch and PathMetadata objects are described in PathMatch, PatternMatch, and PathMetadata objects are described in
Figure 1. Figure 1.
+---------+ +---------+ +------------+ +---------+ +---------+ +------------+
|HostIndex+-(*)->|HostMatch+-(1)->|HostMetadata+-------(*)------+ |HostIndex+-(*)->|HostMatch+-(1)->|HostMetadata+-------(*)------+
+---------+ +---------+ +------+-----+ | +---------+ +---------+ +------+-----+ |
| | | |
(*) | (*) |
| V | V
--> Contains or References V ****************** --> Contains or references V *****************
(1) One and only one +---------+ *Generic Metadata* (1) One and only one +---------+ *GenericMetadata*
(*) Zero or more +--->|PathMatch| * Objects * (*) Zero or more +--->|PathMatch| * Objects *
| +----+---++ ****************** | +----+---++ *****************
| | | ^ | | | ^
(*) (1) (1) +------------+ | (*) (1) (1) +------------+ |
| | +->|PatternMatch| | | | +->|PatternMatch| |
| V +------------+ | | V +------------+ |
| +------------+ | | +------------+ |
+--+PathMetadata+-------(*)------+ +--+PathMetadata+-------(*)------+
+------------+ +------------+
Figure 1: Relationships between CDNI Metadata Objects (Diagram Figure 1: Relationships between CDNI Metadata Objects
Representation) (Diagram Representation)
A HostIndex object (see Section 4.1.1) contains an array of HostMatch A HostIndex object (see Section 4.1.1) contains an array of HostMatch
objects (see Section 4.1.2) that contain Hostnames (and/or IP objects (see Section 4.1.2) that contain hostnames (and/or IP
addresses) for which content requests might be delegated to the dCDN. addresses) for which content requests might be delegated to the dCDN.
The HostIndex is the starting point for accessing the uCDN CDNI The HostIndex is the starting point for accessing the uCDN CDNI
metadata data store. It enables the dCDN to deterministically Metadata data store. It enables the dCDN to deterministically
discover which CDNI metadata objects it requires in order to deliver discover which CDNI Metadata objects it requires in order to deliver
a given piece of content. a given piece of content.
The HostIndex links Hostnames (and/or IP addresses) to HostMetadata The HostIndex links hostnames (and/or IP addresses) to HostMetadata
objects (see Section 4.1.3) via HostMatch objects. A HostMatch objects (see Section 4.1.3) via HostMatch objects. A HostMatch
object defines a Hostname (or IP address) to match against a object defines a hostname (or IP address) to match against a
requested host and contains a HostMetadata object. requested host and contains a HostMetadata object.
HostMetadata objects contain the default GenericMetadata objects (see HostMetadata objects contain the default GenericMetadata objects (see
Section 4.1.7) required to serve content for that host. When looking Section 4.1.7) required to serve content for that host. When looking
up CDNI metadata, the dCDN looks up the requested Hostname (or IP up CDNI Metadata, the dCDN looks up the requested hostname (or IP
address) against the HostMatch entries in the HostIndex, from there address) against the HostMatch entries in the HostIndex; from there,
it can find HostMetadata which describes the default metadata it can find HostMetadata, which describes the default metadata
properties for each host as well as PathMetadata objects (see properties for each host as well as PathMetadata objects (see
Section 4.1.6), via PathMatch objects (see Section 4.1.4). PathMatch Section 4.1.6), via PathMatch objects (see Section 4.1.4). PathMatch
objects define patterns, contained inside PatternMatch objects (see objects define patterns, contained inside PatternMatch objects (see
Section 4.1.5), to match against the requested URI path. Section 4.1.5), to match against the requested URI path.
PatternMatch objects contain the pattern strings and flags that PatternMatch objects contain the pattern strings and flags that
describe the URI path that a PathMatch applies to. PathMetadata describe the URI path to which a PathMatch applies. PathMetadata
objects contain the GenericMetadata objects that apply to content objects contain the GenericMetadata objects that apply to content
requests matching the defined URI path pattern. PathMetadata requests matching the defined URI path pattern. PathMetadata
properties override properties previously defined in HostMetadata or properties override properties previously defined in HostMetadata or
less specific PathMatch paths. PathMetadata objects can contain less-specific PathMatch paths. PathMetadata objects can contain
additional PathMatch objects to recursively define more specific URI additional PathMatch objects to recursively define more-specific URI
paths to which GenericMetadata properties might be applied. paths to which GenericMetadata properties might be applied.
A GenericMetadata object contains individual CDNI metadata objects A GenericMetadata object contains individual CDNI Metadata objects
which define the specific policies and attributes needed to properly that define the specific policies and attributes needed to properly
deliver the associated content. For example, a GenericMetadata deliver the associated content. For example, a GenericMetadata
object could describe the source from which a CDN can acquire a piece object could describe the source from which a CDN can acquire a piece
of content. The GenericMetadata object is an atomic unit that can be of content. The GenericMetadata object is an atomic unit that can be
referenced by HostMetadata or PathMetadata objects. referenced by HostMetadata or PathMetadata objects.
For example, if "example.com" is a content provider, a HostMatch For example, if "example.com" is a content provider, a HostMatch
object could include an entry for "example.com" with the URI of the object could include an entry for "example.com" with the URI of the
associated HostMetadata object. The HostMetadata object for associated HostMetadata object. The HostMetadata object for
"example.com" describes the metadata properties which apply to "example.com" describes the metadata properties that apply to
"example.com" and could contain PathMatches for "example.com/ "example.com" and could contain PathMatches for
movies/*" and "example.com/music/*", which in turn reference "example.com/movies/*" and "example.com/music/*", which in turn
corresponding PathMetadata objects that contain the properties for reference corresponding PathMetadata objects that contain the
those more specific URI paths. The PathMetadata object for properties for those more-specific URI paths. The PathMetadata
"example.com/movies/*" describes the properties which apply to that object for "example.com/movies/*" describes the properties that apply
URI path. It could also contain a PathMatch object for to that URI path. It could also contain a PathMatch object for
"example.com/movies/hd/*" which would reference the corresponding "example.com/movies/hd/*", which would reference the corresponding
PathMetadata object for the "example.com/movies/hd/" path prefix. PathMetadata object for the "example.com/movies/hd/" path prefix.
The relationships in Figure 1 are also represented in tabular format The relationships in Figure 1 are also represented in tabular format
in Table 1 below. in Table 1 below.
+--------------+----------------------------------------------------+ +--------------+----------------------------------------------------+
| Data Object | Objects it contains or references | | Data Object | Objects it contains or references |
+--------------+----------------------------------------------------+ +--------------+----------------------------------------------------+
| HostIndex | 0 or more HostMatch objects. | | HostIndex | 0 or more HostMatch objects. |
| | |
| HostMatch | 1 HostMetadata object. | | HostMatch | 1 HostMetadata object. |
| HostMetadata | 0 or more PathMatch objects. 0 or more | | | |
| HostMetadata | 0 or more PathMatch objects. 0 or more |
| | GenericMetadata objects. | | | GenericMetadata objects. |
| PathMatch | 1 PatternMatch object. 1 PathMetadata object. | | | |
| PathMatch | 1 PatternMatch object. 1 PathMetadata object. |
| | |
| PatternMatch | Does not contain or reference any other objects. | | PatternMatch | Does not contain or reference any other objects. |
| PathMetadata | 0 or more PathMatch objects. 0 or more | | | |
| PathMetadata | 0 or more PathMatch objects. 0 or more |
| | GenericMetadata objects. | | | GenericMetadata objects. |
+--------------+----------------------------------------------------+ +--------------+----------------------------------------------------+
Table 1: Relationships between CDNI Metadata Objects Table 1: Relationships between CDNI Metadata Objects
(Table Representation) (Table Representation)
3.2. Generic CDNI Metadata Objects 3.2. Generic CDNI Metadata Objects
The HostMetadata and PathMetadata objects contain other CDNI metadata The HostMetadata and PathMetadata objects contain other CDNI Metadata
objects that contain properties which describe how User Agent objects that contain properties that describe how User Agent requests
requests for content should be processed, for example where to for content should be processed -- for example, where to acquire the
acquire the content from, authorization rules that should be applied, content from, authorization rules that should be applied,
geo-blocking restrictions, and so on. Each such CDNI metadata object geo-blocking restrictions, and so on. Each such CDNI Metadata object
is a specialization of a CDNI GenericMetadata object. The is a specialization of a CDNI GenericMetadata object. The
GenericMetadata object abstracts the basic information required for GenericMetadata object abstracts the basic information required for
metadata override and metadata distribution, from the specifics of metadata override and metadata distribution, from the specifics of
any given property (i.e., property semantics, enforcement options, any given property (i.e., property semantics, enforcement options,
etc.). etc.).
The GenericMetadata object defines the properties contained within it The GenericMetadata object defines the properties contained within it
as well as whether or not the properties are "mandatory-to-enforce". as well as whether or not the properties are "mandatory-to-enforce".
If the dCDN does not understand or support a "mandatory-to-enforce" If the dCDN does not understand or support a mandatory-to-enforce
property, the dCDN MUST NOT serve the content. If the property is property, the dCDN MUST NOT serve the content. If the property is
not "mandatory-to-enforce", then that GenericMetadata object can be not mandatory-to-enforce, then that GenericMetadata object can be
safely ignored and the content request can be processed in accordance safely ignored and the content request can be processed in accordance
with the rest of the CDNI metadata. with the rest of the CDNI Metadata.
Although a CDN MUST NOT serve content to a User Agent if a Although a CDN MUST NOT serve content to a User Agent if a
"mandatory-to-enforce" property cannot be enforced, it could still be mandatory-to-enforce property cannot be enforced, it could still be
"safe-to-redistribute" that metadata to another CDN without safe to redistribute that metadata (the "safe-to-redistribute"
modification. For example, in the cascaded CDN case, a transit CDN property) to another CDN without modification. For example, in the
(tCDN) could pass through "mandatory-to-enforce" metadata to a dCDN. cascaded CDN case, a transit CDN (tCDN) could convey
mandatory-to-enforce metadata to a dCDN. For metadata that does not
For metadata which does not require customization or translation require customization or translation (i.e., metadata that is
(i.e., metadata that is "safe-to-redistribute"), the data safe-to-redistribute), the data representation received off the wire
representation received off the wire MAY be stored and redistributed MAY be stored and redistributed without being understood or supported
without being understood or supported by the transit CDN. However, by the tCDN. However, for metadata that requires translation,
for metadata which requires translation, transparent redistribution transparent redistribution of the uCDN metadata values might not be
of the uCDN metadata values might not be appropriate. Certain appropriate. Certain metadata can be safely, though perhaps not
metadata can be safely, though perhaps not optimally, redistributed optimally, redistributed unmodified. For example, a source
unmodified. For example, source acquisition address might not be acquisition address might not be optimal if transparently
optimal if transparently redistributed, but it might still work. redistributed, but it might still work.
Redistribution safety MUST be specified for each GenericMetadata Redistribution safety MUST be specified for each GenericMetadata
property. If a CDN does not understand or support a given property. If a CDN does not understand or support a given
GenericMetadata property that is not "safe-to-redistribute", the CDN GenericMetadata property that is not safe-to-redistribute, the CDN
MUST set the "incomprehensible" flag to true for that GenericMetadata MUST set the "incomprehensible" flag to true for that GenericMetadata
object before redistributing the metadata. The "incomprehensible" object before redistributing the metadata. The "incomprehensible"
flag signals to a dCDN that the metadata was not properly transformed flag signals to a dCDN that the metadata was not properly transformed
by the transit CDN. A CDN MUST NOT attempt to use metadata that has by the tCDN. A CDN MUST NOT attempt to use metadata that has been
been marked as "incomprehensible" by a uCDN. marked as "incomprehensible" by a uCDN.
Transit CDNs MUST NOT change the value of "mandatory-to-enforce" or tCDNs MUST NOT change the value of mandatory-to-enforce or
"safe-to-redistribute" when propagating metadata to a dCDN. Although safe-to-redistribute when propagating metadata to a dCDN. Although a
a transit CDN can set the value of "incomprehensible" to true, a tCDN can set the value of "incomprehensible" to true, a tCDN MUST NOT
transit CDN MUST NOT change the value of "incomprehensible" from true change the value of "incomprehensible" from true to false.
to false.
Table 2 describes the action to be taken by a transit CDN (tCDN) for Table 2 describes the action to be taken by a tCDN for the different
the different combinations of "mandatory-to-enforce" (MtE) and "safe- combinations of mandatory-to-enforce ("MtE") and safe-to-redistribute
to-redistribute" (StR) properties, when the tCDN either does or does ("StR") properties when the tCDN either does or does not understand
not understand the metadata in question: the metadata in question:
+-------+-------+------------+--------------------------------------+ +-------+-------+------------+--------------------------------------+
| MtE | StR | Metadata | Action | | MtE | StR | Metadata | Action |
| | | Understood | | | | | Understood | |
| | | by tCDN | | | | | by tCDN | |
+-------+-------+------------+--------------------------------------+ +-------+-------+------------+--------------------------------------+
| False | True | True | Can serve and redistribute. | | False | True | True | Can serve and redistribute. |
| | | | |
| False | True | False | Can serve and redistribute. | | False | True | False | Can serve and redistribute. |
| False | False | False | Can serve. MUST set | | | | | |
| | | | "incomprehensible" to True when | | False | False | False | Can serve. MUST set |
| | | | "incomprehensible" to true when |
| | | | redistributing. | | | | | redistributing. |
| False | False | True | Can serve. Can redistribute after | | | | | |
| False | False | True | Can serve. Can redistribute after |
| | | | transforming the metadata (if the | | | | | transforming the metadata (if the |
| | | | CDN knows how to do so safely), | | | | | CDN knows how to do so safely); |
| | | | otherwise MUST set | | | | | otherwise, MUST set |
| | | | "incomprehensible" to True when | | | | | "incomprehensible" to true when |
| | | | redistributing. | | | | | redistributing. |
| | | | |
| True | True | True | Can serve and redistribute. | | True | True | True | Can serve and redistribute. |
| | | | |
| True | True | False | MUST NOT serve but can redistribute. | | True | True | False | MUST NOT serve but can redistribute. |
| True | False | True | Can serve. Can redistribute after | | | | | |
| True | False | True | Can serve. Can redistribute after |
| | | | transforming the metadata (if the | | | | | transforming the metadata (if the |
| | | | CDN knows how to do so safely), | | | | | CDN knows how to do so safely); |
| | | | otherwise MUST set | | | | | otherwise, MUST set |
| | | | "incomprehensible" to True when | | | | | "incomprehensible" to true when |
| | | | redistributing. | | | | | redistributing. |
| True | False | False | MUST NOT serve. MUST set | | | | | |
| | | | "incomprehensible" to True when | | True | False | False | MUST NOT serve. MUST set |
| | | | "incomprehensible" to true when |
| | | | redistributing. | | | | | redistributing. |
+-------+-------+------------+--------------------------------------+ +-------+-------+------------+--------------------------------------+
Table 2: Action to be taken by a tCDN for the different combinations Table 2: Action to Be Taken by a tCDN for the
of MtE and StR properties Different Combinations of MtE and StR Properties
Table 3 describes the action to be taken by a dCDN for the different Table 3 describes the action to be taken by a dCDN for the different
combinations of "mandatory-to-enforce" (MtE) and "incomprehensible" combinations of mandatory-to-enforce and "incomprehensible" (Incomp)
(Incomp) properties, when the dCDN either does or does not understand properties, when the dCDN either does or does not understand the
the metadata in question: metadata in question:
+-------+--------+--------------+-----------------------------------+ +-------+--------+--------------+-----------------------------------+
| MtE | Incomp | Metadata | Action | | MtE | Incomp | Metadata | Action |
| | | Understood | | | | | Understood | |
| | | by dCDN | | | | | by dCDN | |
+-------+--------+--------------+-----------------------------------+ +-------+--------+--------------+-----------------------------------+
| False | False | True | Can serve. | | False | False | True | Can serve. |
| | | | |
| False | True | True | Can serve but MUST NOT | | False | True | True | Can serve but MUST NOT |
| | | | interpret/apply any metadata | | | | | interpret/apply any metadata |
| | | | marked incomprehensible. | | | | | marked as "incomprehensible". |
| | | | |
| False | False | False | Can serve. | | False | False | False | Can serve. |
| | | | |
| False | True | False | Can serve but MUST NOT | | False | True | False | Can serve but MUST NOT |
| | | | interpret/apply any metadata | | | | | interpret/apply any metadata |
| | | | marked incomprehensible. | | | | | marked as "incomprehensible". |
| | | | |
| True | False | True | Can serve. | | True | False | True | Can serve. |
| | | | |
| True | True | True | MUST NOT serve. | | True | True | True | MUST NOT serve. |
| | | | |
| True | False | False | MUST NOT serve. | | True | False | False | MUST NOT serve. |
| | | | |
| True | True | False | MUST NOT serve. | | True | True | False | MUST NOT serve. |
+-------+--------+--------------+-----------------------------------+ +-------+--------+--------------+-----------------------------------+
Table 3: Action to be taken by a dCDN for the different combinations Table 3: Action to Be Taken by a dCDN for the
of MtE and Incomp properties Different Combinations of MtE and Incomp Properties
3.3. Metadata Inheritance and Override 3.3. Metadata Inheritance and Override
In the metadata object model, a HostMetadata object can contain In the metadata object model, a HostMetadata object can contain
multiple PathMetadata objects (via PathMatch objects). Each multiple PathMetadata objects (via PathMatch objects). Each
PathMetadata object can in turn contain other PathMetadata objects. PathMetadata object can in turn contain other PathMetadata objects.
