<?xml version="1.0" encoding="US-ASCII"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd">
<?rfc toc="yes"?>
<?rfc tocompact="yes"?>
<?rfc tocdepth="4"?>
<?rfc tocindent="yes"?>
<?rfc symrefs="yes"?>
<?rfc sortrefs="yes"?>
<?rfc comments="yes"?>
<?rfc inline="yes"?>
<?rfc compact="yes"?>
<rfc category="std" docName="draft-ietf-cdni-metadata-09" ipr="trust200902">
  <front>
    <title abbrev="CDN Interconnection Metadata">CDN Interconnection
    Metadata</title>

    <author fullname="Ben Niven-Jenkins" initials="B" surname="Niven-Jenkins">
      <organization>Velocix (Alcatel-Lucent)</organization>

      <address>
        <postal>
          <street>3 Ely Road</street>

          <city>Milton</city>

          <region>Cambridge</region>

          <code>CB24 6AA</code>

          <country>UK</country>
        </postal>

        <email>ben@velocix.com</email>
      </address>
    </author>

    <author fullname="Rob Murray" initials="R" surname="Murray">
      <organization>Velocix (Alcatel-Lucent)</organization>

      <address>
        <postal>
          <street>3 Ely Road</street>

          <city>Milton</city>

          <region>Cambridge</region>

          <code>CB24 6AA</code>

          <country>UK</country>
        </postal>

        <email>rmurray@velocix.com</email>
      </address>
    </author>

    <author fullname="Matt Caulfield" initials="M" surname="Caulfield">
      <organization>Cisco Systems</organization>

      <address>
        <postal>
          <street>1414 Massachusetts Avenue</street>

          <city>Boxborough</city>

          <region>MA</region>

          <code>01719</code>

          <country>USA</country>
        </postal>

        <phone>+1 978 936 9307</phone>

        <email>mcaulfie@cisco.com</email>
      </address>
    </author>

    <author fullname="Kevin J. Ma" initials="K.J." surname="Ma">
      <organization>Ericsson</organization>

      <address>
        <postal>
          <street>43 Nagog Park</street>

          <city>Acton</city>

          <region>MA</region>

          <code>01720</code>

          <country>USA</country>
        </postal>

        <phone>+1 978-844-5100</phone>

        <email>kevin.j.ma@ericsson.com</email>
      </address>
    </author>

    <date/>

    <abstract>
      <t>The CDNI Metadata interface enables interconnected CDNs to exchange
      content distribution metadata in order to enable content acquisition and
      delivery. The CDNI metadata associated with a piece of content provides
      a downstream CDN with sufficient information for the downstream CDN to
      service content requests on behalf of an upstream CDN. This document
      describes both a base set of CDNI metadata and the protocol for
      exchanging that metadata.</t>
    </abstract>

    <note title="Requirements Language">
      <t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
      "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
      document are to be interpreted as described in <xref
      target="RFC2119">RFC 2119</xref>.</t>
    </note>
  </front>

  <middle>
    <section title="Introduction">
      <t>Content Delivery Networks Interconnection (CDNI) (<xref
      target="RFC6707"/>) enables a downstream CDN to service content requests
      on behalf of an upstream CDN.</t>

      <t>The CDNI Metadata interface is discussed in <xref target="RFC7336"/>
      along with four other interfaces that may be used to compose a CDNI
      solution (CDNI Control interface, CDNI Request Routing Redirection
      interface, CDNI Footprint &amp; Capabilities Advertisement interface and
      CDNI Logging interface). <xref target="RFC7336"/> describes each
      interface, and the relationships between them. The requirements for the
      CDNI metadata interface are specified in <xref target="RFC7337"/>.</t>

      <t>The CDNI metadata associated with a piece of content (or with a set
      of content) provides a downstream CDN with sufficient information for
      servicing content requests on behalf of an upstream CDN in accordance
      with the policies defined by the upstream CDN.</t>

      <t>This document focuses on the CDNI Metadata interface which enables a
      downstream CDN to obtain CDNI Metadata from an upstream CDN so that the
      downstream CDN can properly process and respond to:</t>

      <t><list style="symbols">
          <t>Redirection requests received over the CDNI Request Routing
          Redirection interface.</t>

          <t>Content requests received directly from User Agents.</t>
        </list></t>

      <t>Specifically, this document specifies:</t>

      <t><list style="symbols">
          <t>A data structure for mapping content requests and redirection
          requests to CDNI Metadata objects (<xref target="data-model"/> and
          <xref target="structural-objects"/>).</t>

          <t>An initial set of CDNI Generic Metadata objects (<xref
          target="property-objects"/>).</t>

          <t>A RESTful web service for the transfer of CDNI Metadata (<xref
          target="metadata-interface"/>).</t>
        </list></t>

      <section anchor="terminology" title="Terminology">
        <t>This document reuses the terminology defined in <xref
        target="RFC6707"/>.</t>

        <t>Additionally, the following terms are used throughout this document
        and are defined as follows:<list style="symbols">
            <t>Object - a collection of properties.</t>

            <t>Property - a key and value pair where the key is a property
            name and the value is the property value or an object.</t>
          </list></t>
      </section>

      <section title="Supported Metadata Capabilities">
        <t>Only the metadata for a small set of initial capabilities is
        specified in this document. This set provides the minimum amount of
        metadata for basic CDN interoperability while still meeting the
        requirements set forth by <xref target="RFC7337"/>.</t>

        <t>The following high-level functionality is configured via the
        metadata described in <xref
        target="abstract-metadata-description"/>:</t>

        <t><list style="symbols">
            <t>Acquisition Source: Metadata for allowing a dCDN to fetch
            content from a uCDN.</t>

            <t>Delivery Access Control: Metadata for restricting (or
            permitting) access to content based on any of the following
            factors:<list style="symbols">
                <t>Location</t>

                <t>Time Window</t>

                <t>Delivery Protocol</t>
              </list></t>
          </list><list style="symbols">
            <t>Delivery Authorization: Metadata for authorizing dCDN user
            agent requests.</t>

            <t>Cache Control: Metadata for controlling cache behavior of the
            dCDN.</t>
          </list></t>

        <t>The metadata encoding described by this document is extensible in
        order to allow for future additions to this list.</t>

        <t>The set of metadata specified in this document, covering the
        initial capabilities above, is only able to support CDN
        interconnection for the delivery of content by a dCDN using HTTPv1.1
        and for a dCDN to be able to acquire content from a uCDN using either
        HTTPv1.1 or HTTPv1.1 over TLS.</t>

        <t>Supporting CDN interconnection for the delivery of content using
        unencrypted HTTPv2.0 (as well as for a dCDN to acquire content using
        unencrypted HTTPv2.0 or HTTPv2.0 over TLS) requires the registration
        of these protocol names in the CDNI Metadata Protocol Registry.</t>

        <t>Supporting CDN interconnection for the delivery of content using
        HTTPv1.1 over TLS or HTTPv2.0 over TLS requires specifying additional
        metadata objects to carry the properties required to establish a TLS
        session, for example metadata to describe the certificate to use as
        part of the TLS handshake.</t>
      </section>
    </section>

    <section title="Design Principles">
      <t>The CDNI Metadata interface was designed to achieve the following
      objectives:</t>

      <t><list style="numbers">
          <t>Cacheability of CDNI metadata objects.</t>

          <t>Deterministic mapping from redirection requests and content
          requests to CDNI metadata properties.</t>

          <t>Support for DNS redirection as well as application-specific
          redirection (for example HTTP redirection).</t>

          <t>Minimal duplication of CDNI metadata.</t>

          <t>Leveraging of existing protocols.</t>
        </list></t>

      <t>Cacheability improves the latency of acquiring metadata while
      maintaining its freshness, and therefore improves the latency of serving
      content requests and redirection requests, without sacrificing accuracy.
      The CDNI Metadata interface uses HTTP and its existing caching
      mechanisms to achieve CDNI metadata cacheability.</t>

      <t>Deterministic mappings from content to metadata properties eliminates
      ambiguity and ensures that policies are applied consistently by all
      downstream CDNs.</t>

      <t>Support for both HTTP and DNS redirection ensures that the CDNI
      Metadata interface can be used for HTTP and DNS redirection and also
      meets the same design principles for both HTTP and DNS based redirection
      schemes.</t>

      <t>Minimal duplication of CDNI metadata provides space efficiency on
      storage in the CDNs, on caches in the network, and across the network
      between CDNs.</t>

      <t>Leveraging existing protocols avoids reinventing common mechanisms
      such as data structure encoding (e.g., JSON) and data transport (e.g.,
      HTTP).</t>
    </section>

    <section anchor="data-model" title="CDNI Metadata model">
      <t>The CDNI Metadata model describes a data structure for mapping
      redirection requests and content requests to metadata properties.
      Metadata properties describe how to acquire content from an upstream
      CDN, authorize access to content, and deliver content from a downstream
      CDN. The data model relies on the assumption that these metadata
      properties may be aggregated based on the hostname of the content and
      subsequently on the resource path of the content. The data model
      associates a set of CDNI Metadata properties with a Hostname to form a
      default set of metadata properties for content delivered on behalf of
      that Hostname. That default set of metadata properties can be overridden
      by properties that apply to specific paths within a URI.</t>

      <t>Different Hostnames and URI paths will be associated with different
      sets of CDNI Metadata properties in order to describe the required
      behaviour when a dCDN surrogate is processing User Agent requests for
      content at that Hostname or URI path. As a result of this structure,
      significant commonality may exist between the CDNI Metadata properties
      specified for different Hostnames, different URI paths within a Hostname
      and different URI paths on different Hostnames. For example the
      definition of which User Agent IP addresses should be treated as being
      grouped together into a single network or geographic location is likely
      to be common for a number of different Hostnames. Another example is
      that although a uCDN is likely to have several different policies
      configured to express geo-blocking rules, it is likely that a single
      geo-blocking policy would be applied to multiple Hostnames delivered
      through the CDN.</t>

      <t>In order to enable the CDNI Metadata for a given Hostname or URI Path
      to be decomposed into sets of CDNI Metadata properties that can be
      reused by multiple Hostnames and URI Paths, the CDNI Metadata interface
      specified in this document splits the CDNI Metadata into a number of
      objects. Efficiency is improved by enabling a single CDNI Metadata
      object (that is shared across Hostname and/or URI paths) to be retrieved
      and stored by a dCDN once, even if it is referenced by the CDNI Metadata
      of multiple Hostnames or of multiple URI paths.</t>

      <t><xref target="hostindex-intro"/> introduces a high level description
      of the HostIndex, HostMatch, HostMetadata, PathMatch, PatternMatch and
      PathMetadata objects and describes the relationships between those
      objects.</t>

      <t><xref target="other-objects-intro"/> introduces a high level
      description of the CDNI GenericMetadata object which represents the
      level at which CDNI Metadata override occurs between HostMetadata and
      PathMetadata objects.</t>

      <t><xref target="abstract-metadata-description"/> describes in detail
      the specific CDNI Metadata objects and properties which may be contained
      within a CDNI GenericMetadata object.</t>

