One document matched: draft-cjlmw-cdni-metadata-00.xml
<?xml version="1.0" encoding="US-ASCII"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd" [
<!ENTITY rfc2119 PUBLIC "" "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml">
<!ENTITY rfc4291 PUBLIC "" "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4291.xml">
<!ENTITY rfc5952 PUBLIC "" "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5952.xml">
<!ENTITY I-D.draft-ietf-cdni-problem-statement PUBLIC "" "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.draft-ietf-cdni-problem-statement-03.xml">
<!ENTITY I-D.draft-davie-cdni-framework PUBLIC "" "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.draft-davie-cdni-framework-00.xml">
<!ENTITY rfc3986 PUBLIC "" "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3986.xml">
<!ENTITY rfc4287 PUBLIC "" "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4287.xml">
<!ENTITY rfc4151 PUBLIC "" "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4151.xml">
<!ENTITY I-D.draft-zyp-json-schema PUBLIC "" "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.draft-zyp-json-schema-03.xml">
<!ENTITY I-D.draft-ietf-cdni-requirements PUBLIC "" "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.draft-ietf-cdni-requirements-02.xml">
]>
<?rfc toc="yes"?>
<?rfc tocompact="yes"?>
<?rfc tocdepth="4"?>
<?rfc tocindent="yes"?>
<?rfc symrefs="yes"?>
<?rfc sortrefs="yes"?>
<?rfc comments="yes"?>
<?rfc inline="yes"?>
<?rfc compact="yes"?>
<rfc category="std" docName="draft-cjlmw-cdni-metadata-00" ipr="trust200902">
<front>
<title abbrev="CDN Interconnect Metadata">CDN Interconnect
Metadata</title>
<author fullname="Ben Niven-Jenkins" initials="B" surname="Niven-Jenkins">
<organization>Velocix (Alcatel-Lucent)</organization>
<address>
<postal>
<street>3 Ely Road</street>
<city>Milton</city>
<region>Cambridge</region>
<code>CB24 6AA</code>
<country>UK</country>
</postal>
<email>ben@velocix.com</email>
</address>
</author>
<author fullname="Rob Murray" initials="R" surname="Murray">
<organization>Velocix (Alcatel-Lucent)</organization>
<address>
<postal>
<street>3 Ely Road</street>
<city>Milton</city>
<region>Cambridge</region>
<code>CB24 6AA</code>
<country>UK</country>
</postal>
<email>rmurray@velocix.com</email>
</address>
</author>
<author fullname="Grant Watson" initials="G" surname="Watson">
<organization>Velocix (Alcatel-Lucent)</organization>
<address>
<postal>
<street>3 Ely Road</street>
<city>Milton</city>
<region>Cambridge</region>
<code>CB24 6AA</code>
<country>UK</country>
</postal>
<email>gwatson@velocix.com</email>
</address>
</author>
<author fullname="Matt Caulfield" initials="M" surname="Caulfield">
<organization>Cisco Systems</organization>
<address>
<postal>
<street>1414 Massachusetts Avenue</street>
<city>Boxborough</city>
<region>MA</region>
<code>01719</code>
<country>USA</country>
</postal>
<phone>+1 978 936 9307</phone>
<email>mcaulfie@cisco.com</email>
</address>
</author>
<author fullname="Kent Leung" initials="K" surname="Leung">
<organization>Cisco Systems</organization>
<address>
<postal>
<street>3625 Cisco Way</street>
<city>San Jose</city>
<code>95134</code>
<country>USA</country>
</postal>
<phone>+1 408 526 5030</phone>
<email>kleung@cisco.com</email>
</address>
</author>
<date />
<abstract>
<t>The CDNI Metadata Interface enables interconnected CDNs to exchange
content distribution metadata in order to enable content acquisition and
delivery. The CDNI metadata associated with a piece of content provides
a downstream CDN with sufficient information for the downstream CDN to
service content requests on behalf of an upstream CDN. This document
describes both the core set of CDNI metadata and the protocol for
exchanging that metadata.</t>
</abstract>
<note title="Requirements Language">
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in <xref
target="RFC2119">RFC 2119</xref>.</t>
</note>
</front>
<middle>
<section title="Introduction">
<t>CDNI enables a downstream CDN to service content requests on behalf
of an upstream CDN. In the simplest use case, a content request received
by the downstream CDN provides sufficient information for sending a
response. More complex use cases require additional context, i.e.
metadata. The CDNI metadata associated with a piece of content (or with
a set of contents) provides a downstream CDN with sufficient information
for servicing content requests on behalf of an upstream CDN in
accordance with the policies defined by the upstream CDN.</t>
<t>The CDNI Metadata Interface is introduced by <xref
target="I-D.ietf-cdni-problem-statement"></xref> along with three other
interfaces that may be used to compose a CDNI solution (Control, Request
Routing and Logging). <xref target="I-D.davie-cdni-framework"></xref>
expands on the information provided in <xref
target="I-D.ietf-cdni-problem-statement"></xref> and describes each
interface, and the relationships between them, in more detail. The
requirements for the CDNI metadata interface are specified in <xref
target="I-D.ietf-cdni-requirements"></xref></t>
<t>This document focuses on the CDNI Metadata interface which enables a
downstream CDN to obtain CDNI Metadata from an upstream CDN so that the
downstream CDN can properly process and respond to:</t>
<t><list style="symbols">
<t>Redirection Requests received over the CDNI Request Routing
protocol.</t>
<t>Content Requests received directly from User Agents.</t>
</list></t>
<t>Specifically this document proposes:</t>
<t><list style="symbols">
<t>A data structure for mapping content requests to CDNI Metadata
properties (<xref target="data-model"></xref>).</t>
<t>An initial set of CDNI Metadata properties (<xref
target="addressable-object-properties"></xref> through <xref
target="simple-data-types"></xref>).</t>
<t>A RESTful web service for the transfer of CDNI Metadata (<xref
target="metadata-interface"></xref>).</t>
</list></t>
<section anchor="terminology" title="Terminology">
<t>This document reuses the terminology defined in <xref
target="I-D.ietf-cdni-problem-statement"></xref>.</t>
<t>Additionally, the following terms are used throughout this document
and are defined as follows:<list style="symbols">
<t>Object - a collection of properties</t>
<t>Property - a key / value pair where the key is a property name
and the value is the property value (possibly an object)</t>
</list></t>
</section>
</section>
<section title="Design Principles">
<t>The proposed CDNI Metadata Interface aims to achieve the following
design principles:</t>
<t><list style="numbers">
<t>Cacheability of CDNI metadata objects</t>
<t>Deterministic mapping from content requests to CDNI metadata
properties</t>
<t>Support for DNS redirection as well as application-specific
redirection (for example HTTP redirection)</t>
<t>Minimal duplication of CDNI metadata</t>
<t>Leverage existing protocols</t>
</list></t>
<t>Cacheability improves the latency of acquiring metadata and therefore
improves the latency of serving content requests. The CDNI Metadata
Interface uses HTTP to achieve cacheability.</t>
<t>Deterministic mappings from content requests to metadata properties
eliminates ambiguity and ensures that the same policies are applied
consistently by all downstream CDNs.</t>
<t>Support for both HTTP and DNS redirection ensures that the CDNI
Metadata Interface can be used for HTTP and DNS redirection and also
meets the same design principles for both HTTP and DNS based redirection
schemes.</t>
<t>Minimal duplication of CDNI metadata provides space efficiency on
storage in the CDNs, on caches in the network, and across the network
between CDNs.</t>
<t>Leveraging existing protocols avoids reinventing common mechanisms
such as data structure encoding (e.g. XML, JSON) and data transport
(e.g. HTTP).</t>
</section>
<section anchor="data-model" title="CDNI Metadata Data Model">
<t>The CDNI Metadata Model describes a data structure for mapping
content requests to metadata properties. Metadata properties describe
how to acquire, authorize, and deliver content from a downstream CDN.