HostMetadata and PathMetadata objects form an inheritance tree where HostMetadata and PathMetadata objects form an inheritance tree where
each node in the tree inherits or overrides the property values set each node in the tree inherits or overrides the property values set
by its parent. by its parent.
GenericMetadata objects of a given type override all GenericMetadata GenericMetadata objects of a given type override all GenericMetadata
objects of the same type previously defined by any parent object in objects of the same type previously defined by any parent object in
the tree. GenericMetadata objects of a given type previously defined the tree. GenericMetadata objects of a given type previously defined
by a parent object in the tree are inherited when no object of the by a parent object in the tree are inherited when no object of the
same type is defined by the child object. For example, if same type is defined by the child object. For example, if
HostMetadata for the host "example.com" contains GenericMetadata HostMetadata for the host "example.com" contains GenericMetadata
objects of type LocationACL and TimeWindowACL, while a PathMetadata objects of types LocationACL and TimeWindowACL (where "ACL" means
object which applies to "example.com/movies/*" defines an alternate "Access Control List") while a PathMetadata object that applies to
GenericMetadata object of type TimeWindowACL, then: "example.com/movies/*" defines an alternate GenericMetadata object of
type TimeWindowACL, then:
o the TimeWindowACL defined in the PathMetadata would override the o The TimeWindowACL defined in the PathMetadata would override the
TimeWindowACL defined in the HostMetadata for all User Agent TimeWindowACL defined in the HostMetadata for all User Agent
requests for content under "example.com/movies/", and requests for content under "example.com/movies/", and
o the LocationACL defined in the HostMetadata would be inherited for o The LocationACL defined in the HostMetadata would be inherited for
all User Agent requests for content under "example.com/movies/". all User Agent requests for content under "example.com/movies/".
A single HostMetadata or PathMetadata object MUST NOT contain A single HostMetadata or PathMetadata object MUST NOT contain
multiple GenericMetadata objects of the same type. If an array of multiple GenericMetadata objects of the same type. If an array of
GenericMetadata contains objects of duplicate types, the receiver GenericMetadata contains objects of duplicate types, the receiver
MUST ignore all but the first object of each type. MUST ignore all but the first object of each type.
4. CDNI Metadata objects 4. CDNI Metadata Objects
Section 4.1 provides the definitions of each metadata object type Section 4.1 provides the definitions of each metadata object type
introduced in Section 3. These metadata objects are described as introduced in Section 3. These metadata objects are described as
structural metadata objects as they provide the structure for host structural metadata objects, as they provide the structure for host
and URI path-based inheritance and identify which GenericMetadata and URI path-based inheritance and identify which GenericMetadata
objects apply to a given User Agent content request. objects apply to a given User Agent content request.
Section 4.2 provides the definitions for a base set of core metadata Section 4.2 provides the definitions for a base set of core metadata
objects which can be contained within a GenericMetadata object. objects that can be contained within a GenericMetadata object. These
These metadata objects govern how User Agent requests for content are metadata objects govern how User Agent requests for content are
handled. GenericMetadata objects can contain other GenericMetadata handled. GenericMetadata objects can contain other GenericMetadata
as properties; these can be referred to as sub-objects). As with all objects as properties; these can be referred to as sub-objects. As
CDNI metadata objects, the value of the GenericMetadata sub-objects with all CDNI Metadata objects, the value of the GenericMetadata
can be either a complete serialized representation of the sub-object, sub-objects can be either a complete serialized representation of the
or a Link object that contains a URI that can be dereferenced to sub-object or a Link object that contains a URI that can be
retrieve the complete serialized representation of the property sub- dereferenced to retrieve the complete serialized representation of
object. the property sub-object.
Section 6.5 discusses the ability to extend the base set of Section 6.5 discusses the ability to extend the base set of
GenericMetadata objects specified in this document with additional GenericMetadata objects specified in this document with additional
standards-based or vendor specific GenericMetadata objects that might standards-based or vendor-specific GenericMetadata objects that might
be defined in the future in separate documents. be defined in the future in separate documents.
dCDNs and tCDNs MUST support parsing of all CDNI metadata objects dCDNs and tCDNs MUST support the parsing of all CDNI Metadata objects
specified in this document. A dCDN does not have to implement the specified in this document. A dCDN does not have to implement the
underlying functionality represented by non-structural underlying functionality represented by non-structural
GenericMetadata objects (though that might restrict the content that GenericMetadata objects (though that might restrict the content that
a given dCDN will be able to serve). uCDNs as generators of CDNI a given dCDN will be able to serve). uCDNs as generators of CDNI
metadata only need to support generating the CDNI metadata that they Metadata only need to support generating the CDNI Metadata that they
need in order to express the policies required by the content they need in order to express the policies required by the content they
are describing. See Section 6.4 for more details on the specific are describing. See Section 6.4 for more details on the specific
encoding rules for CDNI metadata objects. encoding rules for CDNI Metadata objects.
Note: In the following sections, the term "mandatory-to-specify" is Note: In the following sections, the term "mandatory-to-specify" is
used to convey which properties MUST be included for a given used to convey which properties MUST be included for a given
structural or GenericMetadata object. When mandatory-to-specify is structural or GenericMetadata object. When mandatory-to-specify is
specified as "Yes" for an individual property, it means that if the specified as "Yes" for an individual property, it means that if the
object containing that property is included in a metadata response, object containing that property is included in a metadata response,
then the mandatory-to-specify property MUST also be included then the mandatory-to-specify property MUST also be included
(directly or by reference) in the response, e.g., a HostMatch (directly or by reference) in the response. For example, a HostMatch
property object without a host to match against does not make sense, property object without a host to match against does not make sense;
therefore, the host property is mandatory-to-specify inside a therefore, the "host" property is mandatory-to-specify inside a
HostMatch object. HostMatch object.
4.1. Definitions of the CDNI structural metadata objects 4.1. Definitions of the CDNI Structural Metadata Objects
Each of the sub-sections below describe the structural objects The subsections below describe the structural objects introduced in
introduced in Section 3.1. Section 3.1.
4.1.1. HostIndex 4.1.1. HostIndex
The HostIndex object is the entry point into the CDNI metadata The HostIndex object is the entry point into the CDNI Metadata
hierarchy. It contains an array of HostMatch objects. An incoming hierarchy. It contains an array of HostMatch objects. An incoming
content request is checked against the Hostname (or IP address) content request is checked against the hostname (or IP address)
specified by each of the listed HostMatch objects to find the specified by each of the listed HostMatch objects to find the
HostMatch object which applies to the request. HostMatch object that applies to the request.
Property: hosts Property: hosts
Description: Array of HostMatch objects. Hosts (HostMatch Description: Array of HostMatch objects. Hosts (HostMatch
objects) MUST be evaluated in the order they appear and the objects) MUST be evaluated in the order they appear, and the
first HostMatch object that matches the content request being first HostMatch object that matches the content request being
processed MUST be used. processed MUST be used.
Type: Array of HostMatch objects Type: Array of HostMatch objects
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Example HostIndex object containing two HostMatch objects, where the Example HostIndex object containing two HostMatch objects, where the
first HostMatch object is embedded and the second HostMatch object is first HostMatch object is embedded and the second HostMatch object is
referenced: referenced:
skipping to change at page 15, line 49 skipping to change at page 17, line 23
}, },
{ {
"type": "MI.HostMatch", "type": "MI.HostMatch",
"href": "https://metadata.ucdn.example/hostmatch1234" "href": "https://metadata.ucdn.example/hostmatch1234"
} }
] ]
} }
4.1.2. HostMatch 4.1.2. HostMatch
The HostMatch object contains a Hostname or IP address to match The HostMatch object contains a hostname or IP address to match
against content requests. The HostMatch object also contains a against content requests. The HostMatch object also contains a
HostMetadata object to apply if a match is found. HostMetadata object to apply if a match is found.
Property: host Property: host
Description: Hostname or IP address and optional port to match Description: Hostname or IP address and optional port to match
against the requested host, i.e., the [RFC3986] host and port. against the requested host, i.e., the host and port as
In order for a Hostname or IP address in a content request to described in [RFC3986]. In order for a hostname or IP address
match the Hostname or IP address in the host property the value in a content request to match the hostname or IP address in the
from the content request when converted to lowercase MUST be "host" property, the value from the content request when
identical to the value of the host property when converted to converted to lowercase MUST be identical to the value of the
lowercase. All implementations MUST support IPv4 addresses "host" property when converted to lowercase. All
encoded as specified by the 'IPv4address' rule in Section 3.2.2 implementations MUST support IPv4 addresses encoded as
of [RFC3986]. IPv6 addresses MUST be encoded in one of the specified by the "IPv4address" rule in Section 3.2.2 of
IPv6 address formats specified in [RFC5952] although receivers [RFC3986]. IPv6 addresses MUST be encoded in one of the IPv6
MUST support all IPv6 address formats specified in [RFC4291]. address formats specified in [RFC5952], although receivers MUST
support all IPv6 address formats specified in [RFC4291].
Hostnames MUST conform to the Domain Name System (DNS) syntax Hostnames MUST conform to the Domain Name System (DNS) syntax
defined in [RFC1034] and [RFC1123]. Internationalized Domain defined in [RFC1034] and [RFC1123]. Internationalized Domain
Names (IDN) must first be transformed to the the A-label form Names (IDNs) must first be transformed to the A-label form
[RFC5890] as per [RFC5891]. [RFC5890] as per [RFC5891].
Type: Endpoint Type: Endpoint
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Property: host-metadata Property: host-metadata
Description: CDNI metadata to apply when delivering content Description: CDNI Metadata to apply when delivering content
that matches this host. that matches this host.
Type: HostMetadata Type: HostMetadata
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Example HostMatch object with an embedded HostMetadata object: Example HostMatch object with an embedded HostMetadata object:
{ {
"host": "video.example.com", "host": "video.example.com",
"host-metadata" : { "host-metadata": {
<Properties of embedded HostMetadata object> <Properties of embedded HostMetadata object>
} }
} }
Example HostMatch object referencing (via a Link object, see Example HostMatch object referencing (via a Link object; see
Section 4.3.1) a HostMetadata object: Section 4.3.1) a HostMetadata object:
{ {
"host": "video.example.com", "host": "video.example.com",
"host-metadata" : { "host-metadata": {
"type": "MI.HostMetadata", "type": "MI.HostMetadata",
"href": "https://metadata.ucdn.example/host1234" "href": "https://metadata.ucdn.example/host1234"
} }
} }
4.1.3. HostMetadata 4.1.3. HostMetadata
A HostMetadata object contains the CDNI metadata properties for A HostMetadata object contains the CDNI Metadata properties for
content served for a particular host (defined in the HostMatch content served for a particular host (defined in the HostMatch
object) and possibly child PathMatch objects. object) and possibly child PathMatch objects.
Property: metadata Property: metadata
Description: Array of host related metadata. Description: Array of host-related metadata.
Type: Array of GenericMetadata objects Type: Array of GenericMetadata objects
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Property: paths Property: paths
Description: Path specific rules. Path patterns (PathMatch Description: Path-specific rules. Path patterns (PathMatch
objects) MUST be evaluated in the order they appear and the objects) MUST be evaluated in the order they appear, and the
first (and only the first) PathMatch object that matches the first (and only the first) PathMatch object that matches the
content request being processed MUST be used. content request being processed MUST be used.
Type: Array of PathMatch objects Type: Array of PathMatch objects
Mandatory-to-Specify: No. Mandatory-to-Specify: No. Default is that there are no
more-specific paths to evaluate (i.e., an empty list).
Example HostMetadata object containing a number of embedded Example HostMetadata object containing a number of embedded
GenericMetadata objects that will describe the default metadata for GenericMetadata objects that will describe the default metadata for
the host and an embedded PathMatch object that contains a path for the host and an embedded PathMatch object that contains a path for
which metadata exists that overrides the default metadata for the which metadata exists that overrides the default metadata for the
host: host:
{ {
"metadata": [ "metadata": [
{ {
<Properties of 1st embedded GenericMetadata object> <Properties of first embedded GenericMetadata object>
}, },
{ {
<Properties of 2nd embedded GenericMetadata object> <Properties of second embedded GenericMetadata object>
}, },
... ...
{ {
<Properties of Nth embedded GenericMetadata object> <Properties of Nth embedded GenericMetadata object>
} }
], ],
"paths": [ "paths": [
{ {
<Properties of embedded PathMatch object> <Properties of embedded PathMatch object>
} }
] ]
} }
4.1.4. PathMatch 4.1.4. PathMatch
A PathMatch object contains PatternMatch object with a path to match A PathMatch object contains a PatternMatch object with a path to
against a resource's URI path, as well as how to handle URI query match against a resource's URI path, as well as how to handle URI
parameters. The PathMatch also contains a PathMetadata object with query parameters. The PathMatch object also contains a PathMetadata
GenericMetadata to apply if the resource's URI matches the pattern object with GenericMetadata to apply if the resource's URI matches
within the PatternMatch object. the pattern within the PatternMatch object.
Property: path-pattern Property: path-pattern
Description: Pattern to match against the requested resource's Description: Pattern to match against the requested
URI. resource's URI.
Type: PatternMatch Type: PatternMatch
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Property: path-metadata Property: path-metadata
Description: CDNI metadata to apply when delivering content Description: CDNI Metadata to apply when delivering content
that matches the associated PatternMatch. that matches the associated PatternMatch.
Type: PathMetadata Type: PathMetadata
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Example PathMatch object referencing the PathMetadata object to use Example PathMatch object referencing the PathMetadata object to use
for URIs that match the case-sensitive URI path pattern "/movies/*" for URIs that match the case-sensitive URI path pattern "/movies/*"
(contained within an embedded PatternMatch object): (contained within an embedded PatternMatch object):
skipping to change at page 19, line 28 skipping to change at page 20, line 46
} }
4.1.5. PatternMatch 4.1.5. PatternMatch
A PatternMatch object contains the pattern string and flags that A PatternMatch object contains the pattern string and flags that
describe the pattern expression. describe the pattern expression.
Property: pattern Property: pattern
Description: A pattern for matching against the URI path, i.e., Description: A pattern for matching against the URI path, i.e.,
against the [RFC3986] path-absolute. The pattern can contain against the path-absolute [RFC3986]. The pattern can contain
the wildcards * and ?, where * matches any sequence of the wildcards "*" and "?", where "*" matches any sequence of
[RFC3986] pchar or "/" characters (including the empty string) pchar [RFC3986] or "/" characters (including the empty string)
and ? matches exactly one [RFC3986] pchar character. The three and "?" matches exactly one pchar character. The three
literals $, * and ? MUST be escaped as $$, $* and $? (where $ literals "$", "*", and "?" MUST be escaped as "$$", "$*", and
is the designated escape character). All other characters are "$?" (where "$" is the designated escape character). All other
treated as literals. characters are treated as literals.
Type: String Type: String
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Property: case-sensitive Property: case-sensitive
Description: Flag indicating whether or not case-sensitive Description: Flag indicating whether or not case-sensitive
matching should be used. Note: Case-insensitivity applies to matching should be used. Note: Case insensitivity applies to
ALPHA characters in the URI path prior to percent-decoding ALPHA characters in the URI path prior to percent-decoding
[RFC3986]. [RFC3986].
Type: Boolean Type: Boolean
Mandatory-to-Specify: No. Default is case-insensitive match. Mandatory-to-Specify: No. Default is case-insensitive match
(i.e., a value of False).
Example PatternMatch object that matches the case-sensitive URI path
pattern "/movies/*". All query parameters will be ignored when
matching URIs requested from surrogates by content clients against
this path pattern:
{
"pattern": "/movies/*",
"case-sensitive": true
}
Example PatternMatch object that matches the case-sensitive URI path Example PatternMatch object that matches the case-sensitive URI path
pattern "/movies/*". Only the query parameter "sessionid" will be pattern "/movies/*":
evaluated when matching URIs requested from surrogates by content
clients against this path pattern:
{ {
"pattern": "/movies/*", "pattern": "/movies/*",
"case-sensitive": true "case-sensitive": true
} }
4.1.6. PathMetadata 4.1.6. PathMetadata
A PathMetadata object contains the CDNI metadata properties for A PathMetadata object contains the CDNI Metadata properties for
content requests that match against the associated URI path (defined content requests that match against the associated URI path (defined
in a PathMatch object). in a PathMatch object).
Note that if DNS-based redirection is employed, then a dCDN will be Note that if DNS-based redirection is employed, then a dCDN will be
unable to evaluate any metadata at the PathMetadata level or below unable to evaluate any metadata at the PathMetadata level or below
because only the hostname of the content request is available at because only the hostname of the content request is available at
request routing time. dCDNs SHOULD still process all PathMetadata for Request Routing time. dCDNs SHOULD still process all PathMetadata
the host before responding to the redirection request to detect if for the host before responding to the redirection request to detect
any unsupported metadata is specified. If any metadata not supported if any unsupported metadata is specified. If any metadata not
by the dCDN is marked as "mandatory-to-enforce", the dCDN SHOULD NOT supported by the dCDN is marked as mandatory-to-enforce, the dCDN
accept the content redirection request, in order to avoid receiving SHOULD NOT accept the content redirection request, in order to avoid
content requests that it will not be able to satisfy/serve. receiving content requests that it will not be able to satisfy/serve.
Property: metadata Property: metadata
Description: Array of path related metadata. Description: Array of path-related metadata.
Type: Array of GenericMetadata objects Type: Array of GenericMetadata objects
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Property: paths Property: paths
Description: Path specific rules. Path patterns (PathMatch Description: Path-specific rules. Path patterns (PathMatch
objects) MUST be evaluated in the order they appear and the objects) MUST be evaluated in the order they appear, and the
first (and only the first) PathMatch object that matches the first (and only the first) PathMatch object that matches the
content request being processed MUST be used. content request being processed MUST be used.
