idnits 2.17.1 draft-ietf-cdni-control-triggers-13.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (April 17, 2016) is 2921 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFCthis' is mentioned on line 1697, but not defined == Outdated reference: A later version (-21) exists of draft-ietf-cdni-metadata-15 ** Obsolete normative reference: RFC 2818 (Obsoleted by RFC 9110) ** Downref: Normative reference to an Informational RFC: RFC 6707 ** Obsolete normative reference: RFC 7159 (Obsoleted by RFC 8259) ** Obsolete normative reference: RFC 7230 (Obsoleted by RFC 9110, RFC 9112) ** Obsolete normative reference: RFC 7231 (Obsoleted by RFC 9110) ** Obsolete normative reference: RFC 7232 (Obsoleted by RFC 9110) ** Obsolete normative reference: RFC 7525 (Obsoleted by RFC 9325) == Outdated reference: A later version (-11) exists of draft-greevenbosch-appsawg-cbor-cddl-08 == Outdated reference: A later version (-20) exists of draft-ietf-cdni-redirection-18 Summary: 7 errors (**), 0 flaws (~~), 5 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group R. Murray 3 Internet-Draft B. Niven-Jenkins 4 Intended status: Standards Track Nokia 5 Expires: October 19, 2016 April 17, 2016 7 CDNI Control Interface / Triggers 8 draft-ietf-cdni-control-triggers-13 10 Abstract 12 This document describes the part of the CDN Interconnection Control 13 Interface that allows a CDN to trigger activity in an interconnected 14 CDN that is configured to deliver content on its behalf. The 15 upstream CDN can use this mechanism to request that the downstream 16 CDN pre-positions metadata or content, or that it invalidates or 17 purges metadata or content. The upstream CDN can monitor the status 18 of activity that it has triggered in the downstream CDN. 20 Requirements Language 22 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 23 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 24 document are to be interpreted as described in RFC 2119 [RFC2119]. 26 Status of This Memo 28 This Internet-Draft is submitted in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF). Note that other groups may also distribute 33 working documents as Internet-Drafts. The list of current Internet- 34 Drafts is at http://datatracker.ietf.org/drafts/current/. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 This Internet-Draft will expire on October 19, 2016. 43 Copyright Notice 45 Copyright (c) 2016 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (http://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the Simplified BSD License. 58 Table of Contents 60 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 61 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 62 2. Model for CDNI Triggers . . . . . . . . . . . . . . . . . . . 4 63 2.1. Timing of Triggered Activity . . . . . . . . . . . . . . 6 64 2.2. Scope of Triggered Activity . . . . . . . . . . . . . . . 6 65 2.2.1. Multiple Interconnected CDNs . . . . . . . . . . . . 6 66 2.3. Trigger Results . . . . . . . . . . . . . . . . . . . . . 8 67 3. Collections of Trigger Status Resources . . . . . . . . . . . 8 68 4. CDNI Trigger Interface . . . . . . . . . . . . . . . . . . . 9 69 4.1. Creating Triggers . . . . . . . . . . . . . . . . . . . . 10 70 4.2. Checking Status . . . . . . . . . . . . . . . . . . . . . 11 71 4.2.1. Polling Trigger Status Resource collections . . . . . 11 72 4.2.2. Polling Trigger Status Resources . . . . . . . . . . 12 73 4.3. Cancelling Triggers . . . . . . . . . . . . . . . . . . . 12 74 4.4. Deleting Triggers . . . . . . . . . . . . . . . . . . . . 13 75 4.5. Expiry of Trigger Status Resources . . . . . . . . . . . 13 76 4.6. Loop Detection and Prevention . . . . . . . . . . . . . . 14 77 4.7. Error Handling . . . . . . . . . . . . . . . . . . . . . 14 78 4.8. Content URLs . . . . . . . . . . . . . . . . . . . . . . 15 79 5. CI/T Object Properties and Encoding . . . . . . . . . . . . . 16 80 5.1. CI/T Objects . . . . . . . . . . . . . . . . . . . . . . 16 81 5.1.1. CI/T Commands . . . . . . . . . . . . . . . . . . . . 16 82 5.1.2. Trigger Status Resource . . . . . . . . . . . . . . . 