The data model relies on the assumption that these metadata properties
may be aggregated based on the authoritative hostname of the content and
subsequently on the resource path of the content. The data model
associates a set of CDNI Metadata properties with a Hostname to form a
default set of metadata properties for content delivered for that
Hostname. That default set of metadata properties can be overridden by
properties that apply to specific paths within a URI.</t>
<t>Different Hostnames and URI paths will contain different sets of CDNI
Metadata properties in order to describe the required behaviour when a
dCDN surrogate is processing User Agent requests for content on that
Hostname or URI path. As a result of this structure, significant
commonality may exist between the CDNI Metadata properties specified for
different Hostnames, different URI paths within a Hostname and different
URI paths on different Hostnames. For example the definition of which
User Agent IP addresses should be treated as being grouped together into
a single network or geographic location is likely to be common for a
number of different Hostnames. Another example is that although a uCDN
is likely to have several different policies configured to express
geo-blocking rules, it is likely that a single geo-blocking policy would
be applied to multiple Hostnames delivered through the CDN. </t>
<t>In order to enable the CDNI Metadata for a given Hostname or URI Path
to be decomposed into sets of CDNI Metadata properties that can be
reused by multiple Hostnames and URI Paths the CDNI Metadata interface
specified in this document splits the CDNI Metadata into a number of
objects. Efficiency is improved by enabling a single CDNI Metadata
object (that is shared across Hostname and/or URI paths) to be retrieved
by a dCDN once, even if it is referenced by the CDNI Metadata of
multiple Hostnames.</t>
<t><xref target="hostindex-intro"></xref> introduces a high level
description of the HostIndex, HostMetadata and PathMetadata objects and
describes the relationships between those objects.</t>
<t><xref target="other-objects-intro"></xref> introduces a high level
description of the remaining CDNI Metadata objects and describes the
relationships between those objects as well as the relationships of
those objects to HostMetadata and PathMetadata objects.</t>
<t><xref target="addressable-object-properties"></xref> describes the
specific properties of each object in more detail.</t>
<section anchor="hostindex-intro"
title="HostIndex, HostMetdata & PathMetadata objects">
<t>A HostIndex object contains a list of Hostnames that may be
delegated to the downstream CDN. The HostIndex is the starting point
for accessing the uCDN's CDNI Metadata data store. It enables
surrogates in the dCDN to deterministically discover, on receipt of a
User Agent request for content, which other CDNI Metadata objects it
requires in order to deliver the requested content.</t>
<t>The HostIndex links end-user facing Hostnames to HostMetadata
objects, which contain (or reference) the default CDNI Metadata
required to serve content for that Hostname. When looking up CDNI
Metadata, the downstream CDN looks up the requested Hostname in the
HostIndex, from there it can find HostMetadata which describes
delivery rules for a Hostname and PathMetadata which may override
those rules for given URI paths within the Hostname.</t>
<t>As well as containing the default CDNI Metadata for the specified
Hostname, HostMetadata and PathMetadata objects may also contain
PathMatch objects which in turn contain PathMetadata objects.
PathMatch objects override the CDNI Metadata in the HostMetadata
object or one or more preceding PathMetadata objects with more
specific CDNI Metadata that applies to content requests matching the
pattern defined in that PathMatch object.</t>
<t>For the purposes of retrieving CDNI Metadata all other required
CDNI Metadata objects and their properties are discoverable from the
appropriate HostMetadata, PathMatch and PathMetadata objects for the
requested content.</t>
<t>The relationships between the HostIndex, HostMatch, HostMetadata,
PathMatch and PathMetadata objects are described in <xref
target="metadata-model-figure-top"></xref>.</t>
<t><figure anchor="metadata-model-figure-top"
title="Relationships between the HostIndex, HostMetadata & PathMetadata CDNI Metadata Objects">
<artwork><![CDATA[+---------+ +---------+ +------------+
|HostIndex+---->|HostMatch|---->|HostMetadata+----------------+
+---------+ +---------+ +------+-----+ |
| |
V V
+---------+ ************************
+--->|PathMatch| *Other Metadata Objects*
| +---------+ ************************
| | ^
| V |
| +------------+ |
+--|PathMetadata+----------------+
+------------+
]]></artwork>
<postamble>Key: ----> = References</postamble>
</figure></t>
<t>The table below describes the HostIndex, HostMetadata and
PathMetadata objects in more detail.</t>
<texttable anchor="hostindex-objects-table"
title="HostIndex, HostMetadata and PathMetadata CDNI Metadata Objects">
<ttcol>Data Object</ttcol>
<ttcol>Description</ttcol>
<c>HostIndex</c>
<c>A HostIndex object lists the Hostnames that an upstream CDN can
provide CDNI metadata for and the URIs to use for retrieving that
CDNI Metadata. For example, if "example.com" is a content provider,
the HostIndex object may include an entry for "example.com" with the
URI of the associated HostMetadata object. These hostnames are
contained inside a list of HostMatch objects.</c>
<c>HostMatch</c>
<c>A HostMatch object defines a hostname to match against a
requested host, and contains or references a HostMetadata object
which contains CDNI Metadata properties to be applied when a content
request matches against the hostname.</c>
<c>HostMetadata</c>
<c>A HostMetadata object contains (or references) the default CDNI
Metadata properties for content served from that hostname, i.e. the
CDNI Metadata properties for content requests that do not match any
of the PathMatch objects contained or referenced by that
HostMetadata object. For example, a HostMetadata object may describe
the metadata properties which apply to "example.com" and may contain
PathMatches for "example.com/movies/*" and "example.com/music/*"
which reference corresponding PathMetadata objects that contain the
CDNI Metadata properties for those specific URI paths.</c>
<c>PathMatch</c>
<c>A PathMatch object defines a pattern to match against the
requested path, and contains or references a PathMetadata object
which contains (or references) the CDNI Metadata properties to be
applied when a content request matches against the defined URI path
pattern.</c>
<c>PathMetadata</c>
<c>A PathMetadata object contains the CDNI Metadata properties for
content served with the associated URI path (defined in a PathMatch
object). A PathMetadata object may also contain PathMatch objects in
order to recursively define more specific URI paths that require
different (e.g. more specific) CDNI Metadata to this one. For
example, the PathMetadata object which applies to
"example.com/movies/*" may describe CDNI metadata which apply to
that resource path and may contain a PathMatch object for
"example.com/movies/hd/*" which would reference the corresponding
PathMetadata object for the "example.com/movies/hd/" path
prefix.</c>
</texttable>
<t></t>
</section>
<section anchor="other-objects-intro"
title="Remaining CDNI Metadata objects">
<t>The HostMetadata and PathMetadata objects contain or can reference
other CDNI Metadata objects that contain properties which describe how
User Agent requests for content should be processed, for example where
to acquire the content, authorization rules that should be applied,
delivery location restrictions and so on. The properties associated
with the processing of User Agent requests fall into two categories,
Delivery and Acquisition. Delivery properties, such as Location based
restrictions, are contained or referenced within a Delivery object.