Type: Array of PathMatch objects Type: Array of PathMatch objects
Mandatory-to-Specify: No. Mandatory-to-Specify: No. Default is that there are no
more-specific paths to evaluate (i.e., an empty list).
Example PathMetadata object containing a number of embedded Example PathMetadata object containing a number of embedded
GenericMetadata objects that describe the metadata to apply for the GenericMetadata objects that describe the metadata to apply for the
URI path defined in the parent PathMatch object, as well as a more URI path defined in the parent PathMatch object, as well as a
specific PathMatch object. more-specific PathMatch object.
{ {
"metadata": [ "metadata": [
{ {
<Properties of 1st embedded GenericMetadata object> <Properties of first embedded GenericMetadata object>
}, },
{ {
<Properties of 2nd embedded GenericMetadata object> <Properties of second embedded GenericMetadata object>
}, },
... ...
{ {
<Properties of Nth embedded GenericMetadata object> <Properties of Nth embedded GenericMetadata object>
} }
], ],
"paths": [ "paths": [
{ {
<Properties of embedded PathMatch object> <Properties of embedded PathMatch object>
} }
] ]
} }
4.1.7. GenericMetadata 4.1.7. GenericMetadata
A GenericMetadata object is a wrapper for managing individual CDNI A GenericMetadata object is a wrapper for managing individual CDNI
metadata properties in an opaque manner. Metadata properties in an opaque manner.
Property: generic-metadata-type Property: generic-metadata-type
Description: Case-insensitive CDNI metadata object type. Description: Case-insensitive CDNI Metadata object type.
Type: String containing the CDNI Payload Type [RFC7736] of the Type: String containing the CDNI Payload Type [RFC7736] of the
object contained in the generic-metadata-value property (see object contained in the generic-metadata-value property (see
Table 4). Table 4).
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Property: generic-metadata-value Property: generic-metadata-value
Description: CDNI metadata object.
Type: Format/Type is defined by the value of generic-metadata- Description: CDNI Metadata object.
type property above. Note: generic-metadata-values MUST NOT
name any properties "href" (see Section 4.3.1). Type: Format/Type is defined by the value of the
generic-metadata-type property above.
Note: generic-metadata-values MUST NOT name any properties
"href" (see Section 4.3.1).
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Property: mandatory-to-enforce Property: mandatory-to-enforce
Description: Flag identifying whether or not the enforcement of Description: Flag identifying whether or not the enforcement of
the property metadata is required. the property metadata is required.
Type: Boolean Type: Boolean
Mandatory-to-Specify: No. Default is to treat metadata as Mandatory-to-Specify: No. Default is to treat metadata as
mandatory to enforce (i.e., a value of True). mandatory-to-enforce (i.e., a value of True).
Property: safe-to-redistribute Property: safe-to-redistribute
Description: Flag identifying whether or not the property Description: Flag identifying whether or not the property
metadata can be safely redistributed without modification. metadata can be safely redistributed without modification.
Type: Boolean Type: Boolean
Mandatory-to-Specify: No. Default is allow transparent Mandatory-to-Specify: No. Default is to allow transparent
redistribution (i.e., a value of True). redistribution (i.e., a value of True).
Property: incomprehensible Property: incomprehensible
Description: Flag identifying whether or not any CDN in the Description: Flag identifying whether or not any CDN in the
chain of delegation has failed to understand and/or failed to chain of delegation has failed to understand and/or failed to
properly transform this metadata object. Note: This flag only properly transform this metadata object. Note: This flag only
applies to metadata objects whose safe-to-redistribute property applies to metadata objects whose safe-to-redistribute property
has a value of False. has a value of False.
skipping to change at page 23, line 16 skipping to change at page 24, line 33
"mandatory-to-enforce": true, "mandatory-to-enforce": true,
"safe-to-redistribute": true, "safe-to-redistribute": true,
"incomprehensible": false, "incomprehensible": false,
"generic-metadata-type": <CDNI Payload Type of this metadata object>, "generic-metadata-type": <CDNI Payload Type of this metadata object>,
"generic-metadata-value": "generic-metadata-value":
{ {
<Properties of this metadata object> <Properties of this metadata object>
} }
} }
4.2. Definitions of the initial set of CDNI Generic Metadata objects 4.2. Definitions of the Initial Set of CDNI GenericMetadata Objects
The objects defined below are intended to be used in the The objects defined below are intended to be used in the
GenericMetadata object generic-metadata-value field as defined in GenericMetadata object's generic-metadata-value field as defined in
Section 4.1.7 and their generic-metadata-type property MUST be set to Section 4.1.7, and their generic-metadata-type property MUST be set
the appropriate CDNI Payload Type as defined in Table 4. to the appropriate CDNI Payload Type as defined in Table 4.
4.2.1. SourceMetadata 4.2.1. SourceMetadata
Source metadata provides the dCDN with information about content Source metadata provides the dCDN with information about content
acquisition, i.e., how to contact an uCDN Surrogate or an Origin acquisition, i.e., how to contact a uCDN Surrogate or an origin
Server to obtain the content to be served. The sources are not server to obtain the content to be served. The sources are not
necessarily the actual Origin Servers operated by the CSP but might necessarily the actual origin servers operated by the Content Service
be a set of Surrogates in the uCDN. Provider (CSP) but might be a set of Surrogates in the uCDN.
Property: sources Property: sources
Description: Sources from which the dCDN can acquire content, Description: Sources from which the dCDN can acquire content,
listed in order of preference. listed in order of preference.
Type: Array of Source objects (see Section 4.2.1.1) Type: Array of Source objects (see Section 4.2.1.1)
Mandatory-to-Specify: No. Default is to use static Mandatory-to-Specify: No. Default is to use static
configuration, out-of-band from the metadata interface. configuration, out-of-band from the CDNI Metadata interface.
Example SourceMetadata object (which contains two Source objects) Example SourceMetadata object (which contains two Source objects)
that describes which servers the dCDN should use for acquiring that describes which servers the dCDN should use for acquiring
content for the applicable URI path and/or host: content for the applicable URI path and/or host:
{ {
"generic-metadata-type": "MI.SourceMetadata", "generic-metadata-type": "MI.SourceMetadata",
"generic-metadata-value": "generic-metadata-value":
{ {
"sources": [ "sources": [
skipping to change at page 24, line 29 skipping to change at page 25, line 38
"protocol": "http/1.1" "protocol": "http/1.1"
} }
] ]
} }
} }
4.2.1.1. Source 4.2.1.1. Source
A Source object describes the source to be used by the dCDN for A Source object describes the source to be used by the dCDN for
content acquisition (e.g., a Surrogate within the uCDN or an content acquisition (e.g., a Surrogate within the uCDN or an
alternate Origin Server), the protocol to be used, and any alternate origin server), the protocol to be used, and any
authentication method to be used when contacting that source. authentication method to be used when contacting that source.
Endpoints within a Source object MUST be treated as equivalent/equal. Endpoints within a Source object MUST be treated as equivalent/equal.
A uCDN can specify an array of sources in preference order within a A uCDN can specify an array of sources, ordered by preference, within
SourceMetadata object, and then for each preference ranked Source a SourceMetadata object. Then, for each Source object ranked by
object, a uCDN can specify an array of endpoints that are equivalent preference, a uCDN can specify an array of endpoints that are
(e.g., a pool of servers that are not behind a load balancer). equivalent (e.g., a pool of servers that are not behind a load
balancer).
Property: acquisition-auth Property: acquisition-auth
Description: Authentication method to use when requesting Description: Authentication method to use when requesting
content from this source. content from this source.
Type: Auth (see Section 4.2.7) Type: Auth (see Section 4.2.7)
Mandatory-to-Specify: No. Default is no authentication Mandatory-to-Specify: No. Default is no authentication
required. required.
Property: endpoints Property: endpoints
Description: Origins from which the dCDN can acquire content. Description: Origins from which the dCDN can acquire content.
If multiple endpoints are specified they are all equal, i.e., If multiple endpoints are specified, they are all equal, i.e.,
the list is not in preference order (e.g., a pool of servers the list is not ordered by preference.
behind a load balancer).
Type: Array of Endpoint objects (See Section 4.3.3) Type: Array of Endpoint objects (see Section 4.3.3)
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Property: protocol Property: protocol
Description: Network retrieval protocol to use when requesting Description: Network retrieval protocol to use when requesting
content from this source. content from this source.
Type: Protocol (see Section 4.3.2) Type: Protocol (see Section 4.3.2)
skipping to change at page 25, line 37 skipping to change at page 26, line 46
"b.service123.ucdn.example" "b.service123.ucdn.example"
], ],
"protocol": "http/1.1" "protocol": "http/1.1"
} }
4.2.2. LocationACL Metadata 4.2.2. LocationACL Metadata
LocationACL metadata defines which locations a User Agent needs to be LocationACL metadata defines which locations a User Agent needs to be
in, in order to be able to receive the associated content. in, in order to be able to receive the associated content.
A LocationACL which does not include a locations property results in A LocationACL that does not include a "locations" property results in
an action of allow all, meaning that delivery can be performed an action of "allow all", meaning that delivery can be performed
regardless of the User Agent's location, otherwise a CDN MUST take regardless of the User Agent's location; otherwise, a CDN MUST take
the action from the first footprint to match against the User Agent's the action from the first footprint to match against the User Agent's
location. If two or more footprints overlap, the first footprint location. If two or more footprints overlap, the first footprint
that matches against the User Agent's location determines the action that matches against the User Agent's location determines the action
a CDN MUST take. If the locations property is included but is empty, a CDN MUST take. If the "locations" property is included but is
or if none of the listed footprints matches the User Agent's empty or if none of the listed footprints match the User Agent's
location, then the result is an action of deny. location, then the result is an action of "deny".
Although the LocationACL, TimeWindowACL (see Section 4.2.3), and Although the LocationACL, TimeWindowACL (see Section 4.2.3), and
ProtocolACL (see Section 4.2.4) are independent GenericMetadata ProtocolACL (see Section 4.2.4) are independent GenericMetadata
objects, they can provide conflicting information to a dCDN, e.g., a objects, they can provide conflicting information to a dCDN, e.g., a
content request which is simultaneously allowed based on the content request that is simultaneously allowed based on the
LocationACL and denied based on the TimeWindowACL. The dCDN MUST use LocationACL and denied based on the TimeWindowACL. The dCDN MUST use
the logical AND of all ACLs (where 'allow' is true and 'deny' is the logical AND of all ACLs (where "allow" is true and "deny" is
false) to determine whether or not a request should be allowed. false) to determine whether or not a request should be allowed.
Property: locations Property: locations
Description: Access control list which allows or denies Description: ACL that allows or denies (blocks) delivery based
(blocks) delivery based on the User Agent's location. on the User Agent's location.
Type: Array of LocationRule objects (see Section 4.2.2.1) Type: Array of LocationRule objects (see Section 4.2.2.1)
Mandatory-to-Specify: No. Default is allow all locations. Mandatory-to-Specify: No. Default is to allow all locations.
Example LocationACL object that allows the dCDN to deliver content to Example LocationACL object that allows the dCDN to deliver content to
any location/IP address: any location / IP address:
{ {
"generic-metadata-type": "MI.LocationACL", "generic-metadata-type": "MI.LocationACL",
"generic-metadata-value": "generic-metadata-value":
{ {
} }
} }
Example LocationACL object (which contains a LocationRule object that
Example LocationACL object (which contains a LocationRule object in turn contains a Footprint object) that only allows the dCDN to
which itself contains a Footprint object) that only allows the dCDN deliver content to User Agents in the USA:
to deliver content to User Agents in the USA:
{ {
"generic-metadata-type": "MI.LocationACL", "generic-metadata-type": "MI.LocationACL",
"generic-metadata-value": "generic-metadata-value":
{ {
"locations": [ "locations": [
{ {
"action": "allow", "action": "allow",
"footprints": [ "footprints": [
{ {
skipping to change at page 27, line 25 skipping to change at page 28, line 46
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Property: action Property: action
Description: Defines whether the rule specifies locations to Description: Defines whether the rule specifies locations to
allow or deny. allow or deny.
Type: Enumeration [allow|deny] encoded as a lowercase string Type: Enumeration [allow|deny] encoded as a lowercase string
Mandatory-to-Specify: No. Default is deny. Mandatory-to-Specify: No. Default is "deny".
Example LocationRule object (which contains a Footprint object) that Example LocationRule object (which contains a Footprint object) that
allows the dCDN to deliver content to clients in the USA: allows the dCDN to deliver content to clients in the USA:
{ {
"action": "allow", "action": "allow",
"footprints": [ "footprints": [
{ {
"footprint-type": "countrycode", "footprint-type": "countrycode",
"footprint-value": ["us"] "footprint-value": ["us"]
} }
] ]
} }
4.2.2.2. Footprint 4.2.2.2. Footprint
A Footprint object describes the footprint to which a LocationRule A Footprint object describes the footprint to which a LocationRule
can be applied to, e.g., an IPv4 address range or a geographic can be applied, e.g., an IPv4 address range or a geographic location.
location.
Property: footprint-type Property: footprint-type
Description: Registered footprint type (see Section 7.2). The Description: Registered footprint type (see Section 7.2). The
footprint types specified by this document are: "ipv4cidr" footprint types specified by this document are "ipv4cidr"
(IPv4CIDR, see Section 4.3.5), "ipv6cidr" (IPv6CIDR, see (IPv4CIDR; see Section 4.3.5), "ipv6cidr" (IPv6CIDR; see
Section 4.3.6), "asn" (Autonomous System Number, see Section 4.3.6), "asn" (Autonomous System Number; see
Section 4.3.7) and "countrycode" (Country Code, see Section 4.3.7), and "countrycode" (Country Code; see
Section 4.3.8). Section 4.3.8).
Type: Lowercase String Type: Lowercase string
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Property: footprint-value Property: footprint-value
Description: Array of footprint values conforming to the Description: Array of footprint values conforming to the
specification associated with the registered footprint type. specification associated with the registered footprint type.
Footprint values can be simple strings (e.g., IPv4CIDR, Footprint values can be simple strings (e.g., IPv4CIDR,
IPv6CIDR, ASN, and CountryCode), however, other Footprint IPv6CIDR, ASN, and Country Code); however, other Footprint
objects can be defined in the future, along with a more complex objects can be defined in the future, along with a more complex
encoding (e.g., GPS coordinate tuples). encoding (e.g., GPS coordinate tuples).
Type: Array of footprints Type: Array of footprints
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Example Footprint object describing a footprint covering the USA: Example Footprint object describing a footprint covering the USA:
{ {
skipping to change at page 29, line 14 skipping to change at page 30, line 40
{ {
"footprint-type": "asn", "footprint-type": "asn",
"footprint-value": ["as64496"] "footprint-value": ["as64496"]
} }
4.2.3. TimeWindowACL 4.2.3. TimeWindowACL
TimeWindowACL metadata defines time-based restrictions. TimeWindowACL metadata defines time-based restrictions.
A TimeWindowACL which does not include a times property results in an A TimeWindowACL that does not include a "times" property results in
action of allow all, meaning that delivery can be performed an action of "allow all", meaning that delivery can be performed
regardless of the time of the User Agent's request, otherwise a CDN regardless of the time of the User Agent's request; otherwise, a CDN
MUST take the action from the first window to match against the MUST take the action from the first window to match against the
current time. If two or more windows overlap, the first window that current time. If two or more windows overlap, the first window that
matches against the current time determines the action a CDN MUST matches against the current time determines the action a CDN MUST
take. If the times property is included but is empty, or if none of take. If the "times" property is included but is empty or if none of
the listed windows matches the current time, then the result is an the listed windows match the current time, then the result is an
action of deny. action of "deny".
Although the LocationACL (see Section 4.2.2), TimeWindowACL, and Although the LocationACL (see Section 4.2.2), TimeWindowACL, and
ProtocolACL (see Section 4.2.4) are independent GenericMetadata ProtocolACL (see Section 4.2.4) are independent GenericMetadata
objects, they can provide conflicting information to a dCDN, e.g., a objects, they can provide conflicting information to a dCDN, e.g.,
content request which is simultaneously allowed based on the a content request that is simultaneously allowed based on the
LocationACL and denied based on the TimeWindowACL. The dCDN MUST use LocationACL and denied based on the TimeWindowACL. The dCDN MUST use
the logical AND of all ACLs (where 'allow' is true and 'deny' is the logical AND of all ACLs (where "allow" is true and "deny" is
false) to determine whether or not a request should be allowed. false) to determine whether or not a request should be allowed.
Property: times Property: times
Description: Access control list which allows or denies Description: ACL that allows or denies (blocks) delivery based
(blocks) delivery based on the time of a User Agent's request. on the time of a User Agent's request.
Type: Array of TimeWindowRule objects (see Section 4.2.3.1) Type: Array of TimeWindowRule objects (see Section 4.2.3.1)
Mandatory-to-Specify: No. Default is allow all time windows. Mandatory-to-Specify: No. Default is to allow all time
windows.
Example TimeWIndowACL object (which contains a TimeWindowRule object Example TimeWindowACL object (which contains a TimeWindowRule object
which itself contains a TimeWIndow object) that only allows the dCDN that in turn contains a TimeWindow object) that only allows the dCDN
to deliver content to clients between 09:00 01/01/2000 UTC and 17:00 to deliver content to clients between 09:00 01/01/2000 UTC and 17:00
01/01/2000 UTC: 01/01/2000 UTC:
{ {
"generic-metadata-type": "MI.TimeWindowACL", "generic-metadata-type": "MI.TimeWindowACL",
"generic-metadata-value": "generic-metadata-value":
{ {
"times": [ "times": [
{ {
"action": "allow", "action": "allow",
skipping to change at page 30, line 33 skipping to change at page 32, line 4
4.2.3.1. TimeWindowRule 4.2.3.1. TimeWindowRule
A TimeWindowRule contains or references an array of TimeWindow A TimeWindowRule contains or references an array of TimeWindow
objects and the corresponding action. objects and the corresponding action.