      <section anchor="hostindex-intro"
               title="HostIndex, HostMatch, HostMetadata, PathMatch, PatternMatch and PathMetadata objects">
        <t>A HostIndex object contains (or references) a list of Hostnames
        (and/or IP addresses) for which content requests may be delegated to
        the downstream CDN. The HostIndex is the starting point for accessing
        the uCDN CDNI Metadata data store. It enables the dCDN to
        deterministically discover, on receipt of a User Agent request for
        content, which other CDNI Metadata objects it requires in order to
        deliver the requested content.</t>

        <t>The HostIndex links Hostnames (and/or IP addresses) to HostMetadata
        objects via HostMatch objects. HostMetadata objects contain (or
        reference) the default CDNI Metadata required to serve content for
        that host. When looking up CDNI Metadata, the downstream CDN looks up
        the requested Hostname (or IP address) against the HostMatch entries
        in the HostIndex, from there it can find HostMetadata which describes
        properties for a host and PathMetadata which may override those
        properties for given URI paths within the host.</t>

        <t>HostMetadata and PathMetadata objects may also contain PathMatch
        objects which in turn contain PathMetadata objects. PathMetadata
        objects override the CDNI Metadata in the HostMetadata object or one
        or more preceding PathMetadata objects with more specific CDNI
        Metadata that applies to content requests matching the pattern defined
        in the PatternMatch object of that PathMatch object.</t>

        <t>For the purposes of retrieving CDNI Metadata, all other required
        CDNI Metadata objects and their properties are discoverable from the
        appropriate HostMetadata, PathMatch and PathMetadata objects for the
        requested content.</t>

        <t>The relationships between the HostIndex, HostMatch, HostMetadata,
        PathMatch, PatternMatch and PathMetadata objects are described in
        <xref target="metadata-model-figure-top"/>.</t>

        <figure anchor="metadata-model-figure-top"
                title="Relationships between CDNI Metadata Objects (Diagram Representation)">
          <artwork><![CDATA[
+---------+      +---------+      +------------+
|HostIndex+-(*)->|HostMatch+-(1)->|HostMetadata+-------(*)------+
+---------+      +---------+      +------+-----+                |
                                         |                      |
                                        (*)                     |
                                         |                      V
--> Contains or References               V         ******************
(1) One and only one                +---------+    *Generic Metadata*
(*) Zero or more               +--->|PathMatch|    *     Objects    *
                               |    +----+---++    ******************
                               |         |   |                  ^
                              (*)       (1) (1) +------------+  |
                               |         |   +->|PatternMatch|  |
                               |         V      +------------+  |
                               |  +------------+                |
                               +--+PathMetadata+-------(*)------+
                                  +------------+
]]></artwork>
        </figure>

        <t>The relationships in <xref target="metadata-model-figure-top"/> are
        also represented in tabular format in <xref
        target="metadata-model-table"/> below.</t>

        <texttable anchor="metadata-model-table"
                   title="Relationships between CDNI Metadata Objects (Table Representation)">
          <ttcol>Data Object</ttcol>

          <ttcol>Objects it contains or references</ttcol>

          <c>HostIndex</c>

          <c>0 or more HostMatch objects.</c>

          <c>HostMatch</c>

          <c>1 HostMetadata object.</c>

          <c>HostMetadata</c>

          <c>0 or more PathMatch objects. 0 or more GenericMetadata
          objects.</c>

          <c>PathMatch</c>

          <c>1 PatternMatch object. 1 PathMetadata object.</c>

          <c>PatternMatch</c>

          <c>Does not contain or reference any other objects.</c>

          <c>PathMetadata</c>

          <c>0 or more PathMatch objects. 0 or more GenericMetadata
          objects.</c>
        </texttable>

        <t>The table below describes the HostIndex, HostMatch, HostMetadata,
        PathMatch, PatternMatch and PathMetadata objects in more detail.</t>

        <texttable anchor="hostindex-objects-table"
                   title="HostIndex, HostMatch, HostMetadata, PathMatch, PatternMatch and PathMetadata CDNI Metadata Objects">
          <ttcol>Data Object</ttcol>

          <ttcol>Description</ttcol>

          <c>HostIndex</c>

          <c>A HostIndex object lists HostMatch objects</c>

          <c>HostMatch</c>

          <c>A HostMatch object defines a hostname (or IP address) to match
          against a requested host, and contains (or references) a
          HostMetadata object which contains (or references) CDNI Metadata
          objects to be applied when a request matches against the hostname.
          For example, if "example.com" is a content provider, a HostMatch
          object may include an entry for "example.com" with the URI of the
          associated HostMetadata object.</c>

          <c>HostMetadata</c>

          <c>A HostMetadata object contains (or references) the default CDNI
          Metadata objects for content served from that host, i.e., the CDNI
          Metadata objects for content requests that do not match any of the
          PathMatch objects contained (or referenced) by that HostMetadata
          object. For example, a HostMetadata object may describe the metadata
          properties which apply to "example.com" and may contain PathMatches
          for "example.com/movies/*" and "example.com/music/*" which in turn
          reference corresponding PathMetadata objects that contain the CDNI
          Metadata objects for those more specific URI paths.</c>

          <c>PathMatch</c>

          <c>A PathMatch object defines a pattern (inside a PatternMatch
          object which the PathMatch object contains or references) to match
          against the requested URI path, and contains (or references) a
          PathMetadata object which contains (or references) the CDNI Metadata
          objects to be applied when a content request matches against the
          defined URI path pattern. For example, a PathMatch object may
          include a PatternMatch object containing a pattern for the path
          "/movies/*" and may reference a PathMetadata object which contains
          (or references) the CDNI Metadata for content with that path.</c>

          <c>PatternMatch</c>

          <c>A PatternMatch object contains the pattern string and flags that
          describe the URI path that a PathMatch applies to.</c>

          <c>PathMetadata</c>

          <c>A PathMetadata object contains (or references) the CDNI
          GenericMetadata objects for content served with the associated URI
          path (defined in a PathMatch object). A PathMetadata object may also
          contain (or reference) PathMatch objects in order to recursively
          define more specific URI paths that require different (e.g., more
          specific) CDNI Metadata to this one. For example, the PathMetadata
          object which applies to "example.com/movies/*" may describe CDNI
          Metadata which apply to that URI path and may contain a PathMatch
          object for "example.com/movies/hd/*" which would reference the
          corresponding PathMetadata object for the "example.com/movies/hd/"
          path prefix.</c>

          <c>GenericMetadata</c>

          <c>A GenericMetadata object contains (or references) individual CDNI
          Metadata objects which define the specific policies and attributes
          needed to properly deliver the associated content. For example, a
          GenericMetadata object may describe the source from which a CDN may
          acquire a piece of content. The GenericMetadata object is an atomic
          unit that may be referenced by HostMetadata and/or PathMetadata
          objects, but SHOULD NOT contain references to other CDNI Metadata
          objects. The member objects of a specific CDNI Metadata object MAY
          be referenced by the GenericMetadata object.</c>
        </texttable>

        <t/>
      </section>

      <section anchor="other-objects-intro"
               title="Generic CDNI Metadata Object Properties">
        <t>The HostMetadata and PathMetadata objects contain or can reference
        other CDNI Metadata objects that contain properties which describe how
        User Agent requests for content should be processed, for example where
        to acquire the content, authorization rules that should be applied,
        delivery location restrictions and so on. Each such CDNI Metadata
        object is a specialization of a CDNI GenericMetadata object. The
        GenericMetadata object abstracts the basic information required for
        Metadata override and Metadata distribution, from the specifics of any
        given property (e.g., property semantics, enforcement options,
        etc.).</t>

        <t>The GenericMetadata object defines the type of properties contained
        within it as well as whether or not the properties are
        "mandatory-to-enforce". If the dCDN does not understand or support the
        property type and the property type is "mandatory-to-enforce", the
        dCDN MUST NOT serve the content to the User Agent. If the dCDN does
        not understand or support the property type and the property type is
        not "mandatory-to-enforce", then that GenericMetadata object may be
        safely ignored and the dCDN MUST process the content request in
        accordance with the rest of the CDNI metadata.</t>

        <t>Although a CDN MUST NOT serve content to a User Agent if a
        "mandatory-to-enforce" property cannot be enforced, it may be
        "safe-to-redistribute" that metadata to another CDN without
        modification. For example, in the cascaded CDN case, a transit CDN may
        pass through "mandatory-to-enforce" metadata to a downstream CDN. For
        Metadata which does not require customization or translation (i.e.,
        metadata that is "safe-to-redistribute"), the data representation
        received off the wire MAY be stored and redistributed without being
        natively understood or supported by the transit CDN. However, for
        Metadata which requires translation, transparent redistribution of the
        uCDN Metadata values might not be appropriate. Certain Metadata may be
        safely, though possibly not optimally, redistributed unmodified. For
        example, source acquisition address may not be optimal if
        transparently redistributed, but might still work.</t>

        <t>Redistribution safety MUST be specified for each GenericMetadata.
        If a CDN does not understand or support a given GenericMetadata
        property type and the property type is not "safe-to-redistribute",
        before redistributing the metadata, the CDN MUST set the
        "incomprehensible" flag for the GenericMetadata property that it did
        not understand and was marked as not "safe-to-redistribute". The
        "incomprehensible" flag signals to a dCDN that the metadata was not
        properly transformed by the transit CDN. A CDN MUST NOT attempt to use
        metadata that has been marked as "incomprehensible" by a uCDN.</t>

        <t>Transit CDNs MUST NOT change the value of "mandatory-to-enforce" or
        "safe-to-redistribute" when propagating metadata to a dCDN. Although a
        transit CDN may set the value of "incomprehensible" to true, a transit
        CDN MUST NOT change the value of "incomprehensible" from true to
        false.</t>

        <t>The following table describes the action to be taken by a transit
        CDN (tCDN) for the different "mandatory-to-enforce" (MtE) and
        "safe-to-redistribute" (StR) cases, when the tCDN either does or does
        not understand the metadata in question:</t>

        <texttable>
          <ttcol>MtE</ttcol>

          <ttcol>StR</ttcol>

          <ttcol>Metadata Understood</ttcol>

          <ttcol>Actions</ttcol>

          <c>False</c>

          <c>True</c>

          <c>True</c>

          <c>Can serve and redistribute.</c>

          <c>False</c>

          <c>True</c>

          <c>False</c>

          <c>Can serve and redistribute.</c>

          <c>False</c>

          <c>False</c>

          <c>False</c>

          <c>Can serve. MUST set "incomprehensible" to True when
          redistributing.</c>

          <c>False</c>

          <c>False</c>

          <c>True</c>

          <c>Can serve. Can redistribute either by transforming not StR
          metadata (if the CDN knows how to do so safely), otherwise MUST set
          "incomprehensible" to True when redistributing.</c>

          <c>True</c>

          <c>True</c>

          <c>True</c>

          <c>Can serve and redistribute.</c>

          <c>True</c>

          <c>True</c>

          <c>False</c>

          <c>MUST NOT serve but can redistribute.</c>

          <c>True</c>

          <c>False</c>

          <c>True</c>

          <c>Can serve and redistribute.</c>

          <c>True</c>

          <c>False</c>

          <c>False</c>

          <c>MUST NOT serve. MUST set "incomprehensible" to True when
          redistributing.</c>
        </texttable>