Acquisition properties, such as which Origin Server to use to acquire
the content, are contained or referenced within an Acquisition Object.
Delivery and Acquisition objects contain or reference other CDNI
Metadata objects to define the properties and rules which should be
applied when processing requests for content. In some cases the rules
that should be applied are complex but also likely to be reusable and
repeated across many HostMetadata or PathMetadata objects. </t>
<t>The relationships between the HostMetadata and PathMetadata objects
and the other CDNI Metadata objects (Delivery object, Acquisition
object, etc.) required for CDNI request routing and delivery are
illustrated in <xref
target="metadata-model-figure-bottom"></xref>.</t>
<t><figure anchor="metadata-model-figure-bottom"
title="Relationships between HostMetadata and PathMetadata and the other CDNI Metadata Objects">
<artwork><![CDATA[ +-------------+ +----------------+
+--------------+ +--> | Acquisition | -----> | Source |
| HostMetadata | | +-------------+ +----------------+
| - or - | ---+
| PathMetadata | | +-------------+ +----------------+
+--------------+ +--> | Delivery | --+--> | TimeWindow ACL |
+-------------+ | +----------------+
|
| +----------------+
+--> | Location ACL* |
| +----------------+
|
| +----------------+
+--> | Auth |
+----------------+
*example ACL
+----------------+ +----------------+
| Location ACL | = | ACL |
+----------------+ +----------------+
|
v
+----------------+
| ACL Rules |
+----------------+
|
v
+----------------+
| Location |
+----------------+
]]></artwork>
<postamble>Key: ----> = References</postamble>
</figure></t>
<t>The table below describes the remaining CDNI Metadata objects that
were not defined in <xref target="hostindex-intro"></xref>.</t>
<texttable anchor="metadata-objects-table"
title="Content Distribution Metadata Data Objects">
<ttcol>Data Object</ttcol>
<ttcol>Description</ttcol>
<c>Acquisition</c>
<c>Container object for metadata that applies to content
acquisition.</c>
<c>Delivery</c>
<c>Container object for metadata that applies to content
delivery.</c>
<c>Source</c>
<c>Information needed by a dCDN to acquire content. For example the
host to contact, the protocol to use for acquisition and any
authentication and authorization methods that should be used.</c>
<c>ACL</c>
<c>Contains or references a list of ACLRules that are used to define
any delivery restrictions that must be applied e.g. Location
restrictions or Time based restrictions.</c>
<c>ACLRule</c>
<c>Contains or references a list of objects which define to what the
restrictions should be applied e.g. an ACLRule may reference a
Location Object if a location based ACL is required.</c>
<c>TimeWindow</c>
<c>Start and end time used to specify windows of availability or
unavailability for the content.</c>
<c>Location</c>
<c>Geographic or network location identified by country code, BGP AS
number, or subnet to which content may (or may not) be
delivered.</c>
<c>Auth</c>
<c>Method and credentials for authentication and authorization
including URI-signing, token-base, etc.</c>
</texttable>
<t>The relationships in <xref
target="metadata-model-figure-top"></xref> and <xref
target="metadata-model-figure-bottom"></xref> are summarised in <xref
target="metadata-model-table"></xref> below and the properties of each
object are described in <xref
target="addressable-object-properties"></xref>.</t>
<texttable anchor="metadata-model-table"
title="Relationships between CDNI Metadata Objects">
<ttcol>Data Object</ttcol>
<ttcol>Objects it References</ttcol>
<c>HostIndex</c>
<c>0 or more HostMetadata objects.</c>
<c>HostMetadata</c>
<c>0 or more PathMatch objects. 0 or 1 Delivery objects. 0 or 1
Acquisition objects.</c>
<c>PathMatch</c>
<c>1 PathMetadata object.</c>
<c>PathMetadata</c>
<c>0 or more PathMatch objects. 0 or 1 Delivery objects. 0 or 1
Acquisition objects.</c>
<c>Acquisition</c>
<c>0 or more Source objects.</c>
<c>Delivery</c>
<c>0 or more ACL objects. 0 or more Auth objects.</c>
<c>ACL</c>
<c>0 or more ACLRule objects.</c>
<c>ACLRule</c>
<c>0 or more Location objects or 0 or more TimeWindow objects.</c>
</texttable>
<t></t>
</section>
<section title="Metadata Inheritance">
<t>In the data model, a HostMetadata object may contain (or reference)
multiple PathMetadata objects. Each PathMetadata object may in turn
contain (or reference) other PathMetadata objects. These relationships
form a tree.</t>
<t>The tree of HostMetadata objects and PathMetadata objects forms an
inheritance tree. Each node in the tree inherits the property values
set by its parent.</t>
<t>In the tree, a child may override any property value which has been
set by its parent. If a HostMetadata object sets the value of a
property, that value may be overridden by a PathMetadata object (the
child of the HostMetadata object). If a PathMetadata object contains
(or references) other PathMetadata objects as children, then those
children PathMetadata objects may override the property values set by
the parent PathMetadata object.</t>
<t>If a child node overrides the value of a list, then the entire list
is replaced with the value set by the child node. If a child node
overrides the value of an object, then the whole object is replaced
with the value set by the child node.</t>
</section>
</section>
<section anchor="abstract-metadata-description"
title="Encoding-Independent CDNI Metadata Object Descriptions">
<t>This section provides the definitions of each object type declared in
<xref target="data-model"></xref>. The definition of each object
contains an unordered set of properties. The type of some properties is
another CDNI Metadata object and in those cases the value of the
property can be either an object of that type (the object is embedded)
or a Link object that describes a URI and relationship that can be
dereferenced to retrieve the CDNI Metadata object that should be used as
the value of that property.</t>
<section anchor="addressable-object-properties"
title="CDNI Metadata Data Object Descriptions">
<t>Each of the sub-sections below describes the properties associated