Property: windows Property: windows
Description: Array of time windows to which the rule applies. Description: Array of time windows to which the rule applies.
Type: Array of TimeWindow objects (see Section 4.2.3.2) Type: Array of TimeWindow objects (see Section 4.2.3.2)
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Property: action Property: action
Description: Defines whether the rule specifies time windows to Description: Defines whether the rule specifies time windows to
allow or deny. allow or deny.
Type: Enumeration [allow|deny] encoded as a lowercase string Type: Enumeration [allow|deny] encoded as a lowercase string
Mandatory-to-Specify: No. Default is deny. Mandatory-to-Specify: No. Default is "deny".
Example TimeWIndowRule object (which contains a TimeWIndow object) Example TimeWindowRule object (which contains a TimeWindow object)
that only allows the dCDN to deliver content to clients between 09:00 that only allows the dCDN to deliver content to clients between 09:00
01/01/2000 UTC and 17:00 01/01/2000 UTC: 01/01/2000 UTC and 17:00 01/01/2000 UTC:
{ {
"action": "allow", "action": "allow",
"windows": [ "windows": [
{ {
"start": 946717200, "start": 946717200,
"end": 946746000 "end": 946746000
} }
] ]
} }
4.2.3.2. TimeWindow 4.2.3.2. TimeWindow
A TimeWindow object describes a time range which can be applied by an A TimeWindow object describes a time range that can be applied by a
TimeWindowACL, e.g., start 946717200 (i.e., 09:00 01/01/2000 UTC), TimeWindowACL, e.g., start 946717200 (i.e., 09:00 01/01/2000 UTC),
end: 946746000 (i.e., 17:00 01/01/2000 UTC). end: 946746000 (i.e., 17:00 01/01/2000 UTC).
Property: start Property: start
Description: The start time of the window. Description: The start time of the window.
Type: Time (see Section 4.3.4) Type: Time (see Section 4.3.4)
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Property: end Property: end
Description: The end time of the window. Description: The end time of the window.
Type: Time (see Section 4.3.4) Type: Time (see Section 4.3.4)
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Example TimeWIndow object that describes a time window from 09:00 Example TimeWindow object that describes a time window from 09:00
01/01/2000 UTC to 17:00 01/01/2000 UTC: 01/01/2000 UTC to 17:00 01/01/2000 UTC:
{ {
"start": 946717200, "start": 946717200,
"end": 946746000 "end": 946746000
} }
4.2.4. ProtocolACL Metadata 4.2.4. ProtocolACL Metadata
ProtocolACL metadata defines delivery protocol restrictions. ProtocolACL metadata defines delivery protocol restrictions.
A ProtocolACL which does not include a protocol-acl property results A ProtocolACL that does not include a protocol-acl property results
in an action of allow all, meaning that delivery can be performed in an action of "allow all", meaning that delivery can be performed
regardless of the protocol in the User Agent's request, otherwise a regardless of the protocol in the User Agent's request; otherwise, a
CDN MUST take the action from the first protocol to match against the CDN MUST take the action from the first protocol to match against the
request protocol. If two or more request protocols overlap, the request protocol. If two or more request protocols overlap, the
first protocol that matches the request protocol determines the first protocol that matches the request protocol determines the
action a CDN MUST take. If the protocol-acl property is included but action a CDN MUST take. If the protocol-acl property is included but
is empty, or if none of the listed protocol matches the request is empty or if none of the listed protocols match the request
protocol, then the result is an action of deny. protocol, then the result is an action of "deny".
Although the LocationACL, TimeWindowACL, and ProtocolACL are Although the LocationACL (see Section 4.2.2), TimeWindowACL (see
independent GenericMetadata objects, they can provide conflicting Section 4.2.3), and ProtocolACL are independent GenericMetadata
information to a dCDN, e.g., a content request which is objects, they can provide conflicting information to a dCDN, e.g., a
simultaneously allowed based on the ProtocolACL and denied based on content request that is simultaneously allowed based on the
the TimeWindowACL. The dCDN MUST use the logical AND of all ACLs ProtocolACL and denied based on the TimeWindowACL. The dCDN MUST use
(where 'allow' is true and 'deny' is false) to determine whether or the logical AND of all ACLs (where "allow" is true and "deny" is
not a request should be allowed. false) to determine whether or not a request should be allowed.
Property: protocol-acl Property: protocol-acl
Description: Description: Access control list which allows or Description: ACL that allows or denies (blocks) delivery based
denies (blocks) delivery based on delivery protocol. on delivery protocol.
Type: Array of ProtocolRule objects (see Section 4.2.4.1) Type: Array of ProtocolRule objects (see Section 4.2.4.1)
Mandatory-to-Specify: No. Default is allow all protocols. Mandatory-to-Specify: No. Default is to allow all protocols.
Example ProtocolACL object (which contains a ProtocolRule object) Example ProtocolACL object (which contains a ProtocolRule object)
that only allows the dCDN to deliver content using HTTP/1.1: that only allows the dCDN to deliver content using HTTP/1.1:
{ {
"generic-metadata-type": "MI.ProtocolACL", "generic-metadata-type": "MI.ProtocolACL",
"generic-metadata-value": "generic-metadata-value":
{ {
"protocol-acl": [ "protocol-acl": [
{ {
skipping to change at page 33, line 5 skipping to change at page 34, line 30
4.2.4.1. ProtocolRule 4.2.4.1. ProtocolRule
A ProtocolRule contains or references an array of Protocol objects A ProtocolRule contains or references an array of Protocol objects
and the corresponding action. and the corresponding action.
Property: protocols Property: protocols
Description: Array of protocols to which the rule applies. Description: Array of protocols to which the rule applies.
Type: Array of Protocols (see Section 4.3.2) Type: Array of Protocol objects (see Section 4.3.2)
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Property: action Property: action
Description: Defines whether the rule specifies protocols to Description: Defines whether the rule specifies protocols to
allow or deny. allow or deny.
Type: Enumeration [allow|deny] encoded as a lowercase string Type: Enumeration [allow|deny] encoded as a lowercase string
Mandatory-to-Specify: No. Default is deny. Mandatory-to-Specify: No. Default is "deny".
Example ProtocolRule object (which contains a ProtocolRule object) Example ProtocolRule object (which contains a Protocol object) that
that allows the dCDN to deliver content using HTTP/1.1: allows the dCDN to deliver content using HTTP/1.1:
{ {
"action": "allow", "action": "allow",
"protocols": ["http/1.1"] "protocols": ["http/1.1"]
} }
4.2.5. DeliveryAuthorization Metadata 4.2.5. DeliveryAuthorization Metadata
Delivery Authorization defines authorization methods for the delivery Delivery authorization defines authorization methods for the delivery
of content to User Agents. of content to User Agents.
Property: delivery-auth-methods Property: delivery-auth-methods
Description: Options for authorizing content requests. Description: Options for authorizing content requests.
Delivery for a content request is authorized if any of the Delivery for a content request is authorized if any one of the
authorization methods in the list is satisfied for that authorization methods in the list is satisfied for that
request. request.
Type: Array of Auth objects (see Section 4.2.7) Type: Array of Auth objects (see Section 4.2.7)
Mandatory-to-Specify: No. Default is no authorization Mandatory-to-Specify: No. Default is no authorization
required. required.
Example DeliveryAuthorization object (which contains an Auth object): Example DeliveryAuthorization object (which contains an Auth object):
skipping to change at page 34, line 35 skipping to change at page 36, line 8
Cache keys are generated from the URI of the content request Cache keys are generated from the URI of the content request
[RFC7234]. In some cases, a CDN or content provider might want [RFC7234]. In some cases, a CDN or content provider might want
certain path segments or query parameters to be excluded from the certain path segments or query parameters to be excluded from the
cache key generation. The Cache object provides guidance on what cache key generation. The Cache object provides guidance on what
parts of the path and query string to include. parts of the path and query string to include.
Property: exclude-path-pattern Property: exclude-path-pattern
Description: A pattern for matching against the URI path, i.e., Description: A pattern for matching against the URI path, i.e.,
against the [RFC3986] path-absolute. The pattern can contain against the path-absolute [RFC3986]. The pattern can contain
the wildcards * and ?, where * matches any sequence of the wildcards "*" and "?", where "*" matches any sequence of
[RFC3986] pchar or "/" characters (including the empty string) pchar [RFC3986] or "/" characters (including the empty string)
and ? matches exactly one [RFC3986] pchar character. The three and "?" matches exactly one pchar character. The three
literals $, * and ? MUST be escaped as $$, $* and $? (where $ literals "$", "*", and "?" MUST be escaped as "$$", "$*", and
is the designated escape character). All other characters are "$?" (where "$" is the designated escape character). All other
treated as literals. Cache key generation MUST only include characters are treated as literals. Cache key generation MUST
the portion of the path-absolute that matches the wildcard only include the portion of the path-absolute that matches the
portions of the pattern. Note: Inconsistency between the wildcard portions of the pattern. Note: Inconsistency between
PatternMatch pattern Section 4.1.5 and the exclude-path-pattern the PatternMatch pattern (Section 4.1.5) and the
can result in inefficient caching. exclude-path-pattern can result in inefficient caching.
Type: String Type: String
Mandatory-to-Specify: No. Default is to use the full URI path- Mandatory-to-Specify: No. Default is to use the full URI
absolute to generate the cache key. path-absolute to generate the cache key.
Property: include-query-strings Property: include-query-strings
Description: Allows a Surrogate to specify the URI query string Description: Allows a Surrogate to specify the URI query string
parameters [RFC3986] to include when comparing the requested parameters [RFC3986] to include when comparing the requested
URI against the URIs in its cache for equivalence. Matching URI against the URIs in its cache for equivalence. Matching
query parameters MUST be case-insensitive. If all query query parameters MUST be case insensitive. If all query
parameters should be ignored, then the list MUST be specified parameters should be ignored, then the list MUST be specified
and MUST be empty. If a query parameter appears multiple times and MUST be empty. If a query parameter appears multiple times
in the query string, each instance value MUST be aggregated in the query string, each instance value MUST be aggregated
prior to comparison. For consistent cache key generation, prior to comparison. For consistent cache key generation,
query parameters SHOULD be evaluated in the order specified in query parameters SHOULD be evaluated in the order specified in
this array. this array.
Type: Array of String Type: Array of strings
Mandatory-to-Specify: No. Default is to consider all query Mandatory-to-Specify: No. Default is to consider all query
string parameters when comparing URIs. string parameters when comparing URIs.
Example Cache object that instructs the dCDN to use the full URI path Example Cache object that instructs the dCDN to use the full URI path
and ignore all query parameters: and ignore all query parameters:
{ {
"generic-metadata-type": "MI.Cache", "generic-metadata-type": "MI.Cache",
"generic-metadata-value": "generic-metadata-value":
skipping to change at page 35, line 45 skipping to change at page 37, line 18
{ {
"generic-metadata-type": "MI.Cache", "generic-metadata-type": "MI.Cache",
"generic-metadata-value": "generic-metadata-value":
{ {
"exclude-path-pattern": "/CDNX/*", "exclude-path-pattern": "/CDNX/*",
"include-query-strings": ["mediaid", "providerid"] "include-query-strings": ["mediaid", "providerid"]
} }
} }
Example Cache object that instructs the dCDN to exclude the "CDNX" Example Cache object that instructs the dCDN to exclude the "CDNX"
path prefix, but includes all query parameters: path prefix but includes all query parameters:
{ {
"generic-metadata-type": "MI.Cache", "generic-metadata-type": "MI.Cache",
"generic-metadata-value": "generic-metadata-value":
{ {
"exclude-path-pattern": "/CDNX/*" "exclude-path-pattern": "/CDNX/*"
} }
} }
4.2.7. Auth 4.2.7. Auth
An Auth object defines authentication and authorization methods to be An Auth object defines authentication and authorization methods to be
used during content acquisition and content delivery, respectively. used during content acquisition and content delivery, respectively.
Note: This document does not define any Auth methods. Individual Note: This document does not define any Auth methods. Individual
Auth methods are being defined separately (e.g., URI Signing Auth methods are being defined separately (e.g., URI Signing
[I-D.ietf-cdni-uri-signing]). The GenericMetadata which contain Auth [CDNI-URI-SIGNING]). The GenericMetadata object that contains Auth
objects is defined herein for convenience and so as not to be objects is defined herein for convenience and so as not to be
specific to any particular Auth method. specific to any particular Auth method.
Property: auth-type Property: auth-type
Description: Auth type (The CDNI Payload Type [RFC7736] of the Description: Auth type (The CDNI Payload Type [RFC7736] of the
GenericMetadata object contained in the auth-value property). GenericMetadata object contained in the auth-value property).
Type: String Type: String
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Property: auth-value Property: auth-value
Description: An object conforming to the specification Description: An object conforming to the specification
associated with the Auth type. associated with the Auth type.
Type: GenericMetadata Object Type: GenericMetadata object
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Example Auth object: Example Auth object:
{ {
"generic-metadata-type": "MI.Auth", "generic-metadata-type": "MI.Auth",
"generic-metadata-value": "generic-metadata-value":
{ {
"auth-type": <CDNI Payload Type of this Auth object>, "auth-type": <CDNI Payload Type of this Auth object>,
skipping to change at page 37, line 24 skipping to change at page 38, line 30
} }
} }
4.2.8. Grouping 4.2.8. Grouping
A Grouping object identifies a group of content to which a given A Grouping object identifies a group of content to which a given
asset belongs. asset belongs.
Property: ccid Property: ccid
Description: Content Collection identifier for an application- Description: Content Collection IDentifier for an application-
specific purpose such as logging aggregation. specific purpose such as logging aggregation.
Type: String Type: String
Mandatory-to-Specify: No. Default is an empty string. Mandatory-to-Specify: No. Default is not to apply any
grouping.
Example Grouping object that specifies a Content Collection Example Grouping object that specifies a Content Collection
Identifier for the content associated with the Grouping object's IDentifier for the content associated with the Grouping object's
parent HostMetadata and PathMetadata: parent HostMetadata and PathMetadata:
{ {
"generic-metadata-type": "MI.Grouping", "generic-metadata-type": "MI.Grouping",
"generic-metadata-value": "generic-metadata-value":
{ {
"ccid": "ABCD" "ccid": "ABCD"
} }
} }
4.3. CDNI Metadata Simple Data Type Descriptions 4.3. CDNI Metadata Simple Data Type Descriptions
This section describes the simple data types that are used for This section describes the simple data types that are used for
properties of CDNI metadata objects. properties of CDNI Metadata objects.
4.3.1. Link 4.3.1. Link
A Link object can be used in place of any of the objects or A Link object can be used in place of any of the objects described
properties described above. Link objects can be used to avoid above. Link objects can be used to avoid duplication if the same
duplication if the same metadata information is repeated within the metadata information is repeated within the metadata tree. When a
metadata tree. When a Link object replaces another object, its href Link object replaces another object, its "href" property is set to
property is set to the URI of the resource and its type property is the URI of the resource and its "type" property is set to the CDNI
set to the CDNI Payload Type of the object it is replacing. Payload Type of the object it is replacing.
dCDNs can detect the presence of a Link object by detecting the dCDNs can detect the presence of a Link object by detecting the
presence of a property named "href" within the object. This means presence of a property named "href" within the object. This means
that GenericMetadata types MUST NOT contain a property named "href" that GenericMetadata types MUST NOT contain a property named "href"
because doing so would conflict with the ability for dCDNs to detect because doing so would conflict with the ability for dCDNs to detect
Link objects being used to reference a GenericMetadata object. Link objects being used to reference a GenericMetadata object.
Property: href Property: href
Description: The URI of the addressable object being Description: The URI of the addressable object being
referenced. referenced.
Type: String Type: String
Mandatory-to-Specify: Yes. Mandatory-to-Specify: Yes.
Property: type Property: type
Description: The CDNI Payload type of the object being Description: The CDNI Payload Type of the object being
referenced. referenced.
Type: String Type: String
Mandatory-to-Specify: No. If the container specifies the type Mandatory-to-Specify: No. If the container specifies the type
(e.g., the HostIndex object contains an array of HostMatch (e.g., the HostIndex object contains an array of HostMatch
objects, so a Link object in the list of HostMatch objects must objects, so a Link object in the list of HostMatch objects must
reference a HostMatch), then it is not necessary to explicitly reference a HostMatch), then it is not necessary to explicitly
specify a type. specify a type.
skipping to change at page 39, line 18 skipping to change at page 40, line 20
<Properties of embedded HostMatch object> <Properties of embedded HostMatch object>
}, },
{ {
"href": "https://metadata.ucdn.example/hostmatch1234" "href": "https://metadata.ucdn.example/hostmatch1234"
} }
] ]
} }
4.3.1.1. Link Loop Prevention 4.3.1.1. Link Loop Prevention
When following a Link, CDNI metadata clients SHOULD verify that the When following a link, CDNI Metadata clients SHOULD verify that the
CDNI Payload Type of the object retrieved matches the expected CDNI CDNI Payload Type of the object retrieved matches the expected CDNI
Payload Type, as indicated by the link object. For GenericMetadata Payload Type, as indicated by the Link object or containing property.
objects, type checks will prevent self references; however, incorrect For GenericMetadata objects, type checks will prevent self-
linking can result in circular references for structural metadtata references; however, incorrect linking can result in circular
objects, specifically, PathMatch and PathMetadata objects Figure 1. references for structural metadata objects, specifically PathMatch
To prevent the circular references, CDNI metadata clients SHOULD and PathMetadata objects (Figure 1). To prevent circular references,
verify that no duplicate Links occur for PathMatch or PathMetadata CDNI Metadata clients SHOULD verify that no duplicate links occur for
objects. PathMatch or PathMetadata objects.