        <t>The following table describes the action to be taken by a dCDN for
        the different "mandatory-to-enforce" (MtE) and "incomprehensible"
        (Incomp) cases, when the dCDN either does or does not understand the
        metadata in question:</t>

        <texttable>
          <ttcol>MtE</ttcol>

          <ttcol>Metadata Understood</ttcol>

          <ttcol>Incomp</ttcol>

          <ttcol>Actions</ttcol>

          <c>False</c>

          <c>True</c>

          <c>False</c>

          <c>Can serve.</c>

          <c>False</c>

          <c>True</c>

          <c>True</c>

          <c>Can serve but MUST NOT interpret/apply any metadata marked
          incomprehensible.</c>

          <c>False</c>

          <c>False</c>

          <c>False</c>

          <c>Can serve.</c>

          <c>False</c>

          <c>False</c>

          <c>True</c>

          <c>Can serve but MUST NOT interpret/apply any metadata marked
          incomprehensible.</c>

          <c>True</c>

          <c>True</c>

          <c>False</c>

          <c>Can serve.</c>

          <c>True</c>

          <c>True</c>

          <c>True</c>

          <c>MUST NOT serve.</c>

          <c>True</c>

          <c>False</c>

          <c>False</c>

          <c>MUST NOT serve.</c>

          <c>True</c>

          <c>False</c>

          <c>True</c>

          <c>MUST NOT serve.</c>
        </texttable>

        <t/>
      </section>

      <section anchor="metadata-inheritance"
               title="Metadata Inheritance and Override">
        <t>In the Metadata model, a HostMetadata object may contain (or
        reference) multiple PathMetadata objects (via PathMatch objects). Each
        PathMetadata object may in turn contain (or reference) other
        PathMetadata objects. HostMetadata and PathMetadata objects form an
        inheritance tree where each node in the tree inherits or overrides the
        property values set by its parent.</t>

        <t>GenericMetadata objects of a given type override all
        GenericMetadata objects of the same type previously defined by any
        parent object in the tree. GenericMetadata objects of a given type
        previously defined by a parent object in the tree are inherited when
        no object of the same type is defined by the child object. For
        example, if HostMetadata for the host "example.com" contains
        GenericMetadata objects of type LocationACL and TimeWindowACL, while a
        PathMetadata object which applies to "example.com/movies/*" defines an
        alternate GenericMetadata object of type TimeWindowACL, then: <list
            style="symbols">
            <t>the TimeWindowACL defined in the PathMetadata would override
            the TimeWindowACL defined in the HostMetadata for all User Agent
            requests for content under "example.com/movies/", and</t>

            <t>the LocationACL defined in the HostMetadata would be inherited
            for all User Agent requests for content under
            "example.com/movies/".</t>

            <t>A single HostMetadata or PathMetadata object SHOULD NOT contain
            multiple GenericMetadata objects of the same type. If a list of
            GenericMetadata contains objects of duplicate types, the receiver
            MUST ignore all but the first object of each type.</t>
          </list></t>

        <t/>
      </section>
    </section>

    <section anchor="abstract-metadata-description"
             title="Encoding-Independent CDNI Metadata Object Descriptions">
      <t><xref target="structural-objects"/> provides the definitions of each
      metadata object type declared in <xref target="data-model"/>. These
      metadata objects are described as structural objects as they provide the
      structure for the inheritance tree and identify which specific
      properties apply to a given User Agent content request.</t>

      <t><xref target="property-objects"/> provides the definitions for a base
      set of core metadata objects which may be contained within a
      GenericMetadata object. These metadata objects are described as property
      objects, as they define the structure, semantics, and enforcement
      options for specific properties of the metadata being described.
      Property objects govern how User Agent requests for content are handled.
      Property objects may be composed of, or contain references to, other
      property sub-objects (i.e., property objects contained within or
      referenced by the property object that refers to that property
      sub-object). In those cases the value of the property sub-objects can be
      either a complete serialized representation of the sub-object, or a Link
      object that contains a URI that can be dereferenced to retrieve the
      complete serialized representation of the property sub-object.</t>

      <t><xref target="extensibility"/> discusses the ability to extend the
      base set of metadata objects specified in this document with additional
      standards based or vendor specific property objects that may be defined
      in the future in separate documents.</t>

      <t>Downstream CDNs MUST support parsing of all CDNI metadata objects
      specified in this document. A dCDN does not have to implement the
      underlying functionality represented by the metadata object, though that
      may restrict the content that a given dCDN can serve. uCDNs as
      generators of CDNI Metadata only need to support generating the CDNI
      metadata that they need in order to express the policies and treatment
      required by the content they are describing.</t>

      <t>Note: In the following sections, the term "mandatory-to-specify" is
      used to convey which property sub-objects MUST be specified for a given
      structural or property object. When mandatory-to-specify is specified as
      "Yes" by this document for an individual property or sub-object, it
      means that if the property object containing that property or sub-object
      is included in a metadata response, then the mandatory-to-specify
      property or sub-object MUST also be included (directly or by reference)
      in the response, e.g., a HostMatch property object without a host to
      match against does not make sense, therefore, the host is
      mandatory-to-specify inside a HostMatch property object.</t>

      <section anchor="structural-objects"
               title="Descriptions of the CDNI Structural Metadata Objects">
        <t>Each of the sub-sections below describe the structural objects
        defined in <xref target="hostindex-objects-table"/>.</t>

        <section anchor="HostIndex" title="HostIndex">
          <t>The HostIndex object is the entry point into the CDNI Metadata
          hierarchy. It contains (or references) a list of HostMatch objects.
          An incoming content request is checked against the hostname (or IP
          address) specified by each of the listed HostMatch objects to find
          the HostMatch object which applies to the request.</t>

          <t><list style="empty">
              <t>Property: hosts<list style="empty">
                  <t>Description: List of HostMatch objects. Hosts (HostMatch
                  objects) MUST be evaluated in the order they appear and the
                  first HostMatch object that matches the content request
                  being processed MUST be used.</t>

                  <t>Type: List of HostMatch objects</t>

                  <t>Mandatory-to-Specify: Yes.</t>
                </list></t>
            </list></t>
        </section>

        <section anchor="HostMatch" title="HostMatch">
          <t>The HostMatch object contains a hostname or IP address to match
          against content requests. The HostMatch object also contains or
          references a HostMetadata object to apply if a match is found.</t>

          <t><list style="empty">
              <t>Property: host<list style="empty">
                  <t>Description: String (hostname or IP address) to match
                  against the requested host. In order for a hostname or IP
                  address in a content request to match the hostname or IP
                  address in the host property the value when converted to
                  lowercase in the content request MUST be identical to the
                  value of the host property when converted to lowercase.</t>

                  <t>Type: String</t>

                  <t>Mandatory-to-Specify: Yes.</t>
                </list></t>
            </list> <list style="empty">
              <t>Property: host-metadata<list style="empty">
                  <t>Description: CDNI Metadata to apply when delivering
                  content that matches this host.</t>

                  <t>Type: HostMetadata</t>

                  <t>Mandatory-to-Specify: Yes.</t>
                </list></t>
            </list></t>
        </section>

        <section anchor="HostMetadata" title="HostMetadata">
          <t>A HostMetadata object contains (or references) the CDNI Metadata
          properties for content served for a particular host (defined in the
          HostMatch object) and possibly child PathMatch objects.</t>

          <t><list style="empty">
              <t>Property: metadata<list style="empty">
                  <t>Description: List of host related metadata.</t>

                  <t>Type: List of GenericMetadata objects</t>

                  <t>Mandatory-to-Specify: Yes.</t>
                </list></t>
            </list> <list style="empty">
              <t>Property: paths<list style="empty">
                  <t>Description: Path specific rules. Path patterns
                  (PathMatch objects) MUST be evaluated in the order they
                  appear and the first PathMatch object that matches the
                  content request being processed MUST be used.</t>

                  <t>Type: List of PathMatch objects</t>

                  <t>Mandatory-to-Specify: No.</t>
                </list></t>
            </list></t>
        </section>

        <section anchor="PathMatch" title="PathMatch">
          <t>The PathMatch object contains (or references) an expression given
          as a PatternMatch object to match against a resource URI path and
          contains or references a PathMetadata object to apply if a match is
          found.</t>

          <t><list style="empty">
              <t>Property: path-pattern<list style="empty">
                  <t>Description: Pattern to match against the requested path,
                  i.e., against the <xref target="RFC3986"/>
                  path-absolute.</t>

                  <t>Type: PatternMatch</t>

                  <t>Mandatory-to-Specify: Yes.</t>
                </list></t>
            </list> <list style="empty">
              <t>Property: path-metadata<list style="empty">
                  <t>Description: CDNI Metadata to apply when delivering
                  content that matches this path.</t>

                  <t>Type: PathMetadata</t>

                  <t>Mandatory-to-Specify: Yes.</t>
                </list></t>
            </list></t>
        </section>

        <section title="PatternMatch">
          <t>A PatternMatch object contains the pattern string and flags that
          describe the PathMatch expression.</t>

          <t><list style="empty">
              <t>Property: pattern<list style="empty">
                  <t>Description: A pattern for string matching. The pattern
                  may contain the wildcards * and ?, where * matches any
                  sequence of characters (including the empty string) and ?
                  matches exactly one character. The three literals \ , * and
                  ? should be escaped as \\, \* and \?. All other characters
                  are treated as literals.</t>

                  <t>Type: String</t>

                  <t>Mandatory-to-Specify: Yes.</t>
                </list></t>
            </list> <list style="empty">
              <t>Property: case-sensitive<list style="empty">
                  <t>Description: Flag indicating whether or not
                  case-sensitive matching should be used.</t>

                  <t>Type: Boolean</t>

                  <t>Mandatory-to-Specify: No. Default is case-insensitive
                  match.</t>
                </list></t>
            </list> <list style="empty">
              <t>Property: ignore-query-string<list style="empty">
                  <t>Description: List of query parameters which should be
                  ignored when searching for a pattern match. Matching against
                  query parameters to ignore MUST be case-insensitive. If all
                  query parameters should be ignored then the list MUST be
                  empty.</t>

                  <t>Type: List of String</t>

                  <t>Mandatory-to-Specify: No. Default is to include query
                  strings when matching.</t>
                </list></t>
            </list></t>
        </section>

        <section anchor="PathMetadata" title="PathMetadata">
          <t>A PathMetadata object contains (or references) the CDNI Metadata
          properties for content served with the associated URI path (defined
          in a PathMatch object) and possibly child PathMatch objects.</t>

          <t>Note that if DNS-based redirection is employed, then a dCDN will
          be unable to evaulate any metadata at the PathMetadata level or
          below against the content redirection request at request routing
          time because only the content request hostname is available at
          request routing time. dCDNs SHOULD still process any metadata at the
          PathMetadata level or below before responding to the redirection
          request in order to detect if any unsupported metadata is specifed.
          If any metadata is included that is not supported by the dCDN then
          the dCDN SHOULD NOT redirect the the content redirection request to
          itself in order to avoid receiving content requests that it is not
          able to satisfy/serve.</t>