with the data objects defined in <xref
target="metadata-objects-table"></xref>.</t>
<t></t>
<section anchor="HostIndex" title="HostIndex">
<t>The HostIndex object is the entry point into the CDNI Metadata
hierarchy. An incoming content request is matched against the list
of hosts to find the HostMatch object which applies to the
request.</t>
<t><list style="empty">
<t>Property: hosts<list style="empty">
<t>Description: List of HostMatch objects</t>
<t>Type: List of HostMatch</t>
<t>Mandatory: Yes.</t>
</list></t>
</list></t>
</section>
<section anchor="HostMatch" title="HostMatch">
<t>The HostMatch object contains a hostname to match against and a
metadata object to apply if a match is found.</t>
<t><list style="empty">
<t>Property: hostname<list style="empty">
<t>Description: String to match against the requested
host.</t>
<t>Type: String</t>
<t>Mandatory: Yes</t>
</list></t>
</list><list style="empty">
<t>Property: hostmetadata<list style="empty">
<t>Description: CDNI Metadata to apply when delivering
content that matches this pattern.</t>
<t>Type: HostMetadata</t>
<t>Mandatory: Yes</t>
</list></t>
</list></t>
</section>
<section anchor="HostMetadata" title="HostMetadata">
<t>The HostMetadata object contains both metadata that applies to
content requests for a particular host and a list of pattern matches
for finding more specific metadata based on the resource path in a
content request.</t>
<t><list style="empty">
<t>Property: acquisition<list style="empty">
<t>Description: Container for content acquisition related
metadata.</t>
<t>Type: Acquisition</t>
<t>Mandatory: No. No default.</t>
</list></t>
</list><list style="empty">
<t>Property: delivery<list style="empty">
<t>Description: Container for content delivery related
metadata.</t>
<t>Type: Delivery</t>
<t>Mandatory: No. No default.</t>
</list></t>
</list><list style="empty">
<t>Property: paths<list style="empty">
<t>Description: Path specific rules. First match
applies.</t>
<t>Type: List of PathMatch</t>
<t>Mandatory: No. Default apply the properties defined in
this HostMetadata object to all paths.</t>
</list></t>
</list><list style="empty">
<t>Property: hostname<list style="empty">
<t>Description: The end-user facing Hostname for this
HostMetadata object.</t>
<t>Type: Hostname</t>
<t>Mandatory: Yes.</t>
</list></t>
</list></t>
</section>
<section anchor="Acquisition" title="Acquisition">
<t>Metadata which provides the dCDN information about content
acquisition e.g. how to contact an uCDN Surrogate or an Origin
Server. The sources are not necessarily the actual Origin Servers
operated by the CSP but might be a set of Surrogates in the
uCDN.</t>
<t><list style="empty">
<t>Property: sources<list style="empty">
<t>Description: Sources from which the dCDN can acquire
content.</t>
<t>Type: List of Source</t>
<t>Mandatory: No. Defaults to empty list.</t>
</list></t>
</list></t>
</section>
<section anchor="Delivery" title="Delivery">
<t>Metadata related to content delivery, e.g. delivery restrictions
or content authorization methods.</t>
<t><list style="empty">
<t>Property: locations<list style="empty">
<t>Description: Access control list which applies
restrictions to delivery based on client location.</t>
<t>Type: ACL</t>
<t>Mandatory: No. Defaults is allow all locations.</t>
</list></t>
</list><list style="empty">
<t>Property: times<list style="empty">
<t>Description: Access control list which applies
restrictions to delivery based on request time.</t>
<t>Type: ACL</t>
<t>Mandatory: No. Defaults is allow all times.</t>
</list></t>
</list><list style="empty">
<t>Property: auth<list style="empty">
<t>Description: Options for authenticating content requests.
All options in the list are equally valid.</t>
<t>Type: List of Auth</t>
<t>Mandatory: No. Defaults is no auth.</t>
</list></t>
</list><list style="empty">
<t>Property: protocol<list style="empty">
<t>Description: The delivery protocol to be used for content
requests that match this HostMetadata object.</t>
<t>Type: protocol</t>
<t>Mandatory: Yes.</t>
</list></t>
</list><list style="empty">
<t>Property: active<list style="empty">
<t>Description: Enable or disable delivery from this
host.</t>
<t>Type: boolean</t>
<t>Mandatory: No. Default yes.</t>
</list></t>
</list></t>
</section>
<section anchor="PathMatch" title="PathMatch">
<t>The PathMatch object contains an expression to match against and
a metadata object to apply if a match is found.</t>
<t><list style="empty">
<t>Property: pattern<list style="empty">
<t>Description: String to match against the requested path,
i.e. against the <xref target="RFC3986"></xref>
path-absolute.</t>
<t>Type: Pattern</t>
<t>Mandatory: Yes</t>
</list></t>
</list><list style="empty">
<t>Property: patternflags<list style="empty">
<t>Description: Flags to control the pattern match.</t>
<t>Type: List of PatternFlags</t>
<t>Mandatory: No. Default Case-sensitive infix matching.</t>
</list></t>
</list><list style="empty">
<t>Property: pathmetadata<list style="empty">
<t>Description: CDNI Metadata to apply when delivering
content that matches this pattern.</t>
<t>Type: PathMetadata</t>
<t>Mandatory: Yes</t>
</list></t>
</list></t>
</section>
<section anchor="PathMetadata" title="PathMetadata">
<t>A PathMetadata object contains the CDNI Metadata properties for
content served with the associated URI path (defined in a PathMatch
object). Note that if CDNI metadata is used as an input to CDNI
request routing and DNS-based redirection is employed, then any
metadata at the PathMetadata level or below will be inaccessible at
request routing time.</t>
<t>PathMetadata objects may contain any of the properties of a
HostMetadata object with the following exceptions:</t>
<t><list style="symbols">
<t>PathMetadata objects MUST NOT contain a hostname
property.</t>
<t>PathMetadata objects MUST NOT contain a protocol
property.</t>
<t>The presence of an sources property is OPTIONAL.</t>
</list></t>
<t></t>
</section>
<section anchor="ACL" title="ACL">
<t>An ACL object contains or references a list of ACLRule objects
which define a set of restrictions to apply to content delivery e.g.