4.3.2. Protocol 4.3.2. Protocol
Protocol objects are used to specify registered protocols for content Protocol objects are used to specify protocols (from the "CDNI
acquisition or delivery (see Section 7.3). Metadata Protocol Types" registry; see Section 7.3) for content
acquisition or delivery.
Type: String Type: String
Example: Example:
"http/1.1" "http/1.1"
4.3.3. Endpoint 4.3.3. Endpoint
A Hostname (with optional port) or an IP address (with optional A hostname (with optional port) or an IP address (with optional
port). port).
All implementations MUST support IPv4 addresses encoded as specified All implementations MUST support IPv4 addresses encoded as specified
by the 'IPv4address' rule in Section 3.2.2 of [RFC3986]. IPv6 by the "IPv4address" rule in Section 3.2.2 of [RFC3986]. IPv6
addresses MUST be encoded in one of the IPv6 address formats addresses MUST be encoded in one of the IPv6 address formats
specified in [RFC5952] although receivers MUST support all IPv6 specified in [RFC5952], although receivers MUST support all IPv6
address formats specified in [RFC4291]. Hostnames MUST conform to address formats specified in [RFC4291]. Hostnames MUST conform to
the Domain Name System (DNS) syntax defined in [RFC1034] and the Domain Name System (DNS) syntax defined in [RFC1034] and
[RFC1123]. Internationalized Domain Names (IDN) must first be [RFC1123]. Internationalized Domain Names (IDNs) must first be
transformed to the A-label form [RFC5890] as per [RFC5891]. transformed to the A-label form [RFC5890] as per [RFC5891].
Type: String Type: String
Example Hostname: Example hostname:
"metadata.ucdn.example" "metadata.ucdn.example"
Example IPv4 address: Example IPv4 address:
"192.0.2.1" "192.0.2.1"
Example IPv6 address (with port number): Example IPv6 address (with port number):
"[2001:db8::1]:81" "[2001:db8::1]:81"
4.3.4. Time 4.3.4. Time
A time value expressed in seconds since the Unix epoch (i.e., zero A time value expressed in seconds since the UNIX epoch (i.e., zero
hours, zero minutes, zero seconds, on January 1, 1970) Coordinated hours, zero minutes, zero seconds, on January 1, 1970) Coordinated
Universal Time (UTC) [POSIX]. Universal Time (UTC) [POSIX].
Type: Integer Type: Integer
Example Time representing 09:00:00 01/01/2000 UTC: Example time representing 09:00:00 01/01/2000 UTC:
946717200 946717200
4.3.5. IPv4CIDR 4.3.5. IPv4CIDR
An IPv4address CIDR block encoded as specified by the 'IPv4address' An IPv4address Classless Inter-Domain Routing (CIDR) block encoded as
rule in Section 3.2.2 of [RFC3986] followed by a / followed by an specified by the "IPv4address" rule in Section 3.2.2 of [RFC3986]
unsigned integer representing the leading bits of the routing prefix followed by a "/" followed by an unsigned integer representing the
(i.e., IPv4 CIDR notation). Single IP addresses can be expressed as leading bits of the routing prefix (i.e., IPv4 CIDR notation).
/32. Single IP addresses can be expressed as /32.
Type: String Type: String
Example IPv4 CIDR: Example IPv4CIDR:
"192.0.2.0/24" "192.0.2.0/24"
4.3.6. IPv6CIDR 4.3.6. IPv6CIDR
An IPv6address CIDR block encoded in one of the IPv6 address formats An IPv6address CIDR block encoded in one of the IPv6 address formats
specified in [RFC5952] followed by a / followed by an unsigned specified in [RFC5952] followed by a "/" followed by an unsigned
integer representing the leading bits of the routing prefix (i.e., integer representing the leading bits of the routing prefix (i.e.,
IPv6 CIDR notation). Single IP addresses can be expressed as /128. IPv6 CIDR notation). Single IP addresses can be expressed as /128.
Type: String Type: String
Example IPv6 CIDR:
Example IPv6CIDR:
"2001:db8::/32" "2001:db8::/32"
4.3.7. ASN 4.3.7. ASN
An Autonomous System Number encoded as a string consisting of the An ASN value encoded as a string consisting of the characters "as"
characters "as" (in lowercase) followed by the Autonomous System (in lowercase) followed by the ASN [RFC6793].
number [RFC6793].
Type: String Type: String
Example ASN: Example ASN:
"as64496" "as64496"
4.3.8. CountryCode 4.3.8. Country Code
An ISO 3166-1 alpha-2 code [ISO3166-1] in lowercase. An ISO 3166-1 alpha-2 code [ISO3166-1] in lowercase.
Type: String Type: String
Example Country Code representing the USA: Example Country Code representing the USA:
"us" "us"
5. CDNI Metadata Capabilities 5. CDNI Metadata Capabilities
CDNI metadata is used to convey information pertaining to content CDNI Metadata is used to convey information pertaining to content
delivery from uCDN to dCDN. For optional metadata, it can be useful delivery from the uCDN to the dCDN. For optional metadata, it can be
for the uCDN to know if the dCDN supports the underlying useful for the uCDN to know, prior to delegating any content requests
functionality described by the metadata, prior to delegating any to a given dCDN, if that dCDN supports the underlying functionality
content requests to the dCDN. If some metadata is "mandatory-to- described by the metadata. If some metadata is mandatory-to-enforce
enforce", and the dCDN does not support it, any delegated requests and the dCDN does not support it, any delegated requests for content
for content that requires that metadata will fail. The uCDN will that requires that metadata will fail. The uCDN will likely want to
likely want to avoid delegating those requests to that dCDN. avoid delegating those requests to that dCDN. Likewise, for any
Likewise, for any metadata which might be assigned optional values, metadata that might be assigned optional values, it could be useful
it could be useful for the uCDN to know which values a dCDN supports, for the uCDN to know, prior to delegating any content requests to a
prior to delegating any content requests to that dCDN. If the given dCDN, which values that dCDN supports. If the optional value
optional value assigned to a given piece of content's metadata is not assigned to a given piece of content's metadata is not supported by
supported by the dCDN, any delegated requests for that content can the dCDN, any delegated requests for that content can fail, so again
fail, so again the uCDN is likely to want to avoid delegating those the uCDN is likely to want to avoid delegating those requests to
requests to that dCDN. that dCDN.
The CDNI Footprint and Capabilities Interface (FCI) provides a means The CDNI Footprint & Capabilities Advertisement interface (FCI)
of advertising capabilities from dCDN to uCDN [RFC7336]. Support for provides a means of advertising capabilities from the dCDN to the
optional metadata types and values can be advertised using the FCI. uCDN [RFC8008]. Support for optional metadata types and values can
be advertised using the FCI.
6. CDNI Metadata interface 6. CDNI Metadata Interface
This section specifies an interface to enable a dCDN to retrieve CDNI This section specifies an interface to enable a dCDN to retrieve CDNI
metadata objects from a uCDN. Metadata objects from a uCDN.
The interface can be used by a dCDN to retrieve CDNI metadata objects The interface can be used by a dCDN to retrieve CDNI Metadata objects
either: in either of two ways:
o Dynamically as required by the dCDN to process received requests. o Dynamically, as required by the dCDN to process received requests
For example in response to a query from an uCDN over the CDNI -- for example, in response to a query from a uCDN over the CDNI
Request Routing Redirection interface (RI) Request Routing Redirection interface (RI) [RFC7975] or in
[I-D.ietf-cdni-redirection] or in response to receiving a request response to receiving a request for content from a User Agent.
for content from a User Agent. Or;
o In advance of being required. For example in the case of pre- o In advance of being required -- for example, in the case of
positioned CDNI metadata acquisition, initiated through the "CDNI pre-positioned CDNI Metadata acquisition, initiated through the
Control interface / Triggers" (CI/T) interface "CDNI Control interface / Triggers" (CI/T) interface [RFC8007].
[I-D.ietf-cdni-control-triggers].
The CDNI metadata interface is built on the principles of HTTP web The CDNI Metadata interface is built on the principles of HTTP web
services. In particular, this means that requests and responses over services. In particular, this means that requests and responses over
the interface are built around the transfer of representations of the interface are built around the transfer of representations of
hyperlinked resources. A resource in the context of the CDNI hyperlinked resources. A resource in the context of the CDNI
metadata interface is any object in the object model (as described in Metadata interface is any object in the object model (as described in
Section 3 and Section 4). Sections 3 and 4).
To retrieve CDNI metadata, a CDNI metadata client (i.e., a client in
the dCDN) first makes a HTTP GET request for the URI of the HostIndex
which provides the CDNI metadata client with an array of Hostnames
for which the uCDN can delegate content delivery to the dCDN. The
CDNI metadata client can then obtain any other CDNI metadata objects
by making a HTTP GET requests for any linked metadata objects it
requires.
CDNI metadata servers (i.e., servers in the uCDN) are free to assign CDNI Metadata servers (i.e., servers in the uCDN) are free to assign
whatever structure they desire to the URIs for CDNI metadata objects whatever structure they desire to the URIs for CDNI Metadata objects,
and CDNI metadata clients MUST NOT make any assumptions regarding the and CDNI Metadata clients MUST NOT make any assumptions regarding the
structure of CDNI metadata URIs or the mapping between CDNI metadata structure of CDNI Metadata URIs or the mapping between CDNI Metadata
objects and their associated URIs. Therefore any URIs present in the objects and their associated URIs. Any URIs present in the examples
examples in this document are purely illustrative and are not in this document are purely illustrative and are not intended to
intended to impose a definitive structure on CDNI metadata interface impose a definitive structure on CDNI Metadata interface
implementations. implementations.
6.1. Transport 6.1. Transport
The CDNI metadata interface uses HTTP as the underlying protocol The CDNI Metadata interface uses HTTP as the underlying protocol
transport [RFC7230]. transport [RFC7230].
The HTTP Method in the request defines the operation the request The HTTP method in the request defines the operation the request
would like to perform. A server implementation of the CDNI metadata would like to perform. A server implementation of the CDNI Metadata
interface MUST support the HTTP GET and HEAD methods. interface MUST support the HTTP GET and HEAD methods.
The corresponding HTTP Response returns the status of the operation The corresponding HTTP response returns the status of the operation
in the HTTP Status Code and returns the current representation of the in the HTTP status code and returns the current representation of the
resource (if appropriate) in the Response Body. HTTP Responses that resource (if appropriate) in the response body. HTTP responses that
contain a response body SHOULD include an ETag to enable validation contain a response body SHOULD include an entity-tag (ETag) to enable
of cached versions of returned resources. validation of cached versions of returned resources.
As the CDNI metadata interface builds on top of HTTP, CDNI metadata As the CDNI Metadata interface builds on top of HTTP, CDNI Metadata
server implementations MAY make use of any HTTP feature when server implementations MAY make use of any HTTP feature when
implementing the CDNI metadata interface, for example, a CDNI implementing the CDNI Metadata interface; for example, a CDNI
metadata server MAY make use of HTTP's caching mechanisms to indicate Metadata server MAY make use of HTTP's caching mechanisms to indicate
that the returned response/representation can be reused without re- that the returned response/representation can be reused without
contacting the CDNI metadata server. re-contacting the CDNI Metadata server.
6.2. Retrieval of CDNI Metadata resources 6.2. Retrieval of CDNI Metadata Resources
In the general case, a CDNI metadata server makes CDNI metadata In the general case, a CDNI Metadata server makes CDNI Metadata
objects available via a unique URIs and thus, in order to retrieve objects available via unique URIs; thus, in order to retrieve CDNI
CDNI metadata, a CDNI metadata client first makes a HTTP GET request Metadata, a CDNI Metadata client (i.e., a client in the dCDN) first
for the URI of the HostIndex which provides an array of Hostnames for makes an HTTP GET request for the URI of the HostIndex, which
which the uCDN can delegate content delivery to the dCDN. provides an array of hostnames for which the uCDN can delegate
content delivery to the dCDN.
In order to retrieve the CDNI metadata for a particular request the In order to retrieve the CDNI Metadata for a particular request, the
CDNI metadata client processes the received HostIndex object and CDNI Metadata client processes the received HostIndex object and
finds the corresponding HostMetadata entry (by matching the hostname finds the corresponding HostMetadata entry (by matching the hostname
in the request against the hostnames listed in the HostMatch in the request against the hostnames listed in the HostMatch
objects). If the HostMetadata is linked (rather than embedded), the objects). If the HostMetadata is linked (rather than embedded), the
CDNI metadata client then makes a GET request for the URI specified CDNI Metadata client then makes an HTTP GET request for the URI
in the href property of the Link object which points to the specified in the "href" property of the Link object, which points to
HostMetadata object itself. the HostMetadata object itself.
In order to retrieve the most specific metadata for a particular In order to retrieve the most specific metadata for a particular
request, the CDNI metadata client inspects the HostMetadata for request, the CDNI Metadata client inspects the HostMetadata for
references to more specific PathMetadata objects (by matching the URI references to more-specific PathMetadata objects (by matching the URI
path in the request against the path-patterns in any PathMatch path in the request against the path-pattern property items in any
objects listed in the HostMetadata object). If any PathMetadata are PathMatch objects listed in the HostMetadata object). If a
found to match (and are linked rather than embedded), the CDNI PathMetadata object is found to match (and is linked rather than
metadata client makes another GET request for the PathMetadata. Each embedded), the CDNI Metadata client makes another HTTP GET request
PathMetadata object can also include references to yet more specific for the PathMetadata. Each PathMetadata object can also include
metadata. If this is the case, the CDNI metadata client continues references to additional more-specific metadata. If this is the
requesting PathMatch and PathMetadata objects recursively. The CDNI case, the CDNI Metadata client continues requesting PathMatch and
metadata client repeats this approach of processing metadata objects PathMetadata objects recursively. The CDNI Metadata client repeats
and retrieving (via HTTP GETs) any linked objects until it has all this approach of processing metadata objects and retrieving (via HTTP
the metadata objects it requires in order to process the redirection GETs) any linked objects until it has all the metadata objects it
request from an uCDN or the content request from a User Agent. requires in order to process the redirection request from the uCDN or
the content request from a User Agent.
In cases where a dCDN is not able to retrieve the entire set of CDNI In cases where a dCDN is not able to retrieve the entire set of CDNI
metadata associated with a User Agent request, or it has retrieved Metadata associated with a User Agent request, or it has retrieved
that metadata but it is stale according to standard HTTP caching that metadata but it is stale according to standard HTTP caching
rules and cannot be revalidated, for example because the uCDN is rules and cannot be revalidated -- for example, because the uCDN is
unreachable or returns a HTTP 4xx or 5xx status in response to some unreachable or returns an HTTP 4xx or 5xx status in response to some
or all of the dCDN's CDNI metadata requests, the dCDN MUST NOT serve or all of the dCDN's CDNI Metadata requests -- the dCDN MUST NOT
the requested content. serve the requested content.
Where a dCDN is interconnected with multiple uCDNs, the dCDN needs to Where a dCDN is interconnected with multiple uCDNs, the dCDN needs to
determine which uCDN's CDNI metadata should be used to handle a determine which uCDN's CDNI Metadata interface should be used to
particular User Agent request. handle a particular User Agent request.
When application level redirection (e.g., HTTP 302 redirects) is When HTTP redirection (e.g., HTTP 302 redirects) is being used
being used between CDNs, it is expected that the dCDN will be able to between CDNs, it is expected that the dCDN will be able to determine
determine the uCDN that redirected a particular request from the uCDN that redirected a particular request from information
information contained in the received request (e.g., via the URI). contained in the received request (e.g., via the URI). With
With knowledge of which uCDN routed the request, the dCDN can choose knowledge of which uCDN routed the request, the dCDN can choose the
the correct uCDN from which to obtain the HostIndex. Note that the correct uCDN from which to obtain the HostIndex. Note that the
HostIndexes served by each uCDN can be unique. HostIndexes served by each uCDN can be unique.
In the case of DNS redirection there is not always sufficient In the case of DNS redirection, there is not always sufficient
information carried in the DNS request from User Agents to determine information carried in the DNS request from User Agents to determine
the uCDN that redirected a particular request (e.g., when content the uCDN that redirected a particular request (e.g., when content
from a given host is redirected to a given dCDN by more than one from a given host is redirected to a given dCDN by more than one
uCDN) and therefore dCDNs will have to apply local policy when uCDN); therefore, dCDNs will have to apply local policy when deciding
deciding which uCDN's metadata to apply. which uCDN's CDNI Metadata interface to use.
6.3. Bootstrapping 6.3. Bootstrapping
The URI for the HostIndex object of a given uCDN needs to be The URI for the HostIndex object of a given uCDN needs to be
configured in the dCDN. All other objects/resources are then configured in the dCDN. All other objects/resources are then
discoverable from the HostIndex object by following any links in the discoverable from the HostIndex object by following any links in the
HostIndex object and through the referenced HostMetadata and HostIndex object, and through the referenced HostMetadata and
PathMetadata objects and their GenericMetadata sub-objects. PathMetadata objects and their GenericMetadata sub-objects.
Manual configuration of the URI for the HostIndex object is outside Manual configuration of the URI for the HostIndex object is outside
the scope of this document. the scope of this document.
6.4. Encoding 6.4. Encoding
CDNI metadata objects MUST be encoded as I-JSON objects [RFC7493] CDNI Metadata objects MUST be encoded as I-JSON objects [RFC7493]
containing a dictionary of (key,value) pairs where the keys are the containing a dictionary of (key,value) pairs where the keys are the
property names and the values are the associated property values. property names and the values are the associated property values.