          <t><list style="empty">
              <t>Property: metadata<list style="empty">
                  <t>Description: List of path related metadata.</t>

                  <t>Type: List of GenericMetadata objects</t>

                  <t>Mandatory-to-Specify: Yes.</t>
                </list></t>
            </list> <list style="empty">
              <t>Property: paths<list style="empty">
                  <t>Description: Path specific rules. First match
                  applies.</t>

                  <t>Type: List of PathMatch objects</t>

                  <t>Mandatory-to-Specify: No.</t>
                </list></t>
            </list></t>
        </section>

        <section anchor="generic-metadata" title="GenericMetadata">
          <t>A GenericMetadata object is an abstraction for managing
          individual CDNI Metadata properties in an opaque manner.</t>

          <t><list style="empty">
              <t>Property: generic-metadata-type<list style="empty">
                  <t>Description: Case-insensitive CDNI Metadata property
                  object type.</t>

                  <t>Type: String containing a MIME Media Type</t>

                  <t>Mandatory-to-Specify: Yes.</t>
                </list></t>
            </list> <list style="empty">
              <t>Property: generic-metadata-value<list style="empty">
                  <t>Description: CDNI Metadata property object.</t>

                  <t>Type: Format/Type is defined by the value of
                  generic-metadata-type property above.</t>

                  <t>Mandatory-to-Specify: Yes.</t>
                </list></t>
            </list> <list style="empty">
              <t>Property: mandatory-to-enforce<list style="empty">
                  <t>Description: Flag identifying whether or not the
                  enforcement of the property Metadata is required.</t>

                  <t>Type: Boolean</t>

                  <t>Mandatory-to-Specify: No. Default is to treat metadata as
                  mandatory to enforce (i.e., a value of True).</t>
                </list></t>
            </list> <list style="empty">
              <t>Property: safe-to-redistribute<list style="empty">
                  <t>Description: Flag identifying whether or not the property
                  Metadata may be safely redistributed without
                  modification.</t>

                  <t>Type: Boolean</t>

                  <t>Mandatory-to-Specify: No. Default is allow transparent
                  redistribution (i.e., a value of True).</t>
                </list></t>
            </list> <list style="empty">
              <t>Property: incomprehensible<list style="empty">
                  <t>Description: Flag identifying whether or not any CDN in
                  the chain of delegation has failed to understand and/or
                  failed to properly transform this metadata object. Note:
                  This flag only applies to metadata objects whose
                  safe-to-redistribute property has a value of False.</t>

                  <t>Type: Boolean</t>

                  <t>Mandatory-to-Specify: No. Default is comprehensible
                  (i.e., a value of False).</t>
                </list></t>
            </list></t>
        </section>
      </section>

      <section anchor="property-objects"
               title="Description of the CDNI Generic Metadata Objects">
        <t>The property objects defined below are intended to be used in the
        GenericMetadata object generic-metadata-value field as defined in
        <xref target="generic-metadata"/> and their generic-metadata-type
        property MUST be set to the appropriate Media Type as defined in <xref
        target="metadata-media-types-table"/>.</t>

        <section anchor="SourceMetadata" title="SourceMetadata">
          <t>Source Metadata provides the dCDN information about content
          acquisition, i.e., how to contact an uCDN Surrogate or an Origin
          Server to obtain the content to be served. The sources are not
          necessarily the actual Origin Servers operated by the CSP but might
          be a set of Surrogates in the uCDN.</t>

          <t/>

          <t>Endpoints within a source should be treated as equivalent/equal
          so one can specify a list of sources in preference order and for
          each source/preference rank one can specify a list of endpoints that
          are equivalent, e.g., a pool of servers that are not behind a load
          balancer.</t>

          <t><list style="empty">
              <t>Property: sources<list style="empty">
                  <t>Description: Sources from which the dCDN can acquire
                  content, listed in order of preference.</t>

                  <t>Type: List of Source objects</t>

                  <t>Mandatory-to-Specify: No. Default is to use static
                  configuration, out-of-band from the metadata interface.</t>
                </list></t>
            </list></t>

          <section anchor="Source" title="Source">
            <t>A Source object describes the Source which should be used by
            the dCDN for content acquisition, e.g., a Surrogate within the
            uCDN or an alternate Origin Server, the protocol to be used and
            any authentication method.</t>

            <t><list style="empty">
                <t>Property: acquisition-auth<list style="empty">
                    <t>Description: Authentication method to use when
                    requesting content from this source.</t>

                    <t>Type: Auth</t>

                    <t>Mandatory-to-Specify: No. Default is no authentication
                    required.</t>
                  </list></t>
              </list> <list style="empty">
                <t>Property: endpoints<list style="empty">
                    <t>Description: Origins from which the dCDN can acquire
                    content. If multiple endpoints are specified they are all
                    equal, i.e., the list is not in preference order, for
                    example a pool of servers behind a load balancer.</t>

                    <t>Type: List of EndPoint objects</t>

                    <t>Mandatory-to-Specify: Yes.</t>
                  </list></t>
              </list> <list style="empty">
                <t>Property: protocol<list style="empty">
                    <t>Description: Network retrieval protocol to use when
                    requesting content from this source.</t>

                    <t>Type: Protocol</t>

                    <t>Mandatory-to-Specify: Yes.</t>
                  </list></t>
              </list></t>
          </section>
        </section>

        <section anchor="LocationACL" title="LocationACL Metadata">
          <t>LocationACL Metadata defines location-based restrictions.</t>

          <t>A LocationACL which does not include a locations property results
          in an action of allow, meaning that delivery can be performed
          regardless of the User Agent's location. The action from the first
          footprint to match against the User Agent's location is the action a
          CDN MUST take. If two or more footprints overlap, the first
          footprint that matches against the User Agent's location determines
          the action a CDN MUST take. If the locations property is included
          but is empty, or if none of the listed footprints matches the User
          Agent's location, then the result is an action of deny.</t>

          <t>Although the LocationACL, TimeWindowACL, and ProtocolACL are
          independent GenericMetadata objects, they may provide conflicting
          information to a dCDN, e.g., a content request which is
          simultaneously allowed based on the LocationACL and denied based on
          the TimeWindowACL. The dCDN MUST use the logical AND of all ACLs
          (where 'allow' is true and 'deny' is false) to determine whether or
          not a request should be allowed. Thus, in the example given, the
          request should be denied.</t>

          <t><list style="empty">
              <t>Property: locations<list style="empty">
                  <t>Description: Access control list which allows or denies
                  (blocks) delivery based on client location.</t>

                  <t>Type: List of LocationRule objects</t>

                  <t>Mandatory-to-Specify: No. Default is allow all
                  locations.</t>
                </list></t>
            </list></t>

          <section anchor="LocationRule" title="LocationRule">
            <t>A LocationRule contains or references a list of Footprint
            objects and the corresponding action.</t>

            <t><list style="empty">
                <t>Property: footprints<list style="empty">
                    <t>Description: List of footprints to which the rule
                    applies.</t>

                    <t>Type: List of Footprint objects</t>

                    <t>Mandatory-to-Specify: Yes.</t>
                  </list></t>
              </list> <list style="empty">
                <t>Property: action<list style="empty">
                    <t>Description: Defines whether the rule specifies
                    locations to allow or deny.</t>

                    <t>Type: Enumeration [allow|deny]</t>

                    <t>Mandatory-to-Specify: No. Default is deny.</t>
                  </list></t>
              </list></t>
          </section>

          <section anchor="Footprint" title="Footprint">
            <t>A Footprint object describes the footprint to which a
            LocationRule may be applied to, e.g., an IPv4 address range or a
            geographic location.</t>

            <t><list style="empty">
                <t>Property: footprint-type<list style="empty">
                    <t>Description: Registered footprint type. The footprint
                    types specified by this document are: IPv4CIDR (see <xref
                    target="IPv4CIDR"/>), IPv6CIDR (see <xref
                    target="IPv6CIDR"/>), Autonomous System Number (see <xref
                    target="ASN"/>) and Country Code (see <xref
                    target="CountryCode"/>).</t>

                    <t>Type: String</t>

                    <t>Mandatory-to-Specify: Yes.</t>
                  </list></t>
              </list> <list style="empty">
                <t>Property: footprint-value<list style="empty">
                    <t>Description: Footprint object conforming to the
                    specification associated with the registered footprint
                    type.</t>

                    <t>Type: String</t>

                    <t>Mandatory-to-Specify: Yes.</t>
                  </list></t>
              </list></t>
          </section>
        </section>

        <section anchor="TimeWindowACL" title="TimeWindowACL Metadata">
          <t>TimeWindowACL Metadata defines time-based restrictions.</t>

          <t>A TimeWindowACL which does not include a times property results
          in an action of allow, meaning that delivery can be performed
          regardless of the time of the User Agent's request. The action from
          the first window to match against the current time is the action a
          CDN MUST take. If two or more windows overlap, the first window that
          matches against the current time determines the action a CDN MUST
          take. If the times property is included but is empty, or if none of
          the listed windows matches the current time, then the result is an
          action of deny.</t>

          <t>Although the LocationACL, TimeWindowACL, and ProtocolACL are
          independent GenericMetadata objects, they may provide conflicting
          information to a dCDN, e.g., a content request which is
          simultaneously allowed based on the LocationACL and denied based on
          the TimeWindowACL. The dCDN MUST use the logical AND of all ACLs
          (where 'allow' is true and 'deny' is false) to determine whether or
          not a request should be allowed. Thus, in the example given, the
          request should be denied.</t>

          <t><list style="empty">
              <t>Property: times<list style="empty">
                  <t>Description: Description: Access control list which
                  allows or denies (blocks) delivery based on request
                  time.</t>

                  <t>Type: List of TimeWindowRule objects</t>

                  <t>Mandatory-to-Specify: No. Default is allow all time
                  windows.</t>
                </list></t>
            </list></t>

          <section anchor="TimeWindowRule" title="TimeWindowRule">
            <t>A TimeWindowRule contains or references a list of TimeWindow
            objects and the corresponding action.</t>

            <t><list style="empty">
                <t>Property: windows<list style="empty">
                    <t>Description: List of time windows to which the rule
                    applies.</t>

                    <t>Type: List of TimeWindow objects</t>

                    <t>Mandatory-to-Specify: Yes.</t>
                  </list></t>
              </list> <list style="empty">
                <t>Property: action<list style="empty">
                    <t>Description: Defines whether the rule specifies time
                    windows to allow or deny.</t>

                    <t>Type: Enumeration [allow|deny]</t>

                    <t>Mandatory-to-Specify: No. Default is deny.</t>
                  </list></t>
              </list></t>
          </section>

          <section anchor="TimeWindow" title="TimeWindow">
            <t>A TimeWindow object describes a time range which may be applied
            by an TimeWindowACL, e.g., start 946717200 (i.e., 09:00AM
            01/01/2000 UTC), end: 946746000 (i.e., 17:00AM 01/01/2000
            UTC).</t>