Location restrictions. An ACL may reference or contain ACLRules
referencing or containing Location or TimeWindow objects but not
both.</t>
<t><list style="empty">
<t>Property: aclrules<list style="empty">
<t>Description:</t>
<t>Type: List of ACLRule</t>
<t>Mandatory: No. Default no rules.</t>
</list></t>
</list></t>
</section>
<section anchor="ACLRule" title="ACLRule">
<t>An ACLRule contains or references a list of either TimeWindow or
Location objects. ACLRule objects are used to construct ACL to apply
restrictions to content delivery.</t>
<t>Note: Although both the allow and deny properties are optional,
one and only one of them MUST be present in an ACLRule. An ACLRule
must also only refer to one of Location or TimeWindow but not both
and should only refer to the objects relevant to the ACL type as
defined by Delivery Metadata i.e. a Delivery Metadata object with an
ACL with relationship of LocationACL must not reference TimeWindow
objects further down in the Metadata hierarchy.</t>
<t><list style="empty">
<t>Property: allow<list style="empty">
<t>Description: List of either Locations (Location ACL) or
Time Windows (TimeWindow ACL) which must be allowed.</t>
<t>Type: List of Location or TimeWindow</t>
<t>Mandatory: No. Default implicit Allow.</t>
</list></t>
</list><list style="empty">
<t>Property: deny<list style="empty">
<t>Description: List of either Locations (Location ACL) or
Time Windows (TimeWindow ACL) which must be denied.</t>
<t>Type: List of Location or TimeWindow</t>
<t>Mandatory: No. Default implicit Deny.</t>
<t></t>
</list></t>
</list></t>
</section>
<section anchor="TimeWindow" title="TimeWindow">
<t>A TimeWindow object describes a time range which may be applied
by an ACLRule, e.g. Start 09:00AM 01/01/2000 End 17:00PM
01/01/2000.</t>
<t><list style="empty">
<t>Property: start<list style="empty">
<t>Description: The start time of the window.</t>
<t>Type: Time</t>
<t>Mandatory: Yes</t>
</list></t>
</list><list style="empty">
<t>Property: end<list style="empty">
<t>Description: The end time of the window.</t>
<t>Type: Time</t>
<t>Mandatory: Yes</t>
</list></t>
</list></t>
</section>
<section anchor="Location" title="Location">
<t>A Location object describes a Location which may be applied by an
ACLRule, e.g. a Location may be an IPv4 address range or a
geographic location.</t>
<t><list style="empty">
<t>Property: iprange<list style="empty">
<t>Description: A set of IP Addresses.</t>
<t>Type: List of IPRange.</t>
<t>Mandatory: Yes</t>
</list></t>
</list></t>
<t>[Ed: Location as specified above only supports the Class 1a names
described in [I-D.jenkins-cdni-names]. Need to add support for Class
1b names to a later version.]</t>
</section>
<section anchor="Source" title="Source">
<t>A Source object describes the Source which should be used by the
dCDN for content acquisition, e.g. a Surrogate within the uCDN or an
alternate Origin Server, the protocol to be used and any
authentication method.</t>
<t><list style="empty">
<t>Property: auth<list style="empty">
<t>Description: Authentication method to use when requesting
content from this source.</t>
<t>Type: Auth</t>
<t>Mandatory: No. Default is no authentication.</t>
</list></t>
</list><list style="empty">
<t>Property: endpoints<list style="empty">
<t>Description: Origins from which the dCDN can acquire
content.</t>
<t>Type: List of EndPoint</t>
<t>Mandatory: Yes.</t>
</list></t>
</list><list style="empty">
<t>Property: protocol<list style="empty">
<t>Description: Protocol to use for content acquisition.</t>
<t>Type: Protocol</t>
<t>Mandatory: Yes.</t>
</list></t>
</list></t>
</section>
<section anchor="Auth" title="Auth">
<t>An Auth object defines authentication and authorization methods
to be used during content delivery and content acquisition, e.g.
methods such as tokenization and URL Signing.</t>
<t><list style="empty">
<t>Property: type<list style="empty">
<t>Description: A string containing the authentication type
“url-signing”, "url-token", "http-basic", or
"http-digest". The type dictates which optional fields are
present and valid in the rest of the object. The
“url-signing” type refers to URL signing
authentication. The "url-token" type refers to token-based
authentication. The “basic” and
“digest” types refer to HTTP Basic and Digest
access authentication.</t>
<t>Type: String</t>
<t>Mandatory: Yes.</t>
</list></t>
</list><list style="empty">
<t>Property: algo<list style="empty">
<t>Description: A string containing the signature algorithm
(e.g. “md5”, “sha-1”, etc.).</t>
<t>Type: String</t>
<t>Mandatory: Yes, if type is "url-signing".</t>
</list></t>
</list><list style="empty">
<t>Property: symmetric<list style="empty">
<t>Description: A boolean if true, URL signing uses
symmetric keys, otherwise asymmetric.</t>
<t>Type: boolean</t>
<t>Mandatory: Yes, if type is "url-signing".</t>
</list></t>
</list><list style="empty">
<t>Property: key<list style="empty">
<t>Description: A hex-encoded number containing the public
key for verifying signatures, only valid if "symmetric"
field is set to false.</t>
<t>Type: boolean</t>
<t>Mandatory: Yes, if type is "url-signing".</t>
</list></t>
</list><list style="empty">
<t>Property: username<list style="empty">
<t>Description: A string containing the username for
“basic” and “digest” types.</t>
<t>Type: String</t>
<t>Mandatory: Yes, if type is "basic" or "digest".</t>
</list></t>
</list><list style="empty">
<t>Property: password<list style="empty">
<t>Description: A string containing the password for
“basic” and “digest” types.</t>
<t>Type: String</t>
<t>Mandatory: Yes, if type is "basic" or "digest".</t>
</list></t>
</list></t>
</section>
<section anchor="Link" title="Link">
<t>A link object may be used in place of any of the objects
described above. Links can be used to avoid duplication if the same
metadata information is repeated within the metadata tree. When a
link replaces an object, its href property is set to the URI of the
resource, its rel property is set to the name of the property it is
replacing, and its type property is set to the type of the object it
is replacing.</t>
<t><list style="empty">
<t>Property: href<list style="empty">
<t>Description: The URI of the of the addressable object
being referenced.</t>
<t>Type: URI</t>
<t>Mandatory: Yes</t>
</list></t>
</list><list style="empty">
<t>Property: rel<list style="empty">
<t>Description: The Relationship between the referring
object and the object it is referencing.</t>
<t>Type: String</t>
<t>Mandatory: Yes</t>
</list></t>
</list><list style="empty">
<t>Property: type<list style="empty">
<t>Description: The type of the object being referenced.</t>
<t>Type: String</t>
<t>Mandatory: Yes</t>
</list></t>
</list></t>
</section>
</section>
<section anchor="simple-data-types"
title="CDNI Metadata Simple Data Type Descriptions">
<t>This section describes the simpler data types that are used for
properties of CDNI Metadata objects.</t>
<section title="Protocol">
<t>This type only appears in Links. Links with this type are not
machine readable but rather represent particular feature sets of a
protocol defined in a specification and implemented in code. The URI
contained in the link needs to be defined for each delivery protocol
with an associated interoperable feature set.</t>
<t>The following examples are illustrative:</t>
<t><list style="symbols">
<t>http://url.cdni.ietf.example/protocol/delivery/http/rfcABCD</t>
<t>http://url.cdni.ietf.example/protocol/delivery/rtmp/rfcEFGH</t>
<t>http://url.vendorY.ietf.example/protocol/delivery/rtmp/releaseP.Q</t>
</list></t>
<t>[Editor's Note: It may be more appropriate to use the
‘tag’ URI scheme <xref target="RFC4151"></xref> for
these URIs.]</t>
</section>
<section title="Endpoint">
<t>A hostname (with optional port) or an IP address (with optional
port).</t>
<t>Note: Client implementations MUST support IPv4 addresses encoded
as specified by the 'IPv4address' rule in Section 3.2.2 of <xref
target="RFC3986"></xref> and MUST support all IPv6 address formats
specified in <xref target="RFC4291"></xref>. Server implementations
SHOULD use IPv6 address formats specified in <xref
target="RFC5952"></xref>.</t>
</section>
<section title="IPRange">
<t>One of:</t>
<t><list style="symbols">
<t>A range of consecutive IP addresses (IPv4 or IPv6) expressed
as Address1-Address2 which does not have to be to power of two
aligned, for example the range 192.0.2.1-192.0.2.10 is valid.