The keys of the dictionary are the names of the properties associated The keys of the dictionary are the names of the properties associated
with the object and are therefore dependent on the specific object with the object and are therefore dependent on the specific object
being encoded (i.e., dependent on the CDNI Payload Type of the being encoded (i.e., dependent on the CDNI Payload Type of the
returned resource). Likewise, the values associated with each returned resource). Likewise, the values associated with each
property (dictionary key) are dependent on the specific object being property (dictionary key) are dependent on the specific object being
encoded (i.e., dependent on the CDNI Payload Type of the returned encoded (i.e., dependent on the CDNI Payload Type of the returned
resource). resource).
Dictionary keys (properties) in I-JSON are case sensitive. By Dictionary keys (properties) in I-JSON are case sensitive. By
convention, any dictionary key (property) defined by this document convention, any dictionary key (property) defined by this document
(for example, the names of CDNI metadata object properties) MUST be (for example, the names of CDNI Metadata object properties) MUST be
lowercase. lowercase.
6.5. Extensibility 6.5. Extensibility
The set of GenericMetadata objects can be extended with additional The set of GenericMetadata objects can be extended with additional
(standards based or vendor specific) metadata objects through the (standards-based or vendor-specific) metadata objects through the
specification of new GenericMetadata objects. The GenericMetadata specification of new GenericMetadata objects. The GenericMetadata
object defined in Section 4.1.7 specifies a type field and a type- object defined in Section 4.1.7 specifies a type field and a type-
specific value field that allows any metadata to be included in specific value field that allow any metadata to be included in either
either the HostMetadata or PathMetadata arrays. the HostMetadata or PathMetadata arrays.
As with the initial GenericMetadata types defined in Section 4.2, As with the initial GenericMetadata types defined in Section 4.2,
future GenericMetadata types MUST specify the information necessary future GenericMetadata types MUST specify the information necessary
for constructing and decoding the GenericMetadata object. for constructing and decoding the GenericMetadata object.
Any document which defines a new GenericMetadata type MUST: Any document that defines a new GenericMetadata type MUST:
1. Specify and register the CDNI Payload Type [RFC7736] used to 1. Register the CDNI Payload Type [RFC7736] used to identify the new
identify the new GenericMetadata type being specified. GenericMetadata type being specified.
2. Define the set of properties associated with the new 2. Define the set of properties associated with the new
GenericMetadata object. GenericMetadata MUST NOT contain a GenericMetadata object. GenericMetadata MUST NOT contain a
property named "href" because doing so would conflict with the property named "href" because doing so would conflict with the
ability to detect Link objects (see Section 4.3.1). ability to detect Link objects (see Section 4.3.1).
3. Define a name, description, type, and whether or not the property 3. For each property, define a name, description, type, and whether
is mandatory-to-specify. or not the property is mandatory-to-specify.
4. Describe the semantics of the new type including its purpose and 4. Describe the semantics of the new type, including its purpose,
example of a use case to which it applies including an example and provide a use case to which it applies, including an example
encoded in I-JSON. encoded in I-JSON.
5. Describe the security and privacy consequences, for both the 5. Describe the security and privacy consequences, for both the User
user-agent and the CDN, of the new GenericMetadata object. Agent and the CDNs, of the new GenericMetadata object.
6. Describe any relation to, conflict with, or obsolescence of other 6. Describe any relation to, conflict with, or obsolescence of other
existing CDNI metadata objects. existing CDNI Metadata objects.
Note: In the case of vendor specific extensions, vendor-identifying Note: In the case of vendor-specific extensions, vendor-identifying
CDNI Payload Type names will decrease the possibility of CDNI Payload Type names will decrease the possibility of
GenericMetadata type collisions. GenericMetadata type collisions. It is RECOMMENDED that any
vendor-specific extensions use vendor-identifying CDNI Payload Type
names.
6.6. Metadata Enforcement 6.6. Metadata Enforcement
At any given time, the set of GenericMetadata types supported by the At any given time, the set of GenericMetadata types supported by the
uCDN might not match the set of GenericMetadata types supported by uCDN might not match the set of GenericMetadata types supported by
the dCDN. the dCDN.
In cases where a uCDN sends metadata containing a GenericMetadata In cases where a uCDN sends metadata containing a GenericMetadata
type that a dCDN does not support, the dCDN MUST enforce the type that a dCDN does not support, the dCDN MUST enforce the
semantics of the "mandatory-to-enforce" property. If a dCDN does not semantics of the mandatory-to-enforce property. If a dCDN does not
understand or is unable to perform the functions associated with any understand or is unable to perform the functions associated with any
"mandatory-to-enforce" metadata, the dCDN MUST NOT service any mandatory-to-enforce metadata, the dCDN MUST NOT service any requests
requests for the corresponding content. for the corresponding content.
Note: Ideally, uCDNs would not delegate content requests to a dCDN Note: Ideally, uCDNs would not delegate content requests to a dCDN
that does not support the "mandatory-to-enforce" metadata associated that does not support the mandatory-to-enforce metadata associated
with the content being requested. However, even if the uCDN has a with the content being requested. However, even if the uCDN has
priori knowledge of the metadata supported by the dCDN (e.g., via the a priori knowledge of the metadata supported by the dCDN (e.g., via
FCI or through out-of-band negotiation between CDN operators), the FCI or through out-of-band negotiation between CDN operators),
metadata support can fluctuate or be inconsistent (e.g., due to mis- metadata support can fluctuate or be inconsistent (e.g., due to
communication, mis-configuration, or temporary outage). Thus, the miscommunication, misconfiguration, or temporary outage). Thus, the
dCDN MUST always evaluate all metadata associated with redirection dCDN MUST always evaluate all metadata associated with redirection
and content requests and reject any requests where "mandatory-to- and content requests and reject any requests where
enforce" metadata associated with the content cannot be enforced. mandatory-to-enforce metadata associated with the content cannot be
enforced.
6.7. Metadata Conflicts 6.7. Metadata Conflicts
It is possible that new metadata definitions will obsolete or It is possible that new metadata definitions will obsolete or
conflict with existing GenericMetadata (e.g., a future revision of conflict with existing GenericMetadata (e.g., a future revision of
the CDNI metadata interface could redefine the Auth GenericMetadata the CDNI Metadata interface could redefine the Auth GenericMetadata
object or a custom vendor extension could implement an alternate Auth object or a custom vendor extension could implement an alternate Auth
metadata option). If multiple metadata (e.g., MI.Auth.v2, metadata option). If multiple metadata (e.g., MI.Auth.v2,
vendor1.Auth, and vendor2.Auth) all conflict with an existing vendor1.Auth, and vendor2.Auth) all conflict with an existing
GenericMetadata object (i.e., MI.Auth) and all are marked as GenericMetadata object (i.e., MI.Auth) and all are marked as
"mandatory-to-enforce", it could be ambiguous which metadata should mandatory-to-enforce, it could be ambiguous as to which metadata
be applied, especially if the functionality of the metadata overlap. should be applied, especially in the case of overlapping
functionality.
As described in Section 3.3, metadata override only applies to As described in Section 3.3, metadata override only applies to
metadata objects of the same exact type found in HostMetadata and metadata objects of the same exact type found in HostMetadata and
nested PathMetadata structures. The CDNI metadata interface does not nested PathMetadata structures. The CDNI Metadata interface does not
support enforcement of dependencies between different metadata types. support enforcement of dependencies between different GenericMetadata
It is the responsibility of the CSP and the CDN operators to ensure types. It is the responsibility of the CSP and the CDN operators to
that metadata assigned to a given piece of content do not conflict. ensure that metadata assigned to a given piece of content do not
conflict.
Note: Because metadata is inherently ordered in HostMetadata and Note: Because metadata is inherently ordered in HostMetadata and
PathMetadata arrays, as well as in the PathMatch hierarchy, multiple PathMetadata arrays, as well as in the PathMatch hierarchy, multiple
conflicting metadata types MAY be used, however, metadata hierarchies conflicting metadata types MAY be used; however, metadata hierarchies
SHOULD ensure that independent PathMatch root objects are used to SHOULD ensure that independent PathMatch root objects are used to
prevent ambiguous or conflicting metadata definitions. prevent ambiguous or conflicting metadata definitions.
6.8. Versioning 6.8. Versioning
The version of CDNI metadata objects is conveyed inside the CDNI The version of CDNI Metadata objects is conveyed inside the CDNI
Payload Type that is included in either the HTTP Content-Type header, Payload Type that is included in either (1) the HTTP Content-Type
for example: "Content-Type: application/cdni; ptype=MI.HostIndex", header (for example, "Content-Type: application/cdni;
when retrieved via a link, or in the link type (Section 4.3.1), ptype=MI.HostIndex" when retrieved via a link) or (2) in the link
generic-metadata-type (Section 4.1.7), or auth-type (Section 4.2.7) type (Section 4.3.1), generic-metadata-type (Section 4.1.7), or
properties in the JSON payload. The CDNI Payload Type uniquely auth-type (Section 4.2.7) properties in the JSON payload. The CDNI
identifies the specification defining that object, including any Payload Type uniquely identifies the specification defining that
relation to, conflicts with, or obsolescence of other metadata. object, including any relation to, conflicts with, or obsolescence of
There is no explicit version mapping requirement, however, for ease other metadata. There is no explicit version mapping requirement;
of understanding, metadata creators SHOULD make new versions of however, for ease of understanding, metadata creators SHOULD make new
metadata easily visible via the CDNI Payload Type, e.g., by appending versions of metadata easily visible via the CDNI Payload Type, e.g.,
a version string. Note: A version string is optional on the first by appending a version string. Note: A version string is optional on
version, e.g., MI.HostIndex, but could be added for subsequent the first version (e.g., MI.HostIndex) but could be added for
versions, e.g., MI.HostIndex.v2, MI.HostIndex.v3, etc. subsequent versions (MI.HostIndex.v2, MI.HostIndex.v3, etc.).
Except when referenced by a Link object, nested metadata objects Except when referenced by a Link object, nested metadata objects
(i.e., structural metadata below the HostIndex; Source objects; (i.e., structural metadata below the HostIndex; and Source,
Location, TimeWindow, and Protocol Rule objects; and Footprint and LocationRule, TimeWindowRule, ProtocolRule, Footprint, and TimeWindow
TimeWindow objects) can be serialized into a JSON payload without objects) can be serialized into a JSON payload without explicit CDNI
explicit CDNI Payload Type information. The type is inferred from Payload Type information. The type is inferred from the outer
the outer structural metadata, generic metadata, or auth object CDNI structural metadata, GenericMetadata, or Auth object CDNI Payload
Payload Type. To avoid ambiguity when revising nestable metadata Type. To avoid ambiguity when revising nestable metadata objects,
objects, any outer metadata object(s) MUST be reversioned and any outer metadata object(s) MUST be reversioned and allocated new
allocated new CDNI Payload Type(s) at the same time. For example, CDNI Payload Type(s) at the same time. For example, the MI.HostIndex
the MI.HostIndex object defined in this document contains an array of object defined in this document contains an array of MI.HostMatch
MI.HostMatch objects, which each in turn contains a MI.HostMetadata objects, each of which in turn contains a MI.HostMetadata object. If
object. If a new MI.HostMetadata.v2 object were required, the outer a new MI.HostMetadata.v2 object were required, the outer MI.HostIndex
MI.HostIndex and MI.HostMatch objects would need to be revised, e.g., and MI.HostMatch objects would need to be revised, e.g., to
to MI.HostIndex.v2 and MI.HostMatch.v2, respectively. Similarly, if MI.HostIndex.v2 and MI.HostMatch.v2, respectively. Similarly, if a
a new MI.TimeWindowRule.v2 object was required, the outer new MI.TimeWindowRule.v2 object were required, the outer
MI.TimeWindowACL object would need to be revised, e.g., to MI.TimeWindowACL object would need to be revised, e.g., to
MI.TimeWindowACL.v2; the MI.TimeWindowRule.v2 object, though, could MI.TimeWindowACL.v2; however, the MI.TimeWindowRule.v2 object could
still contain MI.TimeWindow objects, if so specified. still contain MI.TimeWindow objects, if so specified.
HTTP requests sent to a metadata server SHOULD include an Accept HTTP requests sent to a metadata server SHOULD include an Accept
header with the CDNI Payload Type of the expected object. Metadata header with the CDNI Payload Type of the expected object. Metadata
clients can specify multiple CDNI Payload Types in the Accept header, clients can specify multiple CDNI Payload Types in the Accept header;
for example, if a metadata client is capable of processing two for example, if a metadata client is capable of processing two
different versions of the same type of object (defined by different different versions of the same type of object (defined by different
CDNI Payload Types) it might decide to include both in the Accept CDNI Payload Types), it might decide to include both in the Accept
header. header.
6.9. Media Types 6.9. Media Types
All CDNI metadata objects use the Media Type "application/cdni". The All CDNI Metadata objects use the media type "application/cdni". The
CDNI Payload Type for each object then contains the object name of CDNI Payload Type for each object then contains the object name of
that object as defined by this document, prefixed with "MI.". that object as defined by this document, prefixed with "MI.".
Table 4 lists the CDNI Payload Type for the metadata objects Table 4 lists the CDNI Payload Types for the metadata objects
(resources) specified in this document. (resources) specified in this document.
+-----------------------+--------------------------+ +-----------------------+--------------------------+
| Data Object | CDNI Payload Type | | Data Object | CDNI Payload Type |
+-----------------------+--------------------------+ +-----------------------+--------------------------+
| HostIndex | MI.HostIndex | | HostIndex | MI.HostIndex |
| HostMatch | MI.HostMatch | | HostMatch | MI.HostMatch |
| HostMetadata | MI.HostMetadata | | HostMetadata | MI.HostMetadata |
| PathMatch | MI.PathMatch | | PathMatch | MI.PathMatch |
| PatternMatch | MI.PatternMatch | | PatternMatch | MI.PatternMatch |
skipping to change at page 48, line 38 skipping to change at page 49, line 51
| TimeWindowRule | MI.TimeWindowRule | | TimeWindowRule | MI.TimeWindowRule |
| TimeWindow | MI.TimeWindow | | TimeWindow | MI.TimeWindow |
| ProtocolACL | MI.ProtocolACL | | ProtocolACL | MI.ProtocolACL |
| ProtocolRule | MI.ProtocolRule | | ProtocolRule | MI.ProtocolRule |
| DeliveryAuthorization | MI.DeliveryAuthorization | | DeliveryAuthorization | MI.DeliveryAuthorization |
| Cache | MI.Cache | | Cache | MI.Cache |
| Auth | MI.Auth | | Auth | MI.Auth |
| Grouping | MI.Grouping | | Grouping | MI.Grouping |
+-----------------------+--------------------------+ +-----------------------+--------------------------+
Table 4: CDNI Payload Types for CDNI Metadata objects Table 4: CDNI Payload Types for CDNI Metadata Objects
6.10. Complete CDNI Metadata Example 6.10. Complete CDNI Metadata Example
A dCDN requests the HostIndex and receive the following object with a A dCDN requests the HostIndex and receives the following object with
CDNI payload type of "MI.HostIndex": a CDNI Payload Type of "MI.HostIndex":
{ {
"hosts": [ "hosts": [
{ {
"host": "video.example.com", "host": "video.example.com",
"host-metadata" : { "host-metadata": {
"type": "MI.HostMetadata", "type": "MI.HostMetadata",
"href": "https://metadata.ucdn.example/host1234" "href": "https://metadata.ucdn.example/host1234"
} }
}, },
{ {
"host": "images.example.com", "host": "images.example.com",
"host-metadata" : { "host-metadata": {
"type": "MI.HostMetadata", "type": "MI.HostMetadata",
"href": "https://metadata.ucdn.example/host5678" "href": "https://metadata.ucdn.example/host5678"
} }
} }
] ]
} }
If the incoming request has a Host header with "video.example.com" If the incoming request has a Host header with "video.example.com",
then the dCDN would fetch the HostMetadata object from then the dCDN would fetch the HostMetadata object from
"https://metadata.ucdn.example/host1234" expecting a CDNI payload "https://metadata.ucdn.example/host1234" expecting a CDNI Payload
type of "MI.HostMetadata": Type of "MI.HostMetadata":
{ {
"metadata": [ "metadata": [
{ {
"generic-metadata-type": "MI.SourceMetadata", "generic-metadata-type": "MI.SourceMetadata",
"generic-metadata-value": { "generic-metadata-value": {
"sources": [ "sources": [
{ {
"endpoint": ["acq1.ucdn.example"], "endpoint": ["acq1.ucdn.example"],
"protocol": "http/1.1" "protocol": "http/1.1"
skipping to change at page 50, line 42 skipping to change at page 52, line 7
], ],
"action": "allow" "action": "allow"
} }
] ]
} }
} }
], ],
"paths": [ "paths": [
{ {
"path-pattern": { "path-pattern": {
"pattern": "/video/trailers/*" "pattern": "/videos/trailers/*"
}, },
"path-metadata": { "path-metadata": {
"type": "MI.PathMetadata", "type": "MI.PathMetadata",
"href": "https://metadata.ucdn.example/host1234/pathABC" "href": "https://metadata.ucdn.example/host1234/pathABC"
} }
}, },
{ {
"path-pattern": { "path-pattern": {
"pattern": "/video/movies/*" "pattern": "/videos/movies/*"
}, },
"path-metadata": { "path-metadata": {
"type": "MI.PathMetadata", "type": "MI.PathMetadata",
"href": "https://metadata.ucdn.example/host1234/pathDEF" "href": "https://metadata.ucdn.example/host1234/pathDEF"
} }
} }
] ]
} }
Suppose the path of the requested resource matches the "/video/ Suppose that the path of the requested resource matches the
movies/*" pattern, the next metadata requested would be for "/videos/movies/*" pattern; the next metadata requested would be for
"https://metadata.ucdn.example/host1234/pathDCE" with an expected "https://metadata.ucdn.example/host1234/pathDEF" with an expected
CDNI payload type of "MI.PathMetadata": CDNI Payload Type of "MI.PathMetadata":
{ {
"metadata": [], "metadata": [],
"paths": [ "paths": [
{ {
"path-pattern": { "path-pattern": {
"pattern": "/videos/movies/hd/*" "pattern": "/videos/movies/hd/*"
}, },
"path-metadata": { "path-metadata": {
"type": "MI.PathMetadata", "type": "MI.PathMetadata",
skipping to change at page 51, line 34 skipping to change at page 53, line 4
"pattern": "/videos/movies/hd/*" "pattern": "/videos/movies/hd/*"
}, },
"path-metadata": { "path-metadata": {
"type": "MI.PathMetadata", "type": "MI.PathMetadata",
"href": "href":
"https://metadata.ucdn.example/host1234/pathDEF/path123" "https://metadata.ucdn.example/host1234/pathDEF/path123"
} }
} }
] ]
} }
Finally, if the path of the requested resource also matches the Finally, if the path of the requested resource also matches the
"/videos/movies/hd/*" pattern, the dCDN would also fetch the "/videos/movies/hd/*" pattern, the dCDN would also fetch the
following object from following object from
"https://metadata.ucdn.example/host1234/pathDEF/path123" with CDNI "https://metadata.ucdn.example/host1234/pathDEF/path123" with a CDNI
payload type "MI.PathMetadata": Payload Type of "MI.PathMetadata":
{ {
"metadata": [ "metadata": [
{ {
"generic-metadata-type": "MI.TimeWindowACL", "generic-metadata-type": "MI.TimeWindowACL",
"generic-metadata-value": { "generic-metadata-value": {
"times": [ "times": [
"windows": [ "windows": [
{ {
"start": "1213948800", "start": "1213948800",
"end": "1327393200" "end": "1478047392"
} }
], ],
"action": "allow" "action": "allow"
] ]
} }
} }
] ]
} }
The final set of metadata which applies to the requested resource The final set of metadata that applies to the requested resource
includes a SourceMetadata, a LocationACL, a ProtocolACL, and a includes a SourceMetadata, a LocationACL, a ProtocolACL, and a
TimeWindowACL. TimeWindowACL.