            <t><list style="empty">
                <t>Property: start<list style="empty">
                    <t>Description: The start time of the window.</t>

                    <t>Type: Time</t>

                    <t>Mandatory-to-Specify: Yes.</t>
                  </list></t>
              </list> <list style="empty">
                <t>Property: end<list style="empty">
                    <t>Description: The end time of the window.</t>

                    <t>Type: Time</t>

                    <t>Mandatory-to-Specify: Yes.</t>
                  </list></t>
              </list></t>
          </section>
        </section>

        <section anchor="ProtocolACL" title="ProtocolACL Metadata">
          <t>ProtocolACL Metadata defines delivery protocol restrictions.</t>

          <t>A ProtocolACL which does not include a protocol-acl property
          results in an action of allow, meaning that delivery can be
          performed regardless of the protocol of the User Agent's request.
          The action from the first protocol to match against the request
          protocol is the action a CDN MUST take. If two or more request
          protocols overlap, the first protocol that matches thre request
          protocol determines the action a CDN MUST take. If the protocol-acl
          property is included but is empty, or if none of the listed protocol
          matches the request protocol, then the result is an action of
          deny.</t>

          <t>Although the LocationACL, TimeWindowACL, and ProtocolACL are
          independent GenericMetadata objects, they may provide conflicting
          information to a dCDN, e.g., a content request which is
          simultaneously allowed based on the ProtocolACL and denied based on
          the TimeWindowACL. The dCDN MUST use the logical AND of all ACLs
          (where 'allow' is true and 'deny' is false) to determine whether or
          not a request should be allowed. Thus, in the example given, the
          request should be denied.</t>

          <t><list style="empty">
              <t>Property: protocol-acl<list style="empty">
                  <t>Description: Description: Access control list which
                  allows or denies (blocks) delivery based on delivery
                  protocol.</t>

                  <t>Type: List of ProtocolRule objects</t>

                  <t>Mandatory-to-Specify: No. Default is allow all
                  protocols.</t>
                </list></t>
            </list></t>

          <section anchor="ProtocolRule" title="ProtocolRule">
            <t>A ProtocolRule contains or references a list of Protocol
            objects. ProtocolRule objects are used to construct a ProtocolACL
            to apply restrictions to content acquisition or delivery.</t>

            <t><list style="empty">
                <t>Property: protocols<list style="empty">
                    <t>Description: List of protocols to which the rule
                    applies.</t>

                    <t>Type: List of protocol objects</t>

                    <t>Mandatory-to-Specify: Yes.</t>
                  </list></t>
              </list> <list style="empty">
                <t>Property: action<list style="empty">
                    <t>Description: Defines whether the rule specifies
                    protocols to allow or deny.</t>

                    <t>Type: Enumeration [allow|deny]</t>

                    <t>Mandatory-to-Specify: No. Default is deny.</t>
                  </list></t>
              </list></t>
          </section>
        </section>

        <section anchor="DeliveryAuthorization"
                 title="DeliveryAuthorization Metadata">
          <t>Delivery Authorization defines authorization methods for the
          delivery of content to User Agents.</t>

          <t><list style="empty">
              <t>Property: delivery-auth-methods<list style="empty">
                  <t>Description: Options for authorizing content requests.
                  Delivery for a content request is authorized if any of the
                  authorization method in the list is satisfied for that
                  request.</t>

                  <t>Type: List of Auth objects</t>

                  <t>Mandatory-to-Specify: No. Default is no authorization
                  required.</t>
                </list></t>
            </list></t>
        </section>

        <section anchor="Cache" title="Cache">
          <t>A Cache object describes the cache control parameters to be
          applied to the content by intermediate caches.</t>

          <t><list style="empty">
              <t>Property: ignore-query-string<list style="empty">
                  <t>Description: Allows a cache to ignore URI query string
                  parameters while comparing URIs for equivalence. Matching
                  against query parameters to ignore MUST be case-insensitive.
                  Each query parameter to ignore is specified in the list. If
                  all query parameters should be ignored, then the list MUST
                  be specified and MUST be empty.</t>

                  <t>Type: List of String</t>

                  <t>Mandatory-to-Specify: No. Default is to consider query
                  string parameters when comparing URIs.</t>
                </list></t>
            </list></t>
        </section>

        <section anchor="Grouping" title="Grouping">
          <t>A Grouping object identifies a large group of content to which a
          given asset belongs.</t>

          <t><list style="empty">
              <t>Property: ccid<list style="empty">
                  <t>Description: Content Collection identifier for an
                  application-specific purpose such as logging.</t>

                  <t>Type: String</t>

                  <t>Mandatory-to-Specify: No. Default is an empty string.</t>
                </list></t>
            </list> <list style="empty">
              <t>Property: sid<list style="empty">
                  <t>Description: Session identifier for an
                  application-specific purpose such as logging.</t>

                  <t>Type: String</t>

                  <t>Mandatory-to-Specify: No. Default is an empty string.</t>
                </list></t>
            </list></t>
        </section>
      </section>

      <section anchor="simple-data-types"
               title="CDNI Metadata Simple Data Type Descriptions">
        <t>This section describes the simple data types that are used for
        properties of CDNI Metadata objects.</t>

        <section anchor="Link" title="Link">
          <t>A link object may be used in place of any of the objects or
          properties described above. Links can be used to avoid duplication
          if the same metadata information is repeated within the metadata
          tree. When a link replaces an object, its href property is set to
          the URI of the resource and its type property is set to the type of
          the object it is replacing.</t>

          <t><list style="empty">
              <t>Property: href<list style="empty">
                  <t>Description: The URI of the addressable object being
                  referenced.</t>

                  <t>Type: URI</t>

                  <t>Mandatory-to-Specify: Yes</t>
                </list></t>
            </list> <list style="empty">
              <t>Property: type<list style="empty">
                  <t>Description: The type of the object being referenced.</t>

                  <t>Type: String</t>

                  <t>Mandatory-to-Specify: No</t>
                </list></t>
            </list></t>
        </section>

        <section anchor="Protocol" title="Protocol">
          <t>Protocol objects are used to specify registered protocols for
          content acquisition or delivery (see <xref
          target="ProtocolReg"/>).</t>

          <t>Type: String</t>
        </section>

        <section title="Endpoint">
          <t>A hostname (with optional port) or an IP address (with optional
          port).</t>

          <t>Note: All implementations MUST support IPv4 addresses encoded as
          specified by the 'IPv4address' rule in Section 3.2.2 of <xref
          target="RFC3986"/> and MUST support all IPv6 address formats
          specified in <xref target="RFC4291"/>. Server implementations SHOULD
          use IPv6 address formats specified in <xref target="RFC5952"/>.</t>

          <t>Type: String</t>
        </section>

        <section title="URI">
          <t>A URI as specified in <xref target="RFC3986"/>.</t>

          <t>Type: String</t>
        </section>

        <section title="Time">
          <t>A time value expressed in seconds since Unix epoch in the UTC
          timezone.</t>

          <t>Type: Integer</t>
        </section>

        <section anchor="Auth" title="Auth">
          <t>An Auth object defines authentication and authorization methods
          to be used during content acquisition and content delivery,
          respectively.</t>

          <t><list style="empty">
              <t>Property: auth-type<list style="empty">
                  <t>Description: Registered Auth type (see <xref
                  target="CredentialAuth"/> and <xref target="AuthReg"/>).</t>

                  <t>Type: String</t>

                  <t>Mandatory-to-Specify: Yes.</t>
                </list></t>
            </list> <list style="empty">
              <t>Property: auth-value<list style="empty">
                  <t>Description: An object conforming to the specification
                  associated with the Registered Auth type.</t>

                  <t>Type: String</t>

                  <t>Mandatory-to-Specify: Yes.</t>
                </list></t>
            </list></t>

          <section anchor="CredentialAuth" title="CredentialAuth Type">
            <t>CredentialAuth is a Registered Auth type defining an object for
            encapsulating user credentials (i.e., username and password) (see
            <xref target="AuthReg"/>). The CredentialAuth object contains the
            following properties:</t>

            <t><list style="empty">
                <t>Property: username<list style="empty">
                    <t>Description: Identification of user.</t>

                    <t>Type: String</t>

                    <t>Mandatory-to-Specify: Yes.</t>
                  </list></t>

                <t>Property: password<list style="empty">
                    <t>Description: Password for user identified by username
                    property.</t>

                    <t>Type: String</t>

                    <t>Mandatory-to-Specify: Yes.</t>
                  </list></t>
              </list></t>
          </section>
        </section>

        <section anchor="IPv4CIDR" title="IPv4CIDR">
          <t>An IPv4address CIDR block encoded as specified by the
          'IPv4address' rule in Section 3.2.2 of <xref target="RFC3986"/>
          followed by a / followed by an unsigned integer representing the
          leading bits of the routing prefix (i.e. IPv4 CIDR notation). Single
          IP addresses can be expressed as /32.</t>

          <t>Type: String</t>
        </section>

        <section anchor="IPv6CIDR" title="IPv6CIDR">
          <t>An IPv6address CIDR block encoded in one of the IPv6 address
          formats specified in <xref target="RFC5952"/> followed by a /
          followed by an unsigned integer representing the leading bits of the
          routing prefix (i.e. IPv6 CIDR notation). Single IP addresses can be
          expressed as /128.</t>

          <t>Type: String</t>
        </section>

        <section anchor="ASN" title="ASN">
          <t>An Autonomous System Number encoded as a string consisting of the
          characters AS (in uppercase) followed by the Autonomous System
          number. For example "AS64496".</t>

          <t>Type: String</t>
        </section>

        <section anchor="CountryCode" title="CountryCode">
          <t>An ISO 3166-1 alpha-2 code <xref target="ISO3166-1"/> in
          lowercase.</t>

          <t>Type: String</t>
        </section>
      </section>
    </section>

    <section anchor="metadata-capabilities" title="CDNI Metadata Capabilities">
      <t>CDNI Metadata is used to convey information pertaining to content
      delivery from uCDN to dCDN. For optional metadata, it may be useful for
      the uCDN to know if the dCDN supports the metadata, prior to delegating
      any content requests to the dCDN. If optional-to-implement metadata is
      "mandatory-to-enforce", and the dCDN does not support it, any delegated
      requests for that content will fail. The uCDN will likely want to avoid
      delegating those requests to that dCDN. Likewise, for any metadata which
      may be assigned optional values, it may be useful for the uCDN to know
      which values a dCDN supports, prior to delegating any content requests
      to that dCDN. If the optional value assigned to a given piece of
      content's metadata is not supported by the dCDN, any delegated requests
      for that content may fail, so again the uCDN is likely to want to avoid
      delegating those requests to that dCDN.</t>

      <t>The CDNI Footprint and Capabilities Interface (FCI) <xref
      target="RFC7336"/> provides a means of advertising capabilities from
      dCDN to uCDN. Support for optional metadata and support for optional
      metadata values may be advertised using the FCI.</t>
    </section>