The first Address in the range MUST be 'lower' than the final
address in the range.</t>
<t>A valid IP subnet (IPv4 or IPv6) expressed using CIDR
notation.</t>
<t>A single IP address (IPv4 or IPv6).</t>
</list></t>
<t>Note: Client implementations MUST support IPv4 addresses encoded
as specified by the 'IPv4address' rule in Section 3.2.2 of <xref
target="RFC3986"></xref> and MUST support all IPv6 address formats
specified in <xref target="RFC4291"></xref>. Server implementations
SHOULD use IPv6 address formats specified in <xref
target="RFC5952"></xref>.</t>
</section>
<section title="Pattern">
<t>A pattern for string matching paths. The string may contain the
wildcards * and ?.</t>
<t><list style="symbols">
<t>* matches any sequence of characters (including the empty
string).</t>
<t>? matches exactly one character.</t>
</list></t>
<t>Escaping: The three literals \ , * and ? should be escaped as \\,
\* and \?</t>
</section>
<section title="PatternFlags">
<t>A set of flags indicating how a pattern match is made. The flags
are:</t>
<t><list style="symbols">
<t>Case-insensitive - Perform a case insensitive match (absence
indicates case-sensitive match).</t>
<t>Prefix - Match against the start of the string (absence
indicates that a match may start anywhere in the string).</t>
<t>Suffix - Match against the end of the string (absence
indicates that a match may end anywhere in the string).</t>
</list></t>
<t>Absence of both Prefix and Suffix results in a match against any
part of the string (infix).</t>
</section>
<section title="URI">
<t>A URI as specified in <xref target="RFC3986"></xref>.</t>
</section>
<section title="Time">
<t>A time value expressed in seconds since Unix epoch in the UTC
timezone.</t>
</section>
</section>
</section>
<section anchor="metadata-interface" title="CDNI Metadata interface">
<t>This section specifies an interface to enable a Downstream CDN to
retrieve CDNI Metadata objects from an Upstream CDN.</t>
<t>The interface can be used by a Downstream CDN to retrieve CDNI
Metadata objects either dynamically as required by the Downstream CDN to
process received requests (for example in response to receiving a CDNI
Request Routing request from an Upstream CDN or in response to receiving
a request for content from a User Agent) or in advance of being
required.</t>
<t>The CDNI Metadata interface is built on the principles of RESTful web
services. This means that requests and responses over the interface are
built around the transfer of representations of hyperlinked resources. A
resource in the context of the CDNI Metadata interface is any object in
the Data Model (as described in <xref target="data-model"></xref>
through <xref target="addressable-object-properties"></xref>).</t>
<t>In the general case a CDNI Metadata server makes each instance of an
addressable CDNI Metadata object available via a unique URI that returns
a representation of that instance of that CDNI Metadata object. When an
object needs to reference another addressable CDNI Metadata object (for
example a HostIndex object referencing a HostMetadata object) it does so
by including a link to the referenced object.</t>
<t>CDNI Metadata servers are free to assign whatever structure they
desire to the URIs for CDNI Metadata objects and CDNI Metadata clients
MUST NOT make any assumptions regarding the structure of CDNI Metadata
URIs or the mapping between CDNI Metadata objects and their associated
URIs. Therefore any URIs present in the examples below are purely
illustrative and are not intended impose a definitive structure on CDNI
Metadata interface implementations.</t>
<section title="Transport">
<t>The CDNI Metadata interface uses HTTP as the underlying protocol
transport.</t>
<t>The HTTP Method in the request defines the operation the request
would like to perform. Servers implementing the CDNI Metadata
interface MUST support the HTTP GET and HEAD methods.</t>
<t>The corresponding HTTP Response returns the status of the operation
in the HTTP Status Code and returns the current representation of the
resource (if appropriate) in the Response Body. HTTP Responses from
servers implementing the CDNI Metadata interface that contain a
response body SHOULD include an ETag to enable validation of cached
versions of returned resources.</t>
<t>The CDNI Metadata interface specified in this document is a
read-only interface. Therefore support for other HTTP methods such as
PUT, POST and DELETE etc. is not specified. Server implementations of
this interface SHOULD reject all methods other than GET and HEAD.</t>
<t>As the CDNI Metadata interface builds on top of HTTP, CDNI Metadata
servers may make use of any HTTP feature when implementing the CDNI
Metadata interface, for example a CDNI Metadata server may make use of
HTTP's caching mechanisms to indicate that the returned
response/representation can be reused without re-contacting the CDNI
Metadata server.</t>
</section>
<section title="Retrieval of CDNI Metadata resources">
<t>In the general case a CDNI Metadata server makes each instance of
an addressable CDNI Metadata object available via a unique URI and
therefore in order to retrieve CDNI Metadata, a CDNI Metadata client
first makes a HTTP GET request for the URI of the HostIndex which
provides the CDNI Metadata client with a list of Hosts (along with
their public facing hostnames) that the upstream CDN may delegate to
the downstream CDN.</t>
<t>In order to retrieve the CDNI Metadata for a particular request the
CDNI Metadata client processes the received HostIndex object and finds
the corresponding HostMetadata entry (by matching the hostname in the
request against the hostnames in the HostIndex). The CDNI metadata
client then makes a GET request for the URI specified in the href key
of that Host's entry in the HostIndex.</t>
<t>In order to retrieve the most specific metadata for a particular
request, the CDNI metadata client inspects the HostMetadata for
references to more specific PathMetadata objects. If any PathMetadata
match the request, the CDNI metadata client makes another GET request
for the PathMetadata. Each PathMetadata object may also include
references to yet more specific metadata. If this is the case, the
CDNI metadata client continues requesting PathMetadata
recursively.</t>
<t>Where a downstream CDN is interconnected with multiple upstream
CDNs, the downstream CDN must decide which upstream CDN's metadata
should handle a particular User Agent request.</t>
<t>In the case of where application level redirection (e.g. HTTP 302
redirects) is being used between CDNs, it is expected that the
downstream CDN will be able to determine the upstream CDN that
redirected a particular request from information contained in the
received request (e.g. via the URI in case of HTTP redirection across
CDNs). With knowledge of which upstream CDN routed the request, the
downstream CDN can choose the correct metadata server.</t>
<t>In the case of DNS redirection there is not sufficient information
carried in the DNS request from User Agents to determine the upstream
CDN that redirected a particular request and therefore downstream CDNs
may have to apply local policy when deciding which upstream CDN's
metadata to apply.</t>
</section>
<section title="Bootstrapping">
<t>The URI for the HostIndex object of a given upstream CDN needs to
be either discovered by or configured in the downstream CDN. All other
objects/resources are then discoverable from the HostIndex object by
following the links in the HostIndex object and the referenced
HostMetadata and PathMetadata objects.</t>
<t>If the URI for the HostIndex object is not manually configured in
the downstream CDN then the HostIndex URI could be discovered via the
CDNI Control interface. An upstream CDN would advertise the URI of the
HostIndex object to the downstream CDN via the CDNI Control
Interface.</t>
</section>
<section title="Encoding">
<t>Object are resources that may be:</t>
<t><list style="symbols">
<t>Addressable, where the object is a resource that may be
retrieved or referenced via its own URI.</t>
<t>Embedded, where the object is contained (or inlined) within a
property of an addressable object.</t>
</list></t>
<t>In the descriptions of objects we use the term "X contains Y" to
mean either Y is directly embedded in X or that Y is linked to by X.