7. IANA Considerations 7. IANA Considerations
7.1. CDNI Payload Types 7.1. CDNI Payload Types
This document requests the registration of the following CDNI Payload This document requests the registration of the following entries
Types under the IANA CDNI Payload Type registry: under the "CDNI Payload Types" registry hosted by IANA:
+--------------------------+---------------+ +--------------------------+---------------+
| Payload Type | Specification | | Payload Type | Specification |
+--------------------------+---------------+ +--------------------------+---------------+
| MI.HostIndex | RFCthis | | MI.HostIndex | RFC 8006 |
| MI.HostMatch | RFCthis | | MI.HostMatch | RFC 8006 |
| MI.HostMetadata | RFCthis | | MI.HostMetadata | RFC 8006 |
| MI.PathMatch | RFCthis | | MI.PathMatch | RFC 8006 |
| MI.PatternMatch | RFCthis | | MI.PatternMatch | RFC 8006 |
| MI.PathMetadata | RFCthis | | MI.PathMetadata | RFC 8006 |
| MI.SourceMetadata | RFCthis | | MI.SourceMetadata | RFC 8006 |
| MI.Source | RFCthis | | MI.Source | RFC 8006 |
| MI.LocationACL | RFCthis | | MI.LocationACL | RFC 8006 |
| MI.LocationRule | RFCthis | | MI.LocationRule | RFC 8006 |
| MI.Footprint | RFCthis | | MI.Footprint | RFC 8006 |
| MI.TimeWindowACL | RFCthis | | MI.TimeWindowACL | RFC 8006 |
| MI.TimeWindowRule | RFCthis | | MI.TimeWindowRule | RFC 8006 |
| MI.TimeWindow | RFCthis | | MI.TimeWindow | RFC 8006 |
| MI.ProtocolACL | RFCthis | | MI.ProtocolACL | RFC 8006 |
| MI.ProtocolRule | RFCthis | | MI.ProtocolRule | RFC 8006 |
| MI.DeliveryAuthorization | RFCthis | | MI.DeliveryAuthorization | RFC 8006 |
| MI.Cache | RFCthis | | MI.Cache | RFC 8006 |
| MI.Auth | RFCthis | | MI.Auth | RFC 8006 |
| MI.Grouping | RFCthis | | MI.Grouping | RFC 8006 |
+--------------------------+---------------+ +--------------------------+---------------+
[RFC Editor: Please replace RFCthis with the published RFC number for
this document.]
7.1.1. CDNI MI HostIndex Payload Type 7.1.1. CDNI MI HostIndex Payload Type
Purpose: The purpose of this payload type is to distinguish HostIndex Purpose: The purpose of this Payload Type is to distinguish HostIndex
MI objects (and any associated capability advertisement) MI objects (and any associated capability advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.1.1 Encoding: see Section 4.1.1
7.1.2. CDNI MI HostMatch Payload Type 7.1.2. CDNI MI HostMatch Payload Type
Purpose: The purpose of this payload type is to distinguish HostMatch Purpose: The purpose of this Payload Type is to distinguish HostMatch
MI objects (and any associated capability advertisement) MI objects (and any associated capability advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.1.2 Encoding: see Section 4.1.2
7.1.3. CDNI MI HostMetadata Payload Type 7.1.3. CDNI MI HostMetadata Payload Type
Purpose: The purpose of this payload type is to distinguish Purpose: The purpose of this Payload Type is to distinguish
HostMetadata MI objects (and any associated capability advertisement) HostMetadata MI objects (and any associated capability advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.1.3 Encoding: see Section 4.1.3
7.1.4. CDNI MI PathMatch Payload Type 7.1.4. CDNI MI PathMatch Payload Type
Purpose: The purpose of this payload type is to distinguish PathMatch Purpose: The purpose of this Payload Type is to distinguish PathMatch
MI objects (and any associated capability advertisement) MI objects (and any associated capability advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.1.4 Encoding: see Section 4.1.4
7.1.5. CDNI MI PatternMatch Payload Type 7.1.5. CDNI MI PatternMatch Payload Type
Purpose: The purpose of this payload type is to distinguish Purpose: The purpose of this Payload Type is to distinguish
PatternMatch MI objects (and any associated capability advertisement) PatternMatch MI objects (and any associated capability advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.1.5 Encoding: see Section 4.1.5
7.1.6. CDNI MI PathMetadata Payload Type 7.1.6. CDNI MI PathMetadata Payload Type
Purpose: The purpose of this payload type is to distinguish Purpose: The purpose of this Payload Type is to distinguish
PathMetadata MI objects (and any associated capability advertisement) PathMetadata MI objects (and any associated capability advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.1.6 Encoding: see Section 4.1.6
7.1.7. CDNI MI SourceMetadata Payload Type 7.1.7. CDNI MI SourceMetadata Payload Type
Purpose: The purpose of this payload type is to distinguish Purpose: The purpose of this Payload Type is to distinguish
SourceMetadata MI objects (and any associated capability SourceMetadata MI objects (and any associated capability
advertisement) advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.2.1 Encoding: see Section 4.2.1
7.1.8. CDNI MI Source Payload Type 7.1.8. CDNI MI Source Payload Type
Purpose: The purpose of this payload type is to distinguish Source MI Purpose: The purpose of this Payload Type is to distinguish Source MI
objects (and any associated capability advertisement) objects (and any associated capability advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.2.1.1 Encoding: see Section 4.2.1.1
7.1.9. CDNI MI LocationACL Payload Type 7.1.9. CDNI MI LocationACL Payload Type
Purpose: The purpose of this payload type is to distinguish Purpose: The purpose of this Payload Type is to distinguish
LocationACL MI objects (and any associated capability advertisement) LocationACL MI objects (and any associated capability advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.2.2 Encoding: see Section 4.2.2
7.1.10. CDNI MI LocationRule Payload Type 7.1.10. CDNI MI LocationRule Payload Type
Purpose: The purpose of this payload type is to distinguish Purpose: The purpose of this Payload Type is to distinguish
LocationRule MI objects (and any associated capability advertisement) LocationRule MI objects (and any associated capability advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.2.2.1 Encoding: see Section 4.2.2.1
7.1.11. CDNI MI Footprint Payload Type 7.1.11. CDNI MI Footprint Payload Type
Purpose: The purpose of this payload type is to distinguish Footprint Purpose: The purpose of this Payload Type is to distinguish Footprint
MI objects (and any associated capability advertisement) MI objects (and any associated capability advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.2.2.2 Encoding: see Section 4.2.2.2
7.1.12. CDNI MI TimeWindowACL Payload Type 7.1.12. CDNI MI TimeWindowACL Payload Type
Purpose: The purpose of this payload type is to distinguish Purpose: The purpose of this Payload Type is to distinguish
TimeWindowACL MI objects (and any associated capability TimeWindowACL MI objects (and any associated capability
advertisement) advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.2.3 Encoding: see Section 4.2.3
7.1.13. CDNI MI TimeWindowRule Payload Type 7.1.13. CDNI MI TimeWindowRule Payload Type
Purpose: The purpose of this payload type is to distinguish Purpose: The purpose of this Payload Type is to distinguish
TimeWindowRule MI objects (and any associated capability TimeWindowRule MI objects (and any associated capability
advertisement) advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.2.3.1 Encoding: see Section 4.2.3.1
7.1.14. CDNI MI TimeWindow Payload Type 7.1.14. CDNI MI TimeWindow Payload Type
Purpose: The purpose of this payload type is to distinguish Purpose: The purpose of this Payload Type is to distinguish
TimeWindow MI objects (and any associated capability advertisement) TimeWindow MI objects (and any associated capability advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.2.3.2 Encoding: see Section 4.2.3.2
7.1.15. CDNI MI ProtocolACL Payload Type 7.1.15. CDNI MI ProtocolACL Payload Type
Purpose: The purpose of this payload type is to distinguish Purpose: The purpose of this Payload Type is to distinguish
ProtocolACL MI objects (and any associated capability advertisement) ProtocolACL MI objects (and any associated capability advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.2.4 Encoding: see Section 4.2.4
7.1.16. CDNI MI ProtocolRule Payload Type 7.1.16. CDNI MI ProtocolRule Payload Type
Purpose: The purpose of this payload type is to distinguish Purpose: The purpose of this Payload Type is to distinguish
ProtocolRule MI objects (and any associated capability advertisement) ProtocolRule MI objects (and any associated capability advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.2.4.1 Encoding: see Section 4.2.4.1
7.1.17. CDNI MI DeliveryAuthorization Payload Type 7.1.17. CDNI MI DeliveryAuthorization Payload Type
Purpose: The purpose of this payload type is to distinguish Purpose: The purpose of this Payload Type is to distinguish
DeliveryAuthorization MI objects (and any associated capability DeliveryAuthorization MI objects (and any associated capability
advertisement) advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.2.5 Encoding: see Section 4.2.5
7.1.18. CDNI MI Cache Payload Type 7.1.18. CDNI MI Cache Payload Type
Purpose: The purpose of this payload type is to distinguish Cache MI Purpose: The purpose of this Payload Type is to distinguish Cache MI
objects (and any associated capability advertisement) objects (and any associated capability advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.2.6 Encoding: see Section 4.2.6
7.1.19. CDNI MI Auth Payload Type 7.1.19. CDNI MI Auth Payload Type
Purpose: The purpose of this payload type is to distinguish Auth MI Purpose: The purpose of this Payload Type is to distinguish Auth MI
objects (and any associated capability advertisement) objects (and any associated capability advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.2.7 Encoding: see Section 4.2.7
7.1.20. CDNI MI Grouping Payload Type 7.1.20. CDNI MI Grouping Payload Type
Purpose: The purpose of this payload type is to distinguish Grouping Purpose: The purpose of this Payload Type is to distinguish Grouping
MI objects (and any associated capability advertisement) MI objects (and any associated capability advertisement)
Interface: MI/FCI Interface: MI/FCI
Encoding: see Section 4.2.8 Encoding: see Section 4.2.8
7.2. CDNI Metadata Footprint Types Registry 7.2. "CDNI Metadata Footprint Types" Registry
The IANA is requested to create a new "CDNI Metadata Footprint Types" IANA has created a new "CDNI Metadata Footprint Types" subregistry in
subregistry in the "Content Delivery Networks Interconnection (CDNI) the "Content Delivery Network Interconnection (CDNI) Parameters"
Parameters" registry. The "CDNI Metadata Footprint Types" namespace registry. The "CDNI Metadata Footprint Types" namespace defines the
defines the valid Footprint object type values used by the Footprint valid Footprint object type values used by the Footprint object
object in Section 4.2.2.2. Additions to the Footprint type namespace described in Section 4.2.2.2. Additions to the "CDNI Metadata
conform to the "Specification Required" policy as defined in Footprint Types" namespace conform to the Specification Required
[RFC5226]. The designated expert will verify that new type policy as defined in [RFC5226]. The Designated Expert will verify
definitions do not duplicate existing type definitions and prevent that new type definitions do not duplicate existing type definitions
gratuitous additions to the namespace. New registrations are and prevent gratuitous additions to the namespace. New registrations
required to provide a clear description of how to interpret new are required to provide a clear description of how to interpret new
footprint types. footprint types.
The following table defines the initial Footprint Registry values: The following table defines the initial values for the "CDNI Metadata
Footprint Types" registry:
+----------------+-------------------------------+---------------+
| Footprint Type | Description | Specification |
+----------------+-------------------------------+---------------+
| ipv4cidr | IPv4 CIDR address block | RFCthis |
| ipv6cidr | IPv6 CIDR address block | RFCthis |
| asn | Autonomous System (AS) Number | RFCthis |
| countrycode | ISO 3166-1 alpha-2 code | RFCthis |
+----------------+-------------------------------+---------------+
[RFC Editor: Please replace RFCthis with the published RFC number for +----------------+--------------------------------+---------------+
this document.] | Footprint Type | Description | Specification |
+----------------+--------------------------------+---------------+
| ipv4cidr | IPv4 CIDR address block | RFC 8006 |
| ipv6cidr | IPv6 CIDR address block | RFC 8006 |
| asn | Autonomous System Number (ASN) | RFC 8006 |
| countrycode | ISO 3166-1 alpha-2 code | RFC 8006 |
+----------------+--------------------------------+---------------+
7.3. CDNI Metadata Protocol Types Registry 7.3. "CDNI Metadata Protocol Types" Registry
The IANA is requested to create a new "CDNI Metadata Protocol Types" IANA has created a new "CDNI Metadata Protocol Types" subregistry in
subregistry in the "Content Delivery Networks Interconnection (CDNI) the "Content Delivery Network Interconnection (CDNI) Parameters"
Parameters" registry. The "CDNI Metadata Protocol Types" namespace registry. The "CDNI Metadata Protocol Types" namespace defines the
defines the valid Protocol object values in Section 4.3.2, used by valid Protocol object values (Section 4.3.2) used by the
the SourceMetadata and ProtocolACL objects. Additions to the SourceMetadata and ProtocolACL objects. Additions to the Protocol
Protocol namespace conform to the "Specification Required" policy as namespace conform to the Specification Required policy as defined in
defined in [RFC5226], where the specification defines the Protocol [RFC5226], where the specification defines the Protocol Type and the
Type and the protocol to which it is associated. The designated protocol to which it is associated. The Designated Expert will
expert will verify that new protocol definitions do not duplicate verify that new protocol definitions do not duplicate existing
existing protocol definitions and prevent gratuitous additions to the protocol definitions and prevent gratuitous additions to the
namespace. namespace.
The following table defines the initial Protocol values corresponding The following table defines the initial Protocol values corresponding
to the HTTP and HTTPS protocols: to the HTTP and HTTPS protocols:
+-----------+----------------------+---------------+----------------+ +-----------+----------------------+---------------+----------------+
| Protocol | Description | Type | Protocol | | Protocol | Description | Type | Protocol |
| Type | | Specification | Specifications | | Type | | Specification | Specifications |
+-----------+----------------------+---------------+----------------+ +-----------+----------------------+---------------+----------------+
| http/1.1 | Hypertext Transfer | RFCthis | RFC7230 | | http/1.1 | Hypertext Transfer | RFC 8006 | RFC 7230 |
| | Protocol -- HTTP/1.1 | | | | | Protocol -- HTTP/1.1 | | |
| https/1.1 | HTTP/1.1 Over TLS | RFCthis | RFC7230, | | | | | |
| | | | RFC2818 | | https/1.1 | HTTP/1.1 over TLS | RFC 8006 | RFC 7230, |
| | | | RFC 2818 |
+-----------+----------------------+---------------+----------------+ +-----------+----------------------+---------------+----------------+
[RFC Editor: Please replace RFCthis with the published RFC number for
this document.]
8. Security Considerations 8. Security Considerations
8.1. Authentication and Integrity 8.1. Authentication and Integrity
A malicious metadata server, proxy server, or attacker, impersonating A malicious metadata server, proxy server, or attacker impersonating
an authentic uCDN metadata interface without being detected, could an authentic uCDN CDNI Metadata interface without being detected
provide false metadata to a dCDN that either: could provide false metadata to a dCDN that either:
o Denies service for one or more pieces of content to one or more o Denies service for one or more pieces of content to one or more
User Agents; User Agents;
o Directs dCDNs to contact malicious origin servers instead of the o Directs dCDNs to contact malicious origin servers instead of the
actual origin servers, and substitute legitimate content with actual origin servers, so that malware or slanderous alternate
malware or slanderous alternate content; or content may be substituted for legitimate content; or
o Removes delivery restrictions (e.g., LocationACL, TimeWindowACL, o Removes delivery restrictions (e.g., LocationACL, TimeWindowACL,
ProtocolACL, or Auth metadata), allowing access to content that ProtocolACL, or Auth metadata), allowing access to content that
would otherwise be denied, and thus possibly violating license would otherwise be denied and thus possibly violating license
restrictions and incurring unwarranted delivery costs. restrictions and incurring unwarranted delivery costs.