17 83 5.1.3. Trigger Collection . . . . . . . . . . . . . . . . . 18 84 5.2. Properties of CI/T Objects . . . . . . . . . . . . . . . 20 85 5.2.1. Trigger Specification . . . . . . . . . . . . . . . . 20 86 5.2.2. Trigger Type . . . . . . . . . . . . . . . . . . . . 21 87 5.2.3. Trigger Status . . . . . . . . . . . . . . . . . . . 22 88 5.2.4. PatternMatch . . . . . . . . . . . . . . . . . . . . 22 89 5.2.5. Absolute Time . . . . . . . . . . . . . . . . . . . . 23 90 5.2.6. Error Description . . . . . . . . . . . . . . . . . . 24 91 5.2.7. Error Code . . . . . . . . . . . . . . . . . . . . . 24 92 6. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 25 93 6.1. Creating Triggers . . . . . . . . . . . . . . . . . . . . 25 94 6.1.1. Preposition . . . . . . . . . . . . . . . . . . . . . 25 95 6.1.2. Invalidate . . . . . . . . . . . . . . . . . . . . . 27 97 6.2. Examining Trigger Status . . . . . . . . . . . . . . . . 28 98 6.2.1. Collection of All Triggers . . . . . . . . . . . . . 28 99 6.2.2. Filtered Collections of Trigger Status Resources . . 29 100 6.2.3. Individual Trigger Status Resources . . . . . . . . . 31 101 6.2.4. Polling for Change . . . . . . . . . . . . . . . . . 33 102 6.2.5. Deleting Trigger Status Resources . . . . . . . . . . 36 103 6.2.6. Error Reporting . . . . . . . . . . . . . . . . . . . 37 104 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 38 105 7.1. CDNI Payload Type Parameter Registrations . . . . . . . . 38 106 8. Security Considerations . . . . . . . . . . . . . . . . . . . 39 107 8.1. Authentication, Authorization, Confidentiality, Integrity 108 Protection . . . . . . . . . . . . . . . . . . . . . . . 40 109 8.2. Denial of Service . . . . . . . . . . . . . . . . . . . . 41 110 8.3. Privacy . . . . . . . . . . . . . . . . . . . . . . . . . 41 111 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 41 112 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 41 113 10.1. Normative References . . . . . . . . . . . . . . . . . . 41 114 10.2. Informative References . . . . . . . . . . . . . . . . . 42 115 Appendix A. Formalization of the JSON Data . . . . . . . . . . . 43 116 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 44 118 1. Introduction 120 [RFC6707] introduces the problem scope for CDN Interconnection (CDNI) 121 and lists the four categories of interfaces that may be used to 122 compose a CDNI solution (Control, Metadata, Request Routing, 123 Logging). 125 [RFC7336] expands on the information provided in [RFC6707] and 126 describes each of the interfaces and the relationships between them 127 in more detail. 129 This document describes the "CI/T" interface, "CDNI Control interface 130 / Triggers". It does not consider those parts of the control 131 interface that relate to configuration, bootstrapping or 132 authentication of CDN Interconnect interfaces. Section 4 of 133 [RFC7337] identifies the requirements specific to the CI interface, 134 requirements applicable to the CI/T interface are CI-1 to CI-6. 136 o Section 2 outlines the model for the CI/T Interface at a high 137 level. 139 o Section 3 describes collections of Trigger Status Resources. 141 o Section 4 defines the web service provided by the dCDN. 143 o Section 5 lists properties of CI/T Commands and Status Resources. 145 o Section 6 contains example messages. 147 1.1. Terminology 149 This document reuses the terminology defined in [RFC6707] and uses 150 "uCDN" and "dCDN" as shorthand for "Upstream CDN" and "Downstream 151 CDN", respectively. 153 2. Model for CDNI Triggers 155 A CI/T Command, sent from the uCDN to the dCDN, is a request for the 156 dCDN to do some work relating to data associated with content 157 requests originating from the uCDN. 159 There are two types of CI/T Command: CI/T Trigger Commands, and CI/T 160 Cancel Commands. The CI/T Cancel Command can be used to request 161 cancellation of an earlier CI/T Trigger Command. A CI/T Trigger 162 Command is of one of the following types: 164 o preposition - used to instruct the dCDN to fetch metadata from the 165 uCDN, or content from any origin including the uCDN. 167 o invalidate - used to instruct the dCDN to revalidate specific 168 metadata or content before re-using it. 170 o purge - used to instruct the dCDN to delete specific metadata or 171 content. 