    <section anchor="metadata-interface" title="CDNI Metadata interface">
      <t>This section specifies an interface to enable a Downstream CDN to
      retrieve CDNI Metadata objects from an Upstream CDN.</t>

      <t>The interface can be used by a Downstream CDN to retrieve CDNI
      Metadata objects either:</t>

      <t><list style="symbols">
          <t>Dynamically as required by the Downstream CDN to process received
          requests. For example in response to a query from an Upstream CDN
          over the CDNI Request Routing Redirection interface (RI) <xref
          target="I-D.ietf-cdni-redirection"/> or in response to receiving a
          request for content from a User Agent. Or;</t>

          <t>In advance of being required. For example in the case of
          Pre-positioned CDNI Metadata acquisition.</t>
        </list></t>

      <t>The CDNI Metadata interface is built on the principles of RESTful web
      services. In particular, this means that requests and responses over the
      interface are built around the transfer of representations of
      hyperlinked resources. A resource in the context of the CDNI Metadata
      interface is any object in the Data Model (as described in <xref
      target="data-model"/> and <xref
      target="abstract-metadata-description"/>).</t>

      <t>To retrieve CDNI metadata, a CDNI Metadata client (i.e., a client in
      the dCDN) first makes a HTTP GET request for the URI of the HostIndex
      which provides the CDNI Metadata client with a list of Hostnames for
      which the upstream CDN may delegate content delivery to the downstream
      CDN. The CDNI Metadata client can then obtain any other CDNI Metadata
      objects by making a HTTP GET requests for any linked Metadata objects it
      requires.</t>

      <t>CDNI Metadata servers (i.e., servers in the uCDN) are free to assign
      whatever structure they desire to the URIs for CDNI Metadata objects and
      CDNI Metadata clients MUST NOT make any assumptions regarding the
      structure of CDNI Metadata URIs or the mapping between CDNI Metadata
      objects and their associated URIs. Therefore any URIs present in the
      examples below are purely illustrative and are not intended to impose a
      definitive structure on CDNI Metadata interface implementations.</t>

      <section title="Transport">
        <t>The CDNI Metadata interface uses HTTP as the underlying protocol
        transport.</t>

        <t>The HTTP Method in the request defines the operation the request
        would like to perform. A server implementation of the CDNI Metadata
        interface MUST support the HTTP GET and HEAD methods.</t>

        <t>The corresponding HTTP Response returns the status of the operation
        in the HTTP Status Code and returns the current representation of the
        resource (if appropriate) in the Response Body. HTTP Responses from
        servers implementing the CDNI Metadata interface that contain a
        response body SHOULD include an ETag to enable validation of cached
        versions of returned resources.</t>

        <t>The CDNI Metadata interface specified in this document is a
        read-only interface. Therefore support for other HTTP methods such as
        PUT, POST and DELETE etc. is not specified. A server implementation of
        the CDNI Metadata interface SHOULD reject all methods other than GET
        and HEAD.</t>

        <t>As the CDNI Metadata interface builds on top of HTTP, CDNI Metadata
        server implementations MAY make use of any HTTP feature when
        implementing the CDNI Metadata interface, for example a CDNI Metadata
        server MAY make use of HTTP's caching mechanisms to indicate that the
        returned response/representation can be reused without re-contacting
        the CDNI Metadata server.</t>
      </section>

      <section title="Retrieval of CDNI Metadata resources">
        <t>In the general case a CDNI Metadata server makes each instance of
        an addressable CDNI Metadata object available via a unique URI and
        therefore in order to retrieve CDNI Metadata, a CDNI Metadata client
        first makes a HTTP GET request for the URI of the HostIndex which
        provides the CDNI Metadata client with a list of Hostnames for which
        the upstream CDN may delegate content delivery to the downstream
        CDN.</t>

        <t>In order to retrieve the CDNI Metadata for a particular request the
        CDNI Metadata client processes the received HostIndex object and finds
        the corresponding HostMetadata entry (by matching the hostname in the
        request against the hostnames listed in the HostMatch objects). If the
        HostMetadata is linked (rather than embedded), the CDNI metadata
        client then makes a GET request for the URI specified in the href
        property of the Link object which points to the HostMetadata object
        itself.</t>

        <t>In order to retrieve the most specific metadata for a particular
        request, the CDNI metadata client inspects the HostMetadata for
        references to more specific PathMetadata objects (by matching the URI
        path in the request against the path-patterns in the PathMatch). If
        any PathMetadata match the request (and are linked rather than
        embedded), the CDNI metadata client makes another GET request for the
        PathMetadata. Each PathMetadata object may also include references to
        yet more specific metadata. If this is the case, the CDNI metadata
        client continues requesting PathMatch and PathMetadata objects
        recursively.</t>

        <t>In cases where a dCDN is not able to retrieve the entire set of
        CDNI metadata associated with a User Agent request, for example
        because the uCDN is uncontactable or returns an HTTP 4xx or 5xx status
        in response to some or all of the dCDN's CDNI metadata requests, the
        dCDN MUST NOT serve the requested content unless the dCDN has stale
        versions of all the required metadata and the stale-if-error
        Cache-Control extension <xref target="RFC5861"/> was included in all
        previous responses that are required but cannot currently be
        retrieved. The dCDN can continue to serve other content for which it
        can retrieve (or for which it has fresh responses cached) all the
        required metadata even if some non-applicable part of the metadata
        tree is missing.</t>

        <t>Where a downstream CDN is interconnected with multiple upstream
        CDNs, the downstream CDN needs to determine which upstream CDN's CDNI
        metadata should be used to handle a particular User Agent request.</t>

        <t>When application level redirection (e.g., HTTP 302 redirects) is
        being used between CDNs, it is expected that the downstream CDN will
        be able to determine the upstream CDN that redirected a particular
        request from information contained in the received request (e.g., via
        the URI). With knowledge of which upstream CDN routed the request, the
        downstream CDN can choose the correct metadata server from which to
        obtain the HostIndex. Note that the HostIndex served by each uCDN may
        be unique.</t>

        <t>In the case of DNS redirection there is not always sufficient
        information carried in the DNS request from User Agents to determine
        the upstream CDN that redirected a particular request (e.g., when
        content from a given host is redirected to a given downstream CDN by
        more than one upstream CDN) and therefore downstream CDNs may have to
        apply local policy when deciding which upstream CDN's metadata to
        apply.</t>
      </section>

      <section title="Bootstrapping">
        <t>The URI for the HostIndex object of a given upstream CDN needs to
        be either configured in, or discovered by, the downstream CDN. All
        other objects/resources are then discoverable from the HostIndex
        object by following the links in the HostIndex object and the
        referenced HostMetadata and PathMetadata objects.</t>

        <t>If the URI for the HostIndex object is not manually configured in
        the downstream CDN then the HostIndex URI could be discovered. A
        mechanism allowing the downstream CDN to discover the URI of the
        HostIndex is outside the scope of this document.</t>
      </section>

      <section title="Encoding">
        <t>Objects are resources that may be:</t>

        <t><list style="symbols">
            <t>Addressable, where the object is a resource that may be
            retrieved or referenced via its own URI.</t>

            <t>Embedded, where the object is contained within a property of an
            addressable object.</t>
          </list></t>

        <t>The descriptions of objects use the phrase "X contains Y" to mean
        that Y is either directly embedded in X or is linked to by X. It is
        generally a deployment choice for the uCDN implementation to decide
        when and which CDNI Metadata objects to embed and which are made
        separately addressable.</t>

        <section anchor="media-types" title="MIME Media Types">
          <t>All MIME media types for CDNI Metadata objects are prefixed with
          "application/cdni.". The MIME media type for each object then
          contains the object name of that object as defined by this document.
          The object type name is followed by ".v" and the version number of
          the object type (e.g., &ldquo;.v1&rdquo;). Finally, the encoding
          type "+json" is appended. <xref
          target="metadata-media-types-table"/> lists the MIME media type for
          the metadata objects (resources) that are specified in this
          document.</t>

          <texttable anchor="metadata-media-types-table"
                     title="MIME Media Types for CDNI Metadata objects">
            <ttcol>Data Object</ttcol>

            <ttcol>MIME Media Type</ttcol>

            <c>HostIndex</c>

            <c>application/cdni.HostIndex.v1+json</c>

            <c>HostMatch</c>

            <c>application/cdni.HostMatch.v1+json</c>

            <c>HostMetadata</c>

            <c>application/cdni.HostMetadata.v1+json</c>

            <c>PathMatch</c>

            <c>application/cdni.PathMatch.v1+json</c>

            <c>PatternMatch</c>

            <c>application/cdni.PatternMatch.v1+json</c>

            <c>PathMetadata</c>

            <c>application/cdni.PathMetadata.v1+json</c>

            <c>GenericMetadata</c>

            <c>application/cdni.GenericMetadata.v1+json</c>

            <c>SourceMetadata</c>

            <c>application/cdni.SourceMetadata.v1+json</c>

            <c>Source</c>

            <c>application/cdni.Source.v1+json</c>

            <c>LocationACL</c>

            <c>application/cdni.LocationACL.v1+json</c>

            <c>LocationRule</c>

            <c>application/cdni.LocationRule.v1+json</c>

            <c>Footprint</c>

            <c>application/cdni.Footprint.v1+json</c>

            <c>TimeWindowACL</c>

            <c>application/cdni.TimeWindowACL.v1+json</c>

            <c>TimeWindowRule</c>

            <c>application/cdni.TimeWindowRule.v1+json</c>

            <c>TimeWindow</c>

            <c>application/cdni.TineWindow.v1+json</c>

            <c>ProtocolACL</c>

            <c>application/cdni.ProtocolACL.v1+json</c>

            <c>ProtocolRule</c>

            <c>application/cdni.ProtocolRule.v1+json</c>

            <c>DeliveryAuthorization</c>

            <c>application/ cdni.DeliveryAuthorization.v1+json</c>

            <c>Cache</c>

            <c>application/cdni.Cache.v1+json</c>

            <c>Grouping</c>

            <c>application/cdni.Grouping.v1+json</c>

            <c>Auth</c>

            <c>application/cdni.Auth.v1+json</c>

            <c>CredentialsAuth</c>

            <c>application/cdni.CredentialAuth.v1+json</c>
          </texttable>

          <t/>
        </section>

        <section title="JSON Encoding of Objects">
          <t>A CDNI Metadata object is encoded as a JSON object containing a
          dictionary of (key,value) pairs where the keys are the property
          names and the values are the associated property values.</t>

          <t>The keys of the dictionary are the names of the properties
          associated with the object and are therefore dependent on the
          specific object being encoded (i.e., dependent on the MIME Media
          Type of the returned resource). Likewise, the values associated with
          each key are dependent on the specific object being encoded (i.e.,
          dependent on the MIME Media Type of the returned resource).</t>

          <t>Dictionary keys in JSON are case sensitive. By convention any
          dictionary key defined by this document (for example the names of
          CDNI Metadata object properties) MUST be represented in
          lowercase.</t>

          <t>In addition to the properties specified for each object type, the
          keys defined below may be present in any object.</t>

