CDNI Working Group Minutes IETF-100, Singapore - Chaired by Kevin Ma (remote) and Phil Sorber (on behalf of Francois Le Faucheur) - Meeting notes captured by Magnus Westerlund and Kent Leung, edited by Kevin J. Ma - Audio Recording at: https://www.ietf.org/audio/ietf100/ietf100-sophia-20171116-1810.mp3 Slides at: https://datatracker.ietf.org/meeting/100/materials.html Chair slides (Kevin J. Ma) -------------------------- https://datatracker.ietf.org/meeting/100/materials/slides-100-cdni-chair-slides/ - No Document Updates URI Signing (Phil Sorber) ------------------------- https://datatracker.ietf.org/meeting/100/materials/slides-100-cdni-draft-ietf-cdni-uri-signing/ Issue #28 - no comments; matt nodded ISsue #30 - no comments ISsue #31 - no comments ISsue #32 - no comments Issue #33 - Kent Leung: It is the simple glob? Rational for simple glob is gone. On the fence if this should be removed or not. - Phil: There was no reason to remove it; but this is possibly a reason to remove. Also on the fence. - Chris Lemmons: Another issue is that the sub claim is designed for the "subject" which seems to be interpreted as the user bearing the token. - Phil: Colon issue is much more cut and dry - Matt Miller: Subject is ment for the entity claims are over (URI) - Kevin Ma (as individual): in favor of CDNI-specific sub-claims. Don't see a reason to keep the simple glob. Historically we added simple glob because we didn't want regex. - Phil: Creating a pull request that will remove the simple glob. Allows people to review that. - Chris: Subject usage gleaned from usage, not from spec. - Kent: In favor of a pull request to review, and remove if no objection. - Kevin (as chair): will we be ready for last call in London - Phil: Will publish after real usage in Feb. Optimistic about having a draft ready for last call in London. HTTPS delegation (Frederic Fieau) --------------------------------- https://datatracker.ietf.org/meeting/100/materials/slides-100-cdni-draft-fieau-cdni-interfaces-https-delegation/ Discussion of options on Slide 8: - Robert Mugabe: Do you need to repeat the delegation metatdata for each pass? you could make it a different resource/URI and link to it? - Frederic thinks option 1 would easier to use. - Kevin: listing the paths doesn't add much; could use links. making custom objects goes against the generic architecture (with multiple metadata applied to paths rather than paths per metadata) the metadata authors were trying to achieve. More information why this would be necessary would help. SVA OC Extensions (Ori Finkelman) --------------------------------- https://datatracker.ietf.org/meeting/100/materials/slides-100-cdni-draft-finkelman-cdni-sva-extensions/ request routing - no comments content management - scheduled triggers - Phil: is the time not already UTC. - Ori: The goal is to have things happening across multiple time zones at the same time in the local time, like 3 am local time. Do not want geo-limited triggers, per timezone with different UTCs. - Glen Deen: you want to send out a generic time and have caches interpret it locally. Actually, in the context of the client? What if a client is redirected from Boston to Denver? - Ori: This is for bulk pre-positioning content in off peak hours. - Glen: This is useful to have in CDNI. May need to consider a cache serving other timezones. Maybe merge with geo-tags. - Sanjay Mishra: this is intended as a restriction/instruction on the local cache serving the local environment. uri signing - relayed token authentication - Phil: this proposal is cleaver. But, there are things that could be improved. Content specific metadata makes it less portable. Would like to merge with URI signing and not require session state. Believe surrogate validation is possible, with traditional URI signing. - Ori: Keep CP logic in uCDN, but update dCDN token handling. - Phil: authenticate with uCDN; dCDN generates its own token to client; TTL for re-authentication with uCDN. logging - ran out of time - Kevin: everyone should go an read the draft. Chair Questions --------------- Based on today's discussion the new work being proposed is beyond the current WG scope, and we would need rechartering. Is the WG interested in taking on HTTPS delegation? Hmmm - A weak (2?) hum in favor, a even weaker (1?) hum against. Is the WG interested in working on SVA OC extensions? Hmmm - Several hums in favor, and none against. Session closed.