173 The CI/T interface is a web service offered by the dCDN. It allows 174 CI/T commands to be issued, and triggered activity to be tracked. 175 When the dCDN accepts a CI/T Command it creates a resource describing 176 status of the triggered activity, a Trigger Status Resource. The 177 uCDN can poll Trigger Status Resources to monitor progress. 179 The dCDN maintains at least one collection of Trigger Status 180 Resources for each uCDN. Each uCDN only has access to its own 181 collections, the locations of which are shared when CDN 182 interconnection is established. 184 To trigger activity in the dCDN, the uCDN POSTs a CI/T Command to the 185 collection of Trigger Status Resources. If the dCDN accepts the CI/T 186 Command, it creates a new Trigger Status Resource and returns its 187 location to the uCDN. To monitor progress, the uCDN can GET the 188 Trigger Status Resource. To request cancellation of a CI/T Trigger 189 Command the uCDN can POST to the collection of Trigger Status 190 Resources, or simply DELETE the Trigger Status Resource. 192 In addition to the collection of all Trigger Status Resources for the 193 uCDN, the dCDN can maintain filtered views of that collection. These 194 filtered views are defined in Section 3 and include collections of 195 Trigger Status Resources corresponding to active and completed CI/T 196 Trigger Commands. These collections provide a mechanism for polling 197 the status of multiple jobs. 199 Figure 1 is an example showing the basic message flow used by the 200 uCDN to trigger activity in the dCDN, and for the uCDN to discover 201 the status of that activity. Only successful triggering is shown. 202 Examples of the messages are given in Section 6. 204 uCDN dCDN 205 | (1) POST https://dcdn.example.com/triggers/uCDN | 206 [ ] --------------------------------------------------> [ ]--+ 207 | [ ] | (2) 208 | (3) HTTP 201 Response [ ]<-+ 209 [ ] <-------------------------------------------------- [ ] 210 | Loc: https://dcdn.example.com/triggers/uCDN/123 | 211 | | 212 . . . 213 . . . 214 . . . 215 | | 216 | (4) GET https://dcdn.example.com/triggers/uCDN/123 | 217 [ ] --------------------------------------------------> [ ] 218 | [ ] 219 | (5) HTTP 200 Trigger Status Resource [ ] 220 [ ] <-------------------------------------------------- [ ] 221 | | 222 | | 224 Figure 1: Basic CDNI Message Flow for Triggers 226 The steps in Figure 1 are: 228 1. The uCDN triggers action in the dCDN by posting a CI/T Command to 229 a collection of Trigger Status Resources, 230 "https://dcdn.example.com/triggers/uCDN". The URL of this was 231 given to the uCDN when the CI/T interface was established. 233 2. The dCDN authenticates the request, validates the CI/T Command 234 and, if it accepts the request, creates a new Trigger Status 235 Resource. 237 3. The dCDN responds to the uCDN with an HTTP 201 response status, 238 and the location of the Trigger Status Resource. 240 4. The uCDN can poll, possibly repeatedly, the Trigger Status 241 Resource in the dCDN. 243 5. The dCDN responds with the Trigger Status Resource, describing 244 progress or results of the CI/T Trigger Command. 246 The remainder of this document describes the messages, Trigger Status 247 Resources, and collections of Trigger Status Resources in more 248 detail. 250 2.1. Timing of Triggered Activity 252 Timing of the execution of CI/T Commands is under the dCDN's control, 253 including its start-time and pacing of the activity in the network. 255 CI/T invalidate and purge commands MUST be applied to all data 256 acquired before the command was accepted by the dCDN. The dCDN 257 SHOULD NOT apply CI/T invalidate and purge commands to data acquired 258 after the CI/T Command was accepted, but this may not always be 259 achievable so the uCDN cannot count on that. 261 If the uCDN wishes to invalidate or purge content then immediately 262 pre-position replacement content at the same URLs, it SHOULD ensure 263 the dCDN has completed the invalidate/purge before initiating the 264 prepositioning. Otherwise, there is a risk that the dCDN pre- 265 positions the new content, then immediately invalidates or purges it 266 (as a result of the two uCDN requests running in parallel). 