          <t><list style="empty">
              <t>Key: base<list style="empty">
                  <t>Description: Provides a prefix for any relative URLs in
                  the object. This is similar to the XML base tag <xref
                  target="XML-BASE"/>. If absent, all URLs in the remainder of
                  the response MUST be absolute URLs.</t>

                  <t>Type: URI</t>

                  <t>Mandatory: No</t>
                </list></t>
            </list></t>

          <t><list style="empty">
              <t>Key: _links<list style="empty">
                  <t>Description: The links from this object to other
                  addressable objects. Any property whose value is an object
                  may be replaced by a link to an object with the same type as
                  the property it replaces. The keys of the _links dictionary
                  are the names of the properties being replaced. The values
                  of the dictionary are Link objects with href set to the URI
                  of the object and type set to the MIME media type of the
                  object being replaced.</t>

                  <t>Type: Dictionary object of Link objects</t>

                  <t>Mandatory: Yes</t>
                </list></t>
            </list></t>

          <section title="Encoded CDNI Metadata Example">
            <t>A downstream CDN may request the HostIndex and receive the
            following object of type "application/cdni.HostIndex.v1+json":</t>

            <figure>
              <artwork><![CDATA[{
  "hosts": [
    {
      "host": "video.example.com",
      "_links": {
        "host-metadata" : {
          "type": "application/cdni.HostMetadata.v1+json",
          "href": "http://metadata.ucdn.example/host1234"
        }
      }
    },
    {
      "host": "images.example.com",
      "_links": {
        "host-metadata" : {
          "type": "application/cdni.HostMetadata.v1+json",
          "href": "http://metadata.ucdn.example/host5678"
        }
      }
    }
  ]
}]]></artwork>
            </figure>

            <t>If the incoming request has a Host header with
            "video.example.com" then the downstream CDN would fetch the next
            metadata object from "http://metadata.ucdn.example/host1234"
            expecting a MIME media type of
            "application/cdni.HostMetadata.v1+json":</t>

            <figure>
              <artwork><![CDATA[{
  "metadata": [
    {
      "generic-metadata-type":
        "application/cdni.SourceMetadata.v1+json",
      "generic-metadata-value": {
        "sources": [
          {
            "_links": {
              "acquisition-auth": {
                "auth-type": "application/cdni.Auth.v1+json",
                "href": "http://metadata.ucdn.example/auth1234"
              }
            },
            "endpoint": "acq1.ucdn.example",
            "protocol": "ftp"
          },
          {
            "_links": {
              "acquisition-auth": {
                "auth-type": "application/cdni.Auth.v1+json",
                "href": "http://metadata.ucdn.example/auth1234"
              }
            },
            "endpoint": "acq2.ucdn.example",
            "protocol": "http"
          }
        ]
      }
    },
    {
      "generic-metadata-type":
        "application/cdni.LocationACL.v1+json",
      "generic-metadata-value": {
        "locations": [
          {
            "footprints": [
              {
                "footprint-type": "IPv4CIDR",
                "footprint-value": "192.0.2.0/24"
              }
            ],
            "action": "deny"
          }
        ]
      }
    },
    {
      "generic-metadata-type":
        "application/cdni.ProtocolACL.v1+json",
      "generic-metadata-value": {
        "protocol-acl": [
          {
            "protocols": [
              "ftp"
            ],
            "action": "deny"
          }
        ]
      }
    }
  ],
  "paths": [
    {
      "path-pattern": {
        "pattern": "/video/trailers/*"
      },
      "_links": {
        "path-metadata": {
          "type": "application/cdni.PathMetadata.v1+json",
          "href": "http://metadata.ucdn.example/host1234/pathABC"
        }
      }
    },
    {
      "path-pattern": {
        "pattern": "/video/movies/*"
      },
      "_links": {
        "path-metadata": {
          "type": "application/cdni.PathMetadata.v1+json",
          "href": "http://metadata.ucdn.example/host1234/pathDCE"
        }
      }
    }
  ]
}]]></artwork>
            </figure>

            <t>Suppose the path of the requested resource matches the
            "/video/movies/*" pattern, the next metadata requested would be
            for "http://metadata.ucdn.example/host1234/movies" with an
            expected type of "application/cdni.PathMetadata.v1+json":</t>

            <figure>
              <artwork><![CDATA[{
  "metadata": [],
  "paths": [
    {
      "path-pattern": {
        "pattern": "/videos/movies/hd/*"
      },
      "_links": {
        "pathmetadata": {
          "type": "application/cdni.PathMetadata.v1+json",
          "href": 
            "http://metadata.ucdn.example/host1234/pathABC/path123"
        }
      }
    }
  ]
}]]></artwork>
            </figure>

            <t>Finally, if the path of the requested resource also matches the
            "/videos/movies/hd/*" pattern, the downstream CDN would also fetch
            the following object from
            "http://metadata.ucdn.example/host1234/movies/hd" with MIME media
            type "application/cdni.PathMetadata.v1+json":</t>

            <figure>
              <artwork><![CDATA[{
  "metadata": [
    {
      "generic-metadata-type":
        "application/cdni.TimeWindowACL.v1+json",
      "generic-metadata-value": {
        "times": [
          "windows": [
            {
              "start": "1213948800",
              "end": "1327393200"
            }
          ],
          "action": "allow"
        ]
      }
    }
  ]
}]]></artwork>
            </figure>
          </section>
        </section>
      </section>

      <section anchor="extensibility" title="Extensibility">
        <t>The set of property Metadata may be extended with additional
        (standards based or vendor specific) property Metadata through the
        specification of new GenericMetadata objects. The GenericMetadata
        object defined in <xref target="generic-metadata"/> specifies a type
        field and a type-specific value field that allows any Metadata
        property to be included in either the HostMetadata or PathMetadata
        lists.</t>

        <t>As with the initial GenericMetadata types defined in <xref
        target="property-objects"/>, future GenericMetadata types MUST specify
        the information necessary for constructing and decoding the
        GenericMetadata object. This information includes the list of
        properties contained within the GenericMetadata object, and for each
        property, the specification should include a description, a type, and
        whether or not the given property is mandatory-to-specify.</t>

        <t>Any document which defines a new GenericMetadata type has to:</t>

        <t><list style="numbers">
            <t>Specify the MIME Media Type used to identify the new
            GenericMetadata type being specified.</t>

            <t>Define the set of properties associated with the new type.</t>

            <t>For each property, define a name, description, type, and
            whether or not the property is mandatory-to-specify.</t>

            <t>Describe the semantics of the new type including its purpose
            and example of a use case to which it applies.</t>
          </list></t>

        <t>Note: Identification, within the type name defined for a property
        Metadata object, of the organization that defined the extension
        property Metadata decreases the possibility of property Metadata type
        collisions.</t>
      </section>

      <section title="Metadata Enforcement">
        <t>At any given time, the set of GenericMetadata types supported by
        the uCDN may not match the set of GenericMetadata types supported by
        the dCDN.</t>

        <t>In the cases where a uCDN sends Metadata containing a
        GenericMetadata type that a dCDN does not support, the dCDN MUST
        enforce the semantics of the "mandatory-to-enforce&rdquo; property. If
        a dCDN does not understand or is unable to perform the functions
        associated with any "mandatory-to-enforce&rdquo; Metadata, the dCDN
        MUST NOT service any requests for the corresponding content.</t>

        <t>Note: Ideally, uCDNs would not delegate content requests to a dCDN
        which does not support the "mandatory-to-enforce" Metadata associated
        with the content being requested. However, even if the uCDN has a
        priori knowledge of the Metadata supported by the dCDN (e.g., via the
        CDNI capabilities interface or through out-of-band negotiation between
        CDN operators) Metadata support may fluctuate or be inconsistent
        (e.g., due to mis-communication, mis-configuration, or temporary
        outage). Thus, the dCDN MUST always evaluate all Metadata associated
        with content requests and reject any requests where
        "mandatory-to-enforce" Metadata associated with the content cannot be
        enforced.</t>
      </section>

      <section title="Metadata Conflicts">
        <t>It is possible that new Metadata definitions may obsolete or
        conflict with existing property Metadata (e.g., a future revision of
        the CDNI Metadata interface may redefine the Auth Metadata or a custom
        vendor extension may implement an alternate Auth Metadata option). If
        multiple Metadata (e.g., cdni.Auth.v2, vendor1.Auth, and vendor2.Auth)
        all conflict with an existing Metadata (e.g., cdni.Auth) and all are
        marked as "mandatory-to-enforce", it may be ambiguous which Metadata
        should be applied, especially if the functionality of the Metadata
        overlap.</t>

        <t>As described in <xref target="metadata-inheritance"/>, Metadata
        override only applies to Metadata objects of the same exact type,
        found in HostMetadata and nested PathMetadata structures. The CDNI
        Metadata interface does not support enforcement of dependencies
        between different Metadata types. It is the responsibility of the CSP
        and the CDN operators to ensure that Metadata assigned to a given
        content do not conflict.</t>

        <t>Note: Because Metadata is inherently ordered in GenericMetadata
        lists, as well as in the PathMetadata hierarchy and PathMatch lists,
        multiple conflicting Metadata types MAY be used, however, Metadata
        hierarchies MUST ensure that independent PathMatch root objects are
        used to prevent ambiguous or conflicting Metadata definitions.</t>
      </section>

      <section title="Versioning">
        <t>The version of CDNI Metadata Structural objects is conveyed inside
        the MIME media type that is included in the HTTP Content-Type header.
        Upon responding to a request for an object, a metadata server MUST
        include a Content-Type header with the MIME media type containing the
        version number of the object. HTTP requests sent to a metadata server
        SHOULD include an Accept header with the MIME media type (which
        includes the version) of the expected object. Metadata clients can
        specify multiple MIME media types in the Accept header, for example if
        a metadata client is capable of processing two different versions of
        the same type of object (defined by different MIME media types) it may
        decide to include both in the Accept header. The version of each
        object defined by this document is version 1. For example:
        "Content-Type: application/cdni.HostIndex.v1+json".</t>

        <t>GenericMetadata objects include a "type" property which specifies
        the MIME media type of the GenericMetadata value. This MIME media type
        should also include a version. Any document which defines a new type
        of GenericMetadata MUST specify the version number which it describes.
        For example: "application/cdni.Location.v1+json".</t>
      </section>
    </section>

    <section anchor="IANA" title="IANA Considerations">
      <t>This document requests the registration of the following MIME Media
      Type under the IANA MIME Media Type registry
      (http://www.iana.org/assignments/media-types/index.html).<list
          style="empty">
          <t>application/cdni.HostIndex.v1+json</t>