Unauthorized access to metadata could also enable a malicious Unauthorized access to metadata could also enable a malicious
metadata client to continuously issue metadata requests in order to metadata client to continuously issue metadata requests in order to
overload a uCDN's metadata server(s). overload a uCDN's metadata server or servers.
Unauthorized access to metadata could further result in leakage of Unauthorized access to metadata could further result in leakage of
private information. A malicious metadata client could request private information. A malicious metadata client could request
metadata in order to gain access to origin servers, as well as metadata in order to gain access to origin servers, as well as
information pertaining to content restrictions. information pertaining to content restrictions.
An implementation of the CDNI metadata interface MUST use mutual An implementation of the CDNI Metadata interface MUST use mutual
authentication and message authentication codes to prevent authentication and message authentication codes to prevent
unauthorized access to and undetected modification of metadata (see unauthorized access to, and undetected modification of, metadata (see
Section 8.3). Section 8.3).
8.2. Confidentiality and Privacy 8.2. Confidentiality and Privacy
Unauthorized viewing of metadata could result in leakage of private Unauthorized viewing of metadata could result in leakage of private
information. Content provider origin and policy information is information. Content provider origin and policy information is
conveyed through the CDNI metadata interface. A third party could conveyed through the CDNI Metadata interface. A third party could
intercept metadata transactions in order to gain access to origin intercept metadata transactions in order to gain access to origin
servers, as well as information pertaining to content restrictions servers, as well as information pertaining to content restrictions
and usage patterns. and usage patterns.
Note: The distribution of metadata by a uCDN to dCDNs could introduce Note: The distribution of metadata by a uCDN to dCDNs could introduce
privacy concerns for some content providers, e.g., dCDNs accepting privacy concerns for some content providers, e.g., dCDNs accepting
content requests for a content provider's content might be able to content requests for a content provider's content might be able to
obtain additional information and usage patterns relating to the obtain additional information and usage patterns relating to the
users of a content provider's services. Content providers with users of a content provider's services. Content providers with
concerns about divulging information to dCDNs can instruct their uCDN concerns about divulging information to dCDNs can instruct their uCDN
partners not to use CDNI when delivering their content. partners not to use CDNI when delivering their content.
An implementation of the CDNI metadata interface MUST use strong An implementation of the CDNI Metadata interface MUST use strong
encryption to prevent unauthorized interception or monitoring of encryption to prevent unauthorized interception or monitoring of
metadata (see Section 8.3). metadata (see Section 8.3).
8.3. Securing the CDNI Metadata interface 8.3. Securing the CDNI Metadata Interface
An implementation of the CDNI metadata interface MUST support TLS An implementation of the CDNI Metadata interface MUST support TLS
transport as per [RFC2818] and [RFC7230]. transport as per [RFC2818] and [RFC7230].
TLS MUST be used by the server-side (dCDN) and the client-side (uCDN) TLS MUST be used by the server side (uCDN) and the client side (dCDN)
of the CDNI metadata interface, including authentication of the of the CDNI Metadata interface, including authentication of the
remote end, unless alternate methods are used for ensuring the remote end, unless alternate methods are used for ensuring the
security of the information in the CDNI metadata interface requests security of the information in the CDNI Metadata interface requests
and responses (such as setting up an IPsec tunnel between the two and responses (such as setting up an IPsec tunnel between the two
CDNs or using a physically secured internal network between two CDNs CDNs or using a physically secured internal network between two CDNs
that are owned by the same corporate entity). that are owned by the same corporate entity).
The use of TLS for transport of the CDNI metadata interface messages The use of TLS for transport of the CDNI Metadata interface messages
allows: allows the dCDN and uCDN to authenticate each other.
o The dCDN and uCDN to authenticate each other.
and, once they have mutually authenticated each other, it allows: Once the dCDN and uCDN have mutually authenticated each other, TLS
allows:
o The dCDN and uCDN to authorize each other (to ensure they are o The dCDN and uCDN to authorize each other (to ensure that they are
transmitting/receiving CDNI metadata requests and responses from transmitting/receiving CDNI Metadata requests and responses from
an authorized CDN); an authorized CDN);
o CDNI metadata interface requests and responses to be transmitted o CDNI Metadata interface requests and responses to be transmitted
with confidentiality; and with confidentiality; and
o The integrity of the CDNI metadata interface requests and o The integrity of the CDNI Metadata interface requests and
responses to be protected during the exchange. responses to be protected during the exchange.
When TLS is used, the general TLS usage guidance in [RFC7525] MUST be When TLS is used, the general TLS usage guidance in [RFC7525] MUST be
followed. followed.
9. Acknowledgements 9. References
The authors would like to thank David Ferguson, Francois Le Faucheur,
Jan Seedorf and Matt Miller for their valuable comments and input to
this document.
10. Contributing Authors
[RFC Editor Note: Please move the contents of this section to the
Authors' Addresses section prior to publication as an RFC.]
Grant Watson
Velocix (Alcatel-Lucent)
3 Ely Road
Milton, Cambridge CB24 6AA
UK
Email: gwatson@velocix.com
Kent Leung
Cisco Systems
3625 Cisco Way
San Jose, 95134
USA
Email: kleung@cisco.com
11. References
11.1. Normative References 9.1. Normative References
[ISO3166-1] [ISO3166-1]
The International Organization for Standardization, "Codes The International Organization for Standardization,
for the representation of names of countries and their "Codes for the representation of names of countries and
subdivisions -- Part 1: Country codes", ISO 3166-1:2013, their subdivisions -- Part 1: Country codes",
2013. ISO 3166-1:2013, 2013.
[POSIX] Institute of Electrical and Electronics Engineers, [POSIX] Institute of Electrical and Electronics Engineers,
"Information Technology Portable Operating System "Information Technology Portable Operating System
Interface (POSIX) Part 1: System Application Program Interface (POSIX) Part 1: System Application Program
Interface (API) [C Language]", IEEE P1003.1, 1990. Interface (API) [C Language]", IEEE P1003.1, 1990.
[RFC1034] Mockapetris, P., "Domain names - concepts and facilities", [RFC1034] Mockapetris, P., "Domain names - concepts and facilities",
STD 13, RFC 1034, DOI 10.17487/RFC1034, November 1987, STD 13, RFC 1034, DOI 10.17487/RFC1034, November 1987,
<http://www.rfc-editor.org/info/rfc1034>. <http://www.rfc-editor.org/info/rfc1034>.
skipping to change at page 62, line 11 skipping to change at page 62, line 40
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>. <http://www.rfc-editor.org/info/rfc2119>.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66, Resource Identifier (URI): Generic Syntax", STD 66,
RFC 3986, DOI 10.17487/RFC3986, January 2005, RFC 3986, DOI 10.17487/RFC3986, January 2005,
<http://www.rfc-editor.org/info/rfc3986>. <http://www.rfc-editor.org/info/rfc3986>.
[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing
Architecture", RFC 4291, DOI 10.17487/RFC4291, February Architecture", RFC 4291, DOI 10.17487/RFC4291,
2006, <http://www.rfc-editor.org/info/rfc4291>. February 2006, <http://www.rfc-editor.org/info/rfc4291>.
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 5226, IANA Considerations Section in RFCs", BCP 26, RFC 5226,
DOI 10.17487/RFC5226, May 2008, DOI 10.17487/RFC5226, May 2008,
<http://www.rfc-editor.org/info/rfc5226>. <http://www.rfc-editor.org/info/rfc5226>.
[RFC5890] Klensin, J., "Internationalized Domain Names for [RFC5890] Klensin, J., "Internationalized Domain Names for
Applications (IDNA): Definitions and Document Framework", Applications (IDNA): Definitions and Document Framework",
RFC 5890, DOI 10.17487/RFC5890, August 2010, RFC 5890, DOI 10.17487/RFC5890, August 2010,
<http://www.rfc-editor.org/info/rfc5890>. <http://www.rfc-editor.org/info/rfc5890>.
skipping to change at page 62, line 36 skipping to change at page 63, line 17
DOI 10.17487/RFC5891, August 2010, DOI 10.17487/RFC5891, August 2010,
<http://www.rfc-editor.org/info/rfc5891>. <http://www.rfc-editor.org/info/rfc5891>.
[RFC5952] Kawamura, S. and M. Kawashima, "A Recommendation for IPv6 [RFC5952] Kawamura, S. and M. Kawashima, "A Recommendation for IPv6
Address Text Representation", RFC 5952, Address Text Representation", RFC 5952,
DOI 10.17487/RFC5952, August 2010, DOI 10.17487/RFC5952, August 2010,
<http://www.rfc-editor.org/info/rfc5952>. <http://www.rfc-editor.org/info/rfc5952>.
[RFC6707] Niven-Jenkins, B., Le Faucheur, F., and N. Bitar, "Content [RFC6707] Niven-Jenkins, B., Le Faucheur, F., and N. Bitar, "Content
Distribution Network Interconnection (CDNI) Problem Distribution Network Interconnection (CDNI) Problem
Statement", RFC 6707, DOI 10.17487/RFC6707, September Statement", RFC 6707, DOI 10.17487/RFC6707,
2012, <http://www.rfc-editor.org/info/rfc6707>. September 2012, <http://www.rfc-editor.org/info/rfc6707>.
[RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer [RFC7230] Fielding, R., Ed., and J. Reschke, Ed., "Hypertext
Protocol (HTTP/1.1): Message Syntax and Routing", Transfer Protocol (HTTP/1.1): Message Syntax and Routing",
RFC 7230, DOI 10.17487/RFC7230, June 2014, RFC 7230, DOI 10.17487/RFC7230, June 2014,
<http://www.rfc-editor.org/info/rfc7230>. <http://www.rfc-editor.org/info/rfc7230>.
[RFC7493] Bray, T., Ed., "The I-JSON Message Format", RFC 7493, [RFC7493] Bray, T., Ed., "The I-JSON Message Format", RFC 7493,
DOI 10.17487/RFC7493, March 2015, DOI 10.17487/RFC7493, March 2015,
<http://www.rfc-editor.org/info/rfc7493>. <http://www.rfc-editor.org/info/rfc7493>.
[RFC7525] Sheffer, Y., Holz, R., and P. Saint-Andre, [RFC7525] Sheffer, Y., Holz, R., and P. Saint-Andre,
"Recommendations for Secure Use of Transport Layer "Recommendations for Secure Use of Transport Layer
Security (TLS) and Datagram Transport Layer Security Security (TLS) and Datagram Transport Layer Security
(DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May (DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525,
2015, <http://www.rfc-editor.org/info/rfc7525>. May 2015, <http://www.rfc-editor.org/info/rfc7525>.
11.2. Informative References
[I-D.ietf-cdni-control-triggers]
Murray, R. and B. Niven-Jenkins, "CDNI Control Interface /
Triggers", draft-ietf-cdni-control-triggers-15 (work in
progress), May 2016.
[I-D.ietf-cdni-redirection] 9.2. Informative References
Niven-Jenkins, B. and R. Brandenburg, "Request Routing
Redirection interface for CDN Interconnection", draft-
ietf-cdni-redirection-20 (work in progress), August 2016.
[I-D.ietf-cdni-uri-signing] [CDNI-URI-SIGNING]
Leung, K., Faucheur, F., Brandenburg, R., Downey, B., and van Brandenburg, R., Leung, K., Sorber, P., and M. Miller,
M. Fisher, "URI Signing for CDN Interconnection (CDNI)", "URI Signing for CDN Interconnection (CDNI)", Work in
draft-ietf-cdni-uri-signing-09 (work in progress), June Progress, draft-ietf-cdni-uri-signing-10, October 2016.
2016.
[RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818,
DOI 10.17487/RFC2818, May 2000, DOI 10.17487/RFC2818, May 2000,
<http://www.rfc-editor.org/info/rfc2818>. <http://www.rfc-editor.org/info/rfc2818>.
[RFC6793] Vohra, Q. and E. Chen, "BGP Support for Four-Octet [RFC6793] Vohra, Q. and E. Chen, "BGP Support for Four-Octet
Autonomous System (AS) Number Space", RFC 6793, Autonomous System (AS) Number Space", RFC 6793,
DOI 10.17487/RFC6793, December 2012, DOI 10.17487/RFC6793, December 2012,
<http://www.rfc-editor.org/info/rfc6793>. <http://www.rfc-editor.org/info/rfc6793>.
[RFC7234] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, [RFC7234] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching", Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",
RFC 7234, DOI 10.17487/RFC7234, June 2014, RFC 7234, DOI 10.17487/RFC7234, June 2014,
<http://www.rfc-editor.org/info/rfc7234>. <http://www.rfc-editor.org/info/rfc7234>.
[RFC7336] Peterson, L., Davie, B., and R. van Brandenburg, Ed., [RFC7336] Peterson, L., Davie, B., and R. van Brandenburg, Ed.,
"Framework for Content Distribution Network "Framework for Content Distribution Network
Interconnection (CDNI)", RFC 7336, DOI 10.17487/RFC7336, Interconnection (CDNI)", RFC 7336, DOI 10.17487/RFC7336,
August 2014, <http://www.rfc-editor.org/info/rfc7336>. August 2014, <http://www.rfc-editor.org/info/rfc7336>.
[RFC7337] Leung, K., Ed. and Y. Lee, Ed., "Content Distribution [RFC7337] Leung, K., Ed., and Y. Lee, Ed., "Content Distribution
Network Interconnection (CDNI) Requirements", RFC 7337, Network Interconnection (CDNI) Requirements", RFC 7337,
DOI 10.17487/RFC7337, August 2014, DOI 10.17487/RFC7337, August 2014,
<http://www.rfc-editor.org/info/rfc7337>. <http://www.rfc-editor.org/info/rfc7337>.
[RFC7540] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext [RFC7540] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext
Transfer Protocol Version 2 (HTTP/2)", RFC 7540, Transfer Protocol Version 2 (HTTP/2)", RFC 7540,
DOI 10.17487/RFC7540, May 2015, DOI 10.17487/RFC7540, May 2015,
<http://www.rfc-editor.org/info/rfc7540>. <http://www.rfc-editor.org/info/rfc7540>.
[RFC7736] Ma, K., "Content Delivery Network Interconnection (CDNI) [RFC7736] Ma, K., "Content Delivery Network Interconnection (CDNI)
Media Type Registration", RFC 7736, DOI 10.17487/RFC7736, Media Type Registration", RFC 7736, DOI 10.17487/RFC7736,
December 2015, <http://www.rfc-editor.org/info/rfc7736>. December 2015, <http://www.rfc-editor.org/info/rfc7736>.
[RFC7975] Niven-Jenkins, B., Ed., and R. van Brandenburg, Ed.,
"Request Routing Redirection Interface for Content
Delivery Network (CDN) Interconnection", RFC 7975,
DOI 10.17487/RFC7975, October 2016,
<http://www.rfc-editor.org/info/rfc7975>.
[RFC8007] Murray, R. and B. Niven-Jenkins, "Content Delivery Network
Interconnection (CDNI) Control Interface / Triggers",
RFC 8007, DOI 10.17487/RFC8007, December 2016,
<http://www.rfc-editor.org/info/rfc8007>.
[RFC8008] Seedorf, J., Peterson, J., Previdi, S., van Brandenburg,
R., and K. Ma, "Content Delivery Network Interconnection
(CDNI) Request Routing: Footprint and Capabilities
Semantics", RFC 8008, DOI 10.17487/RFC8008, December 2016,
<http://www.rfc-editor.org/info/rfc8008>.
Acknowledgments
The authors would like to thank David Ferguson, Francois Le Faucheur,
Jan Seedorf, and Matt Miller for their valuable comments and input to
this document.
Contributors
The authors would also like to thank Grant Watson and Kent Leung for
their contributions to this document.
Authors' Addresses Authors' Addresses
Ben Niven-Jenkins Ben Niven-Jenkins
Velocix (Alcatel-Lucent) Nokia
3 Ely Road 3 Ely Road
Milton, Cambridge CB24 6AA Milton, Cambridge CB24 6DD
UK United Kingdom
Email: ben@velocix.com Email: ben.niven-jenkins@nokia.com
Rob Murray Rob Murray
Velocix (Alcatel-Lucent) Nokia
3 Ely Road 3 Ely Road
Milton, Cambridge CB24 6AA Milton, Cambridge CB24 6DD
UK United Kingdom
Email: rmurray@velocix.com Email: rob.murray@nokia.com
Matt Caulfield Matt Caulfield
Cisco Systems Cisco Systems
1414 Massachusetts Avenue 1414 Massachusetts Avenue
Boxborough, MA 01719 Boxborough, MA 01719
USA United States of America
Phone: +1 978 936 9307 Phone: +1-978-936-9307
Email: mcaulfie@cisco.com Email: mcaulfie@cisco.com
Kevin J. Ma Kevin J. Ma
Ericsson Ericsson
43 Nagog Park 43 Nagog Park
Acton, MA 01720 Acton, MA 01720
USA United States of America
Phone: +1 978-844-5100 Phone: +1 978-844-5100
Email: kevin.j.ma@ericsson.com Email: kevin.j.ma@ericsson.com
 End of changes. 362 change blocks. 
901 lines changed or deleted 889 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/