268 Because the CI/T Command timing is under the dCDN's control, the dCDN 269 implementation can choose whether to apply CI/T invalidate and purge 270 commands to content acquisition that has already started when the 271 command is received. 273 2.2. Scope of Triggered Activity 275 Each CI/T Command can operate on multiple metadata and content URLs. 277 Multiple representations of an HTTP resource may share the same URL. 278 CI/T Trigger Commands that invalidate or purge metadata or content 279 apply to all resource representations with matching URLs. 281 2.2.1. Multiple Interconnected CDNs 283 In a network of interconnected CDNs a single uCDN will originate a 284 given item of metadata and associated content, it may distribute that 285 metadata and content to more than one dCDN, which may in-turn 286 distribute that metadata and content to further-downstream CDNs. 288 An intermediate CDN is a dCDN that passes on CDNI metadata and 289 content to further-downstream dCDNs. 291 A diamond configuration is one where a dCDN can acquire metadata and 292 content originated in one uCDN from that uCDN itself and an 293 intermediate CDN, or via more than one intermediate CDN. 295 CI/T commands originating in the single source uCDN affect metadata 296 and content in all dCDNs but, in a diamond configuration, it may not 297 be possible for the dCDN to determine which uCDN it acquired content 298 from. In this case a dCDN MUST allow each uCDN from which it may 299 have acquired the content to act upon that content using CI/T 300 Commands. 302 In all other cases, a dCDN MUST reject CI/T Commands from a uCDN that 303 act on another uCDN's data using, for example, HTTP "403 Forbidden". 305 Security considerations are discussed further in Section 8. 307 The diamond configuration may lead to inefficient interactions, but 308 the interactions are otherwise harmless. For example: 310 o When the uCDN issues an invalidate CI/T command, a dCDN will 311 receive that command from multiple directly connected uCDNs. The 312 dCDN may schedule multiple those commands separately, and the last 313 may affect content already revalidated following execution of the 314 invalidate command scheduled first. 316 o If one of a dCDN's directly-connected uCDNs loses its rights to 317 distribute content, it may issue a CI/T purge command. That purge 318 may affect content the dCDN could retain because it's distributed 319 by another directly-connected uCDN. But, that content can be re- 320 acquired by the dCDN from the remaining uCDN. 322 o When the uCDN originating an item of content issues a CI/T purge 323 followed by a preposition - two directly connected uCDNs will pass 324 those commands to a dCDN. That dCDN implementation need not merge 325 those operations, or notice the repetition. In which case the 326 purge issued by one uCDN will complete before the other. The 327 first uCDN to finish its purge may then forward the preposition 328 trigger, and content pre-positioned as a result might be affected 329 by the still-running purge issued by the other uCDN. However, the 330 dCDN will re-acquire that content as needed, or when it's asked to 331 pre-position the content by the second uCDN. A dCDN 332 implementation could avoid this interaction by knowing which uCDN 333 it acquired the content from, or it could minimize the 334 consequences by recording the time at which the invalidate/purge 335 command was received and not applying it to content acquired after 336 that time. 338 2.3. Trigger Results 340 Possible states for a Trigger Status Resource are defined in section 341 Section 5.2.3. 343 The CI/T Trigger Command MUST NOT be reported as 'complete' until all 344 actions have been completed successfully. The reasons for failure, 345 and URLs or Patterns affected, SHOULD be enumerated in the Trigger 346 Status Resource. For more detail, see section Section 4.7. 