It is generally a deployment choice for the uCDN implementation to
decide when and which CDNI Metadata objects to embed and which are
separately addressable.</t>
<section anchor="media-types" title="MIME Media Types">
<t>All MIME types are prefixed with "application/cdni." The MIME
type for each object matches the type name of that object as defined
by this document.<xref target="metadata-media-types-table"></xref>
lists a few examples of the MIME Media Type for each object
(resource) that is retrievable through the CDNI Metadata interface.
The MIME type suffix depends on the metadata encoding, either "+xml"
or "+json".</t>
<texttable anchor="metadata-media-types-table"
title="MIME Media Types for CDNI Metadata resources">
<ttcol>Data Object</ttcol>
<ttcol>MIME Media Type</ttcol>
<c>HostIndex</c>
<c>application/cdni.HostIndex</c>
<c>HostMatch</c>
<c>application/cdni.HostMatch</c>
<c>HostMetadata</c>
<c>application/cdni.HostMetadata</c>
<c>PathMatch</c>
<c>application/cdni.PathMatch</c>
<c>PathMetadata</c>
<c>application/cdni.PathMetadata</c>
</texttable>
<t>See http://www.iana.org/assignments/media-types/index.html for
reference.</t>
</section>
<section title="JSON Encoding of Objects">
<t>One possible encoding for a CDNI Metadata object is a JSON object
containing a dictionary of (key,value) pairs where the keys are the
property names and the values are the associated property
values.</t>
<t>The keys of the dictionary are the names of the properties
associated with the object and are therefore dependent on the
specific object being encoded (i.e. dependent on the MIME Media Type
of the returned resource). Likewise, the values associated with each
key are dependent on the specific object being encoded (i.e.
dependent on the MIME Media Type of the returned resource).</t>
<t>Dictionary keys in JSON are case sensitive and therefore any
dictionary key defined by this document (for example the names of
CDNI Metadata object properties) MUST always be represented in
lowercase.</t>
<t>In addition to the properties of the object, the following three
additional keys defined below may be present in any object.</t>
<t><list style="empty">
<t>Key: base<list style="empty">
<t>Description: Provides a prefix for any relative URLs in
the object. This is similar to the XML base tag <xref
target="XML-BASE"></xref>. If absent, all URLs in the
remainder of the document must be absolute URLs.</t>
<t>Type: URI</t>
<t>Mandatory: No</t>
</list></t>
</list></t>
<t><list style="empty">
<t>Key: links<list style="empty">
<t>Description: The links of this object to other
addressable objects. Any property may be replaced by a link
to an object with the same type as the property it
replaces.</t>
<t>Type: List of Link</t>
<t>Mandatory: Yes</t>
</list></t>
</list></t>
<section title="JSON Example">
<t>A downstream CDN may request the HostIndex and receive the
following object of type "application/cdni.HostIndex+json":</t>
<t><figure>
<artwork><![CDATA[{
"host": [
{
"hostname": "video.example.com",
"links": [
{
"rel": "hostmetadata",
"type": "HostMetadata",
"href": "http://metadata.ucdn.com/video"
}
]
},
{
"hostname": "images.example.com",
"links": [
{
"rel": "hostmetadata",
"type": "HostMetadata",
"href": "http://metadata.ucdn.com/images"
}
]
}
]
}]]></artwork>
</figure></t>
<t>If the incoming request has a Host header with
"video.example.com" then the downstream CDN would fetch from the
next metadata object from "http://metadata.ucdn.com/video"
expecting a MIME type of "application/cdni.HostMetadata+json":</t>
<t><figure>
<artwork><![CDATA[{
"hostname": "video.example.com",
"acquisition": {
"source": [
{
"links": [{
"rel": "auth",
"type": "Auth",
"href": "http://metadata.ucdn.com/auth1234"
}],
"endpoint": "acq1.ucdn.com",
"protocol": "ftp"
},
{
"links": [{
"rel": "auth",
"type": "Auth",
"href": "http://metadata.ucdn.com/auth1234"
}],
"endpoint": "acq2.ucdn.com",
"protocol": "http"
}
]
},
"delivery": {
"location": {
"aclrule": {
"deny": { "iprange": "192.168.0.0/16" }
}
},
"auth": {
},
"protocol": "http",
"active": "true"
},
"path": [
{
"pattern": "/videos/trailers/*",
"patternflags": "prefix",
"links": [{
"rel": "pathmetadata",
"type": "PathMetadata",
"href": "http://metadata.ucdn.com/videos/trailers"
}]
},
{
"pattern": "/videos/movies/*",
"patternflags": "prefix",
"links": [{
"rel": "pathmetadata",
"type": "PathMetadata",
"href": "http://metadata.ucdn.com/videos/movies"
}]
}
]
}]]></artwork>
</figure></t>
<t>Suppose the path of the requested resource matches the
"/video/movies/*" pattern, the next metadata requested would be
for "http://metadata.ucdn.com/video/movies" with an expected type
of "application/cdni.PathMetadata":</t>
<t><figure>
<artwork><![CDATA[{
"delivery": {
"auth": {
}
},
"path": {
"pattern": "/videos/movies/hd/*",
"patternflags": "prefix",
"links": [{
"rel": "pathmetadata",
"type": "PathMetadata",
"href": "http://metadata.ucdn.com/videos/movies/hd"
}]
}
}]]></artwork>
</figure></t>
<t>Finally, if the path of the requested resource also matches the
"/videos/movies/hd/*" pattern, the downstream CDN would also fetch
the following object from
"http://metadata.ucdn.com/videos/movies/hd" with MIME type
"application/cdni.PathMetadata":</t>
<t><figure>
<artwork><![CDATA[{
"delivery": {
"time": {
"aclrule": {
"allow": {
"start": "1213948800",
"end": "1327393200"
}
}
}
}
}]]></artwork>
</figure></t>
</section>
</section>
<section title="XML Encoding of Objects">
<t>Another possible encoding for a CDNI Metadata object is an XML
document containing elements with tag names which match property
names and values which match the associated property values.</t>
<t>Tag names of elements are the names of the properties associated
with the object and are therefore dependent on the specific object
being encoded (i.e. dependent on the MIME Media Type of the returned
resource). Likewise, the values associated with each element are
dependent on the specific object being encoded (i.e. dependent on
the MIME Media Type of the returned resource).</t>
<t>Lists are encoded by repeating the singular form of a property
name. For example the "hosts" property is a list of "HostMatch"
objects. This list would be encoded as multiple "host" elements.</t>
<t>Link objects are a special case. If a Link object replaces a
property then a "link" element replaces the expected element. The
properties of the Link object are encoded as XML attributes. The
type attribute is set to the MIME type of the target object. The
href attribute is set to the URI of the target object. The rel
attribute is set to the name of the element being replaced.</t>
<section title="XML Example">
<t>A downstream CDN may request the HostIndex and receive the
following object of type "application/cdni.HostIndex+json":</t>
<t><figure>
<artwork><![CDATA[<HostIndex>