          <t>application/cdni.HostMatch.v1+json</t>

          <t>application/cdni.HostMetadata.v1+json</t>

          <t>application/cdni.PathMatch.v1+json</t>

          <t>application/cdni.PatternMatch.v1+json</t>

          <t>application/cdni.PathMetadata.v1+json</t>

          <t>application/cdni.GenericMetadata.v1+json</t>

          <t>application/cdni.SourceMetadata.v1+json</t>

          <t>application/cdni.Source.v1+json</t>

          <t>application/cdni.LocationACL.v1+json</t>

          <t>application/cdni.LocationRule.v1+json</t>

          <t>application/cdni.Footprint.v1+json</t>

          <t>application/cdni.TimeWindowACL.v1+json</t>

          <t>application/cdni.TimeWindowRule.v1+json</t>

          <t>application/cdni.TimeWindow.v1+json</t>

          <t>application/cdni.ProtocolACL.v1+json</t>

          <t>application/cdni.ProtocolRule.v1+json</t>

          <t>application/cdni.DeliveryAuthorization.v1+json</t>

          <t>application/cdni.Cache.v1+json</t>

          <t>application/cdni.Grouping.v1+json</t>

          <t>application/cdni.Auth.v1+json</t>

          <t>application/cdni.CredentialsAuth.v1+json</t>
        </list></t>

      <section anchor="FootprintReg"
               title="CDNI Metadata Footprint Types Registry">
        <t>The IANA is requested to create a new "CDNI Metadata Footprint
        Types" registry. The "CDNI Metadata Footprint Types" namespace defines
        the valid Footprint object type values used by the Footprint object in
        <xref target="Footprint"/>. Additions to the Footprint type namespace
        conform to the "Expert Review" policy as defined in <xref
        target="RFC5226"/>. The expert reviewer should verify that new type
        definitions do not duplicate existing type definitions and prevent
        gratuitous additions to the namespace.</t>

        <t>The following table defines the initial Footprint Registry
        values:</t>

        <texttable>
          <ttcol align="left">Footprint Type</ttcol>

          <ttcol align="left">Description</ttcol>

          <ttcol align="left">Specification</ttcol>

          <c>IPv4CIDR</c>

          <c>IPv4 CIDR address block</c>

          <c>RFCthis</c>

          <c>IPv6CIDR</c>

          <c>IPv6 CIDR address block</c>

          <c>RFCthis</c>

          <c>ASN</c>

          <c>Autonomous System (AS) Number</c>

          <c>RFCthis</c>

          <c>CountryCode</c>

          <c>ISO 3166-1 alpha-2 code</c>

          <c>RFCthis</c>
        </texttable>
      </section>

      <section anchor="ProtocolReg"
               title="CDNI Metadata Protocol Types Registry">
        <t>The IANA is requested to create a new "CDNI Metadata Protocol
        Types" registry. The "CDNI Metadata Protocol Types" namespace defines
        the valid Protocol object values in <xref target="Protocol"/>, used by
        the SourceMetadata and ProtocolACL objects. Additions to the Protocol
        namespace conform to the "Expert Review" policy as defined in <xref
        target="RFC5226"/>. The expert review should verify that new protocol
        definitions do not duplicate existing protocol definitions and prevent
        gratuitous additions to the namespace.</t>

        <t>The following table defines the initial Protocol values:</t>

        <texttable>
          <ttcol align="left">Protocol Type</ttcol>

          <ttcol align="left">Description</ttcol>

          <ttcol align="left">Specification</ttcol>

          <c>HTTP1.1</c>

          <c>Hypertext Transfer Protocol -- HTTP/1.1</c>

          <c>RFC7230</c>

          <c>HTTPS1.1</c>

          <c>HTTP/1.1 Over TLS</c>

          <c>RFC2818</c>
        </texttable>
      </section>

      <section anchor="AuthReg" title="CDNI Metadata Auth Types Registry">
        <t>The IANA is requested to create a new "CDNI Metadata Auth Types"
        registry. The "CDNI Metadata Auth Type" namespace defines the valid
        Auth object types used by the Auth object in <xref target="Auth"/>.
        Additions to the Auth Type namespace conform to the "Expert Review"
        policy as defined in <xref target="RFC5226"/>. The expert review
        should verify that new type definitions do not duplicate existing type
        definitions and prevent gratuitous additions to the namespace.</t>

        <t>The following table defines the initial Auth type values:</t>

        <texttable>
          <ttcol align="left">Auth Type</ttcol>

          <ttcol align="left">Description</ttcol>

          <ttcol align="left">Specification</ttcol>

          <c>CredentialAuth</c>

          <c>Simple username and password authentication.</c>

          <c>RFCthis</c>
        </texttable>
      </section>
    </section>

    <section anchor="Security" title="Security Considerations">
      <t/>

      <section anchor="SecurityAuthentication" title="Authentication">
        <t>Unauthorized access to metadata could result in denial of service.
        A malicious metadata server, proxy server or an attacker performing a
        "man in the middle" attack" could provide metadata to a dCDN that
        denies service for one or more pieces of content to one or more user
        agents. A malicious metadata server (or an attacker performing a "Man
        in the middle" attack") could modify metadata so that dCDNs are
        directed to contact to malicious origin servers instead of the actual
        origin servers. A malicious metadata client could continuously issue
        large metadata requests to overload a uCDN's metadata server(s).</t>

        <t>Unauthorized access to metadata could result in denial of service.
        A malicious metadata server, proxy server or an attacker performing a
        "man in the middle" attack could provide metadata to a dCDN that
        either:</t>

        <t><list style="symbols">
            <t>Denies service for one or more pieces of content to one or more
            User Agents; or</t>

            <t>Directs dCDNs to contact malicious origin servers instead of
            the actual origin servers.</t>
          </list></t>

        <t>Unauthorized access to metadata could also enable a malicious
        metadata client to continuously issue large metadata requests in order
        to overload a uCDN's metadata server(s).</t>

        <t>Unauthorized access to metadata could result in leakage of private
        information. A malicious metadata client could request metadata in
        order to gain access to origin servers, as well as information
        pertaining to content restrictions.</t>

        <t>An implementation of the CDNI Metadata interface SHOULD use mutual
        authentication to prevent unauthorized access to metadata.</t>
      </section>

      <section anchor="SecurityConfidentiality" title="Confidentiality">
        <t>Unauthorized viewing of metadata could result in leakage of private
        information. A third party could intercept metadata transactions in
        order to gain access to origin servers, as well as information
        pertaining to content restrictions.</t>

        <t>An implementation of the CDNI Metadata interface SHOULD use strong
        encryption to prevent unauthorized viewing of metadata.</t>
      </section>

      <section anchor="SecurityIntegrity" title="Integrity">
        <t>Unauthorized modification of metadata could result in denial of
        service. A malicious metadata server, proxy server or an attacker
        performing a "man in the middle" attack" could modify metadata
        destined to a dCDN in order to deny service for one or more pieces of
        content to one or more user agents. A malicious metadata server, proxy
        server or an attacker performing a "Man in the middle" attack" could
        modify metadata so that dCDNs are directed to contact to malicious
        origin servers instead of the actual origin servers.</t>

        <t>An implementation of the CDNI Metadata interface SHOULD use strong
        encryption and mutual authentication to prevent unauthorized
        modification of metadata.</t>
      </section>

      <section anchor="SecurityPrivacy" title="Privacy">
        <t>Content provider origin and policy information is conveyed through
        the CDNI Metadata interface. The distribution of this information to
        another CDN may introduce potential privacy concerns for some content
        providers, for example because dCDNs accepting content requests for a
        content provider's content may be able to obtain additional
        information &amp; usage patterns relating to the users of a content
        provider's services. Content providers with such concerns can instruct
        their CDN partners not to use CDN interconnects when delivering that
        content provider's content.</t>
      </section>

      <section title="Securing the CDNI Metadata interface">
        <t>An implementation of the CDNI Metadata interface MUST support TLS
        transport as per <xref target="RFC2818"/> and <xref
        target="RFC7230"/>. The use of TLS for transport of the CDNI Metadata
        interface messages allows:</t>

        <t><list style="symbols">
            <t>The dCDN and uCDN to authenticate each other (to ensure they
            are transmitting/receiving CDNI Metadata requests &amp; responses
            from an authenticated CDN).</t>

            <t>CDNI Metadata interface requests and responses to be
            transmitted with confidentiality.</t>

            <t>The integrity of the CDNI Metadata interface requests and
            responses to be protected during the exchange.</t>
          </list></t>

        <t>In an environment where any such protection is required, TLS SHOULD
        be used (including authentication of the remote end) by the
        server-side (uCDN) and the client-side (dCDN) of the CDNI Metadata
        interface unless alternate methods are used for ensuring the
        confidentiality of the information in the CDNI Metadata interface
        requests and responses (such as setting up an IPsec tunnel between the
        two CDNs or using a physically secured internal network between two
        CDNs that are owned by the same corporate entity).</t>

        <t>An implementation of the CDNI Metadata interface MUST support the
        TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 cipher suite (<xref
        target="RFC5288"/>). An implementation of the CDNI Metadata interface
        SHOULD prefer cipher suites which support perfect forward secrecy over
        cipher suites that don't.</t>
      </section>
    </section>

    <section anchor="Acknowledgements" title="Acknowledgements">
      <t>The authors would like to thank David Ferguson and Francois Le
      Faucheur for their valuable comments and input to this document.</t>
    </section>

    <section title="Contributing Authors">
      <t>[RFC Editor Note: Please move the contents of this section to the
      Authors' Addresses section prior to publication as an RFC.]</t>

      <figure>
        <artwork><![CDATA[Grant Watson
Velocix (Alcatel-Lucent)
3 Ely Road
Milton, Cambridge  CB24 6AA
UK

Email: gwatson@velocix.com

Kent Leung
Cisco Systems
3625 Cisco Way
San Jose, 95134
USA

Email: kleung@cisco.com
]]></artwork>
      </figure>
    </section>
  </middle>

  <back>
    <references title="Normative References">
      <?rfc include="reference.RFC.2119" ?>

      <?rfc include="reference.RFC.5226" ?>

      <?rfc include="reference.RFC.4291" ?>

      <?rfc include="reference.RFC.5952" ?>

      <?rfc include="reference.RFC.5288"?>

      <?rfc include="reference.RFC.5861"?>

      <reference anchor="ISO3166-1">
        <front>
          <title>https://www.iso.org/obp/ui/#search</title>

          <author>
            <organization/>
          </author>

          <date/>
        </front>
      </reference>

      <?rfc ?>
    </references>

    <references title="Informative References">
      <?rfc include="reference.RFC.7337"?>

      <?rfc include="reference.RFC.7336"?>

      <?rfc include="reference.RFC.6707" ?>

      <?rfc include="reference.RFC.3986" ?>

      <?rfc include="reference.RFC.2818" ?>

      <?rfc include="reference.RFC.7230" ?>

      <?rfc include="reference.I-D.ietf-cdni-redirection"?>

      <reference anchor="XML-BASE">
        <front>
          <title>XML Base (Second Edition) -
          http://www.w3.org/TR/xmlbase/</title>

          <author fullname="Jonathan" initials="J" role="editor"
                  surname="Marsh">
            <organization/>
          </author>

          <author fullname="Richard" initials="R" role="editor"
                  surname="Tobin">
            <organization/>

            <address>
              <postal>
                <street/>

                <city/>

                <region/>

                <code/>

                <country/>
              </postal>

              <phone/>

              <facsimile/>

              <email/>

              <uri/>
            </address>
          </author>

          <date day="28" month="January" year="2009"/>
        </front>
      </reference>
    </references>
  </back>
</rfc>