348 If a dCDN is also acting as a uCDN in a cascade, it MUST forward CI/T 349 Commands to any downstream CDNs that may be affected. The CI/T 350 Trigger Command MUST NOT be reported as 'complete' in a CDN until it 351 is 'complete' in all of its downstream CDNs. If a CI/T Trigger 352 Command is reported as 'processed' in any dCDN, intermediate CDNs 353 MUST NOT report 'complete', instead they MUST also report 354 'processed'. A CI/T Command MAY be reported as 'failed' as soon as 355 it fails in a CDN or in any of its downstream CDNs. A cancelled CI/T 356 Trigger Command MUST be reported as 'cancelling' until it has been 357 reported as 'cancelled', 'complete', or 'failed' by all dCDNs in a 358 cascade. 360 3. Collections of Trigger Status Resources 362 As described in Section 2, Trigger Status Resources exist in the dCDN 363 to report the status of activity triggered by each uCDN. 365 A collection of Trigger Status Resources is a resource that contains 366 a reference to each Trigger Status Resource in that collection. 368 The dCDN MUST make a collection of a uCDN's Trigger Status Resources 369 available to that uCDN. This collection includes all of the Trigger 370 Status Resources created for CI/T Commands from the uCDN that have 371 been accepted by the dCDN, and have not yet been deleted by the uCDN, 372 or expired and removed by the dCDN (as described in section 373 Section 4.4). Trigger Status Resources belonging to a uCDN MUST NOT 374 be visible to any other CDN. The dCDN could, for example, achieve 375 this by offering different collection URLs to each uCDN, and by 376 filtering the response based on the uCDN with which the HTTP client 377 is associated. 379 To trigger activity in a dCDN, or to cancel triggered activity, the 380 uCDN POSTs a CI/T Command to the dCDN's collection of the uCDN's 381 Trigger Status Resources. 383 In order to allow the uCDN to check the status of multiple jobs in a 384 single request, the dCDN MAY also maintain collections representing 385 filtered views of the collection of all Trigger Status Resources. 386 These filtered collections are optional-to-implement but, if 387 implemented, the dCDN MUST include links to them in the collection of 388 all Trigger Status Resources. The filtered collections are: 390 o Pending - Trigger Status Resources for CI/T Trigger Commands that 391 have been accepted, but not yet acted upon. 393 o Active - Trigger Status Resources for CI/T Trigger Commands that 394 are currently being processed in the dCDN. 396 o Complete - Trigger Status Resources representing activity that 397 completed successfully, and 'processed' CI/T Trigger Commands for 398 which no further status updates will be made by the dCDN. 400 o Failed - Trigger Status Resources representing CI/T Commands that 401 failed or were cancelled by the uCDN. 403 4. CDNI Trigger Interface 405 This section describes an interface to enable an upstream CDN to 406 trigger activity in a downstream CDN. 408 The CI/T interface builds on top of HTTP, so dCDNs may make use of 409 any HTTP feature when implementing the CI/T interface. For example, 410 a dCDN SHOULD make use of HTTP's caching mechanisms to indicate that 411 a requested response/representation has not been modified, reducing 412 the uCDN's processing needed to determine whether the status of 413 triggered activity has changed. 415 All dCDNs implementing CI/T MUST support the HTTP GET, HEAD, POST and 416 DELETE methods as defined in [RFC7231]. 418 The only representation specified in this document is JSON, 419 [RFC7159]. It MUST be supported by the uCDN and by the dCDN. 421 The URL of the dCDN's collection of all Trigger Status Resources 422 needs to be either discovered by, or configured in, the uCDN. The 423 mechanism for discovery of that URL is outside the scope of this 424 document. 