<host>
<hostname>video.example.com</hostname>
<link rel="hostmetadata" type="HostMetadata"
href="http://metadata.ucdn.com/video"/>
</host>
<host>
<hostname>images.example.com</hostname>
<link rel="hostmetadata" type="HostMetadata"
href="http://metadata.ucdn.com/images"/>
</host>
</HostIndex>]]></artwork>
</figure></t>
<t>If the incoming request has a Host header with
"video.example.com" then the downstream CDN would fetch from the
next metadata object from "http://metadata.ucdn.com/video"
expecting a MIME type of "application/cdni.HostMetadata+json":</t>
<t><figure>
<artwork><![CDATA[<HostMetadata>
<hostname>video.example.com</hostname>
<acquisition>
<source>
<link rel="auth" type="Auth"
href="http://metadata.ucdn.com/auth1234"/>
<endpoint>acq1.ucdn.com</endpoint>
<protocol>ftp</protocol>
</source>
<source>
<link rel="auth" type="Auth"
href="http://metadata.ucdn.com/auth1234"/>
<endpoint>acq2.ucdn.com</endpoint>
<protocol>http</protocol>
</source>
</acquisition>
<delivery>
<location>
<aclrule>
<deny>
<iprange>192.168.0.0/16</iprange>
</deny>
</aclrule>
</location>
<auth></auth>
<protocol>http</protocol>
<active>true</active>
</delivery>
<path>
<pattern>/videos/trailers/*</pattern>
<patternflags>prefix</patternflags>
<link rel="pathmetadata" type="PathMetadata"
href="http://metadata.ucdn.com/videos/trailers"/>
</path>
<path>
<pattern>/videos/movies/*</pattern>
<patternflags>prefix</patternflags>
<link rel="pathmetadata" type="PathMetadata"
href="http://metadata.ucdn.com/videos/movies"/>
</path>
</HostMetadata>]]></artwork>
</figure></t>
<t>Suppose the path of the requested resource matches the
"/video/movies/*" pattern, the next metadata requested would be
for "http://metadata.ucdn.com/video/movies" with an expected type
of "application/cdni.PathMetadata":</t>
<t><figure>
<artwork><![CDATA[<PathMetadata>
<delivery>
<auth></auth>
</delivery>
<path>
<pattern>/videos/movies/hd/*</pattern>
<patternflags>prefix</patternflags>
<link rel="pathmetadata" type="PathMetadata"
href="http://metadata.ucdn.com/videos/movies/hd"/>
</path>
</PathMetadata>]]></artwork>
</figure></t>
<t>Finally, if the path of the requested resource also matches the
"/videos/movies/hd/*" pattern, the downstream CDN would also fetch
the following object from
"http://metadata.ucdn.com/videos/movies/hd" with MIME type
"application/cdni.PathMetadata":</t>
<t><figure>
<artwork><![CDATA[<PathMetadata>
<delivery>
<time>
<aclrule>
<allow>
<start>1213948800</start>
<end>1327393200</end>
</allow>
</aclrule>
</time>
</delivery>
</PathMetadata>]]></artwork>
</figure></t>
</section>
</section>
</section>
<section title="Extensibility">
<t>The set of metadata properties may be extended with proprietary and
/ or custom properties. New properties may be added to any existing
object.</t>
<t>The names of such properties MUST begin with an "x-" prefix. If a
property is vendor specific, then "x-vendor-" SHOULD be used as the
name prefix, where the "vendor" string is replaced by the name of the
vendor.</t>
<t>The values of new properties MAY include an "ignorable" property
with a boolean type. If "ignorable" is set to true, then request
routers and surrogates in any interconnected CDN MAY safely ignore the
new property. If "ignorable" is set to false, then a CDN which does
not understand the property MUST NOT service a request for the
corresponding content.</t>
</section>
</section>
<section title="IANA Considerations">
<t>This document requests the registration of the "application/cdni"
MIME type.</t>
</section>
<section anchor="Security" title="Security Considerations">
<t>The CDNI Metadata Interface is expected to be secured as a function
of the transport protocol (e.g. HTTP authentication).</t>
<t>If a malicious metadata server is contacted by a downstream CDN, the
malicious server may provide metadata to the downstream CDN which denies
service for any piece of content to any user agent. The malicious server
may also provide metadata which directs a downstream CDN to a malicious
origin server instead of the actual origin server.</t>
<t>A malicious metadata client could request metadata for a piece of
content from an upstream CDN. However, given the current set of metadata
properties, no useful information would be compromised.</t>
</section>
<section anchor="Acknowledgements" title="Acknowledgements">
<t>The authors would like to thank David Ferguson and Francois le
Faucheur for their valuable comments and input to this document.</t>
</section>
</middle>
<back>
<references title="Normative References">
&rfc2119;
&rfc4291;
&rfc5952;
</references>
<references title="Informative References">
&I-D.draft-ietf-cdni-problem-statement;
&I-D.draft-davie-cdni-framework;
&rfc3986;
&rfc4287;
&rfc4151;
&I-D.draft-zyp-json-schema;
&I-D.draft-ietf-cdni-requirements;
<reference anchor="XML-BASE">
<front>
<title>XML Base (Second Edition) -
http://www.w3.org/TR/xmlbase/</title>
<author fullname="Jonathan" initials="J" role="editor"
surname="Marsh">
<organization></organization>
</author>
<author fullname="Richard" initials="R" role="editor"
surname="Tobin">
<organization></organization>
<address>
<postal>
<street></street>
<city></city>
<region></region>
<code></code>
<country></country>
</postal>
<phone></phone>
<facsimile></facsimile>
<email></email>
<uri></uri>
</address>
</author>
<date day="28" month="January" year="2009" />
</front>
</reference>
</references>
<section title="Relationship to the CDNI Requirements">
<t>Section 6 of <xref target="I-D.ietf-cdni-requirements"></xref> lists
the requirements for the CDNI Metadata Distribution interface. This
section outlines which of those requirements are met by the CDNI
Metadata interface specified in this document.</t>
<t>All metadata requirements are met either directly or indirectly by
the CDNI Metadata Interface described in this document. The following
paragraphs describe notable exceptions.</t>
<t>Requirements related to pre-positioning of metadata are not met
directly by this document. Triggering metadata pre-positioning is beyond
the scope of the CDNI Metadata interface. However, the interface as
described by this document supports pulling metadata on-demand for the
purpose of pre-positioning.</t>
<t>Requirement META-13 relating to feedback from the downstream CDN to
the upstream CDN with respect to metadata is not directly supported by
the pull-based interface described in this document. As an alternative,
the downstream CDN may use the CDNI Logging interface to convey error
conditions related to metadata.</t>
<t>Requirement META-18 relating to surrogate cache behavior parameters
is supported via extensibility. However, the example parameters in
META-18 are not described in this document.</t>
</section>
</back>
</rfc>
| PAFTECH AB 2003-2026 | 2026-04-24 02:44:40 |