426 CI/T Commands are POSTed to the dCDN's collection of all Trigger 427 Status Resources. If a CI/T Trigger Command is accepted by the dCDN, 428 the dCDN creates a new Trigger Status Resource and returns its URI to 429 the uCDN in an HTTP 201 response. The triggered activity can then be 430 monitored by the uCDN using that resource and the collections 431 described in Section 3. 433 The URI of each Trigger Status Resource is returned to the uCDN when 434 it is created, and URIs of all Trigger Status Resources are listed in 435 the dCDN's collection of all Trigger Status Resources. This means 436 all Trigger Status Resources can be discovered by the uCDN, so dCDNs 437 are free to assign whatever structure they desire to the URIs for CI/ 438 T resources. Therefore uCDNs MUST NOT make any assumptions regarding 439 the structure of CI/T URIs or the mapping between CI/T objects and 440 their associated URIs. URIs present in the examples in this document 441 are purely illustrative and are not intended to impose a definitive 442 structure on CI/T interface implementations. 444 4.1. Creating Triggers 446 To issue a CI/T Command, the uCDN makes an HTTP POST to the dCDN's 447 collection of all of the uCDN's Trigger Status Resources. The 448 request body of that POST is a CI/T Command, as described in 449 Section 5.1.1. 451 The dCDN validates the CI/T Command. If the command is malformed or 452 the uCDN does not have sufficient access rights, the dCDN MUST either 453 respond with an appropriate 4xx HTTP error code and not create a 454 Trigger Status Resource, or create a 'failed' Trigger Status Resource 455 containing an appropriate error description. 457 When a CI/T Trigger Command is accepted, the uCDN MUST create a new 458 Trigger Status Resource which will convey a specification of the CI/T 459 Command and its current status. The HTTP response to the dCDN MUST 460 have status code 201 and MUST convey the URI of the Trigger Status 461 Resource in the Location header field. The HTTP response SHOULD 462 include the content of the newly created Trigger Status Resource. 463 This is particularly important in cases where the CI/T Trigger 464 Command has completed immediately. 466 Once a Trigger Status Resource has been created the dCDN MUST NOT re- 467 use its URI, even after that Trigger Status Resource has been 468 removed. 470 The dCDN SHOULD track and report on progress of CI/T Trigger 471 Commands. If the dCDN is not able to do that, it MUST indicate that 472 it has accepted the request but will not be providing further status 473 updates. To do this, it sets the status of the Trigger Status 474 Resource to "processed". In this case, CI/T processing should 475 continue as for a "complete" request, so the Trigger Status Resource 476 MUST be added to the dCDN's collection of Complete Trigger Status 477 Resources. The dCDN SHOULD also provide an estimated completion time 478 for the request, by using the "etime" property of the Trigger Status 479 Resource. This will allow the uCDN to schedule prepositioning after 480 an earlier delete of the same URLs is expected to have finished. 482 If the dCDN is able to track the execution of CI/T Commands and a CI/ 483 T Command is queued by the dCDN for later action, the status property 484 of the Trigger Status Resource MUST be "pending". Once processing 485 has started the "status" MUST be "active". Finally, once the CI/T 486 Command is complete, the status MUST be set to "complete" or 487 "failed". 489 A CI/T Trigger Command may result in no activity in the dCDN if, for 490 example, it is an invalidate or purge request for data the dCDN has 491 not yet acquired, or a pre-position request for data it has already 492 acquired and which is still valid. In this case, the "status" of the 493 Trigger Status Resource MUST be "processed" or "complete", and the 494 Trigger Status Resource MUST be added to the dCDN's collection of 495 Complete Trigger Status Resources. 497 Once created, Trigger Status Resources can be cancelled or deleted by 498 the uCDN, but not modified. The dCDN MUST reject PUT and POST 499 requests from the uCDN to Trigger Status Resources by responding with 500 an appropriate HTTP status code, for example 405 "Method Not 501 Allowed". 503 4.2. Checking Status 505 The uCDN has two ways to check progress of CI/T Commands it has 506 issued to the dCDN, described in sections Section 4.2.1 and 507 Section 4.2.2. 509 To allow the uCDN to check for change in status of a Trigger Status 510 Resource or collection of Trigger Status Resources without re- 511 fetching the whole Resource or Collection, the dCDN SHOULD include 512 Entity Tags for the uCDN to use as cache validators, as defined in 513 [RFC7232]. 515 The dCDN SHOULD use the cache control headers for responses to GETs 516 for Trigger Status Resources and Collections to indicate the 517 frequency at which it recommends the uCDN should poll for change. 519 4.2.1. Polling Trigger Status Resource collections 521 The uCDN can fetch the collection of its Trigger Status Resources, or 522 filtered views of that collection. 524 This makes it possible to poll status of all CI/T Trigger Commands in 525 a single request. If the dCDN moves a Trigger Status Resource from 526 the Active to the Completed collection, the uCDN can fetch the result 527 of that activity. 529 When polling in this way, the uCDN SHOULD use HTTP Entity Tags to 530 monitor for change, rather than repeatedly fetching the whole 531 collection. An example of this is given in section Section 6.2.4. 533 4.2.2. Polling Trigger Status Resources 535 The uCDN has a URI provided by the dCDN for each Trigger Status 536 Resource it has created, it may fetch that Trigger Status Resource at 537 any time. 539 This can be used to retrieve progress information, and to fetch the 540 result of the CI/T Command. 542 When polling in this way, the uCDN SHOULD use HTTP Entity Tags to 543 monitor for change, rather than repeatedly fetching the Trigger 544 Status Resource. 546 4.3. Cancelling Triggers 548 The uCDN can request cancellation of a CI/T Trigger Command by 549 POSTing a CI/T Cancel Command to the collection of all Trigger Status 550 Resources. 552 The dCDN is required to accept and respond to the CI/T Cancel 553 Command, but the actual cancellation of a CI/T Trigger Command is 554 optional-to-implement. 556 The dCDN MUST respond to the CI/T Cancel Command appropriately, for 557 example with HTTP status code 200 "OK" if the cancellation has been 558 processed and the CI/T Command is inactive, 202 "Accepted" if the 559 command has been accepted but the CI/T Command remains active, or 501 560 "Not Implemented" if cancellation is not supported by the dCDN. 562 If cancellation of a "pending" Trigger Status Resource is accepted by 563 the dCDN, the dCDN SHOULD NOT start processing of that activity. 564 Issuing a CT/T Cancel Command for a "pending" Trigger Status Resource 565 does not however guarantee that the corresponding activity will not 566 be started, because the uCDN cannot control the timing of that 567 activity. Processing could, for example, start after the POST is 568 sent by the uCDN but before that request is processed by the dCDN. 570 If cancellation of an "active" or "processed" Trigger Status Resource 571 is accepted by the dCDN, the dCDN SHOULD stop processing the CI/T 572 Command. However, as with cancellation of a "pending" CI/T Command, 573 the dCDN does not guarantee this. 575 If the CI/T Command cannot be stopped immediately, the status in the 576 corresponding Trigger Status Resource MUST be set to "cancelling", 577 and the Trigger Status Resource MUST remain in the collection of 578 Trigger Status Resources for active CI/T Commands. If processing is 579 stopped before normal completion, the status value in the Trigger 580 Status Resource MUST be set to "cancelled", and the Trigger Status 581 Resource MUST be included in the collection of failed CT/T Trigger 582 Commands. 584 Cancellation of a "complete" or "failed" Trigger Status Resource 585 requires no processing in the dCDN. Its status MUST NOT be changed 586 to "cancelled". 588 4.4. Deleting Triggers 590 The uCDN can delete Trigger Status Resources at any time, using the 591 HTTP DELETE method. The effect is similar to cancellation, but no 592 Trigger Status Resource remains afterwards. 594 Once deleted, the references to a Trigger Status Resource MUST be 595 removed from all Trigger Status Resource collections. Subsequent 596 requests to GET the deleted Trigger Status Resource SHOULD be 597 rejected by the dCDN with an HTTP error. 599 If a "pending" Trigger Status Resource is deleted, the dCDN SHOULD 600 NOT start processing of that activity. Deleting a "pending" Trigger 601 Status Resource does not however guarantee that it has not started 602 because the uCDN cannot control the timing of that activity. 603 Processing may, for example, start after the DELETE is sent by the 604 uCDN but before that request is processed by the dCDN. 606 If an "active" or "processed" Trigger Status Resource is deleted, the 607 dCDN SHOULD stop processing the CI/T Command. However, as with 608 deletion of a "pending" Trigger Status Resource, the dCDN does not 609 guarantee this. 611 Deletion of a "complete" or "failed" Trigger Status Resource requires 612 no processing in the dCDN other than deletion of the Trigger Status 613 Resource. 615 4.5. Expiry of Trigger Status Resources 617 The dCDN can choose to automatically delete Trigger Status Resources 618 some time after they become "complete", "processed", "failed" or 619 "cancelled". In this case, the dCDN will remove the Trigger Status 620 Resource and respond to subsequent requests for it with an HTTP 621 error. 623 If the dCDN does remove Trigger Status Resources automatically, it 624 MUST report the length of time after which it will do so, using a 625 property of the collection of all Trigger Status Resources. It is 626 RECOMMENDED that Trigger Status Resources are not automatically 627 deleted by the dCDN for at least 24 hours after they become 628 "complete", "processed", "failed" or "cancelled". 630 To ensure it is able to get the status of its Trigger Status 631 Resources for completed and failed CI/T Commands, it is RECOMMENDED 632 that the uCDN polling interval is less than the time after which 633 records for completed activity will be deleted. 635 4.6. Loop Detection and Prevention 637 Given three CDNs, A, B and C, if CDNs B and C delegate delivery of 638 CDN A's content to each other, CDN A's CI/T Commands could be passed 639 between CDNs B and C in a loop. More complex networks of CDNs could 640 contain similar loops involving more hops. 642 In order to prevent and detect such CI/T loops, each CDN uses a CDN 643 Provider ID to uniquely identify itself. In every CI/T Command it 644 originates or cascades, each CDN MUST append an array element 645 containing its CDN Provider ID to a JSON array under an entry named 646 "cdn-path". When receiving CI/T Commands a dCDN MUST check the cdn- 647 path and reject any CI/T Command which already contains its own CDN 648 Provider ID in the cdn-path. Transit CDNs MUST check the cdn-path 649 and not cascade the CI/T Command to dCDNs that are already listed in 650 cdn-path. 652 The CDN Provider Id consists of the two characters "AS" followed by 653 the CDN Provider's Autonomous System number, then a colon (':') and 654 an additional qualifier that is used to guarantee uniqueness in case 655 a particular AS has multiple independent CDNs deployed. For example 656 "AS64496:0". 658 If the CDN provider has multiple Autonomous Systems, the same AS 659 number SHOULD be used in all messages from that CDN provider, unless 660 there are multiple distinct CDNs. 662 If the RI interface described in [I-D.ietf-cdni-redirection] is 663 implemented by the dCDN, the CI/T and RI interfaces SHOULD use the 664 same CDN Provider Id. 666 4.7. Error Handling 668 A dCDN can signal rejection of a CI/T Command using HTTP status 669 codes. For example, 400 if the request is malformed, or 403 or 404 670 if the uCDN does not have permission to issue CI/T Commands or it is 671 trying to act on another CDN's data. 673 If any part of the CI/T Trigger Command fails, the trigger SHOULD be 674 reported as "failed" once its activity is complete or if no further 675 errors will be reported. The "errors" property in the Trigger Status 676 Resource will be used to enumerate which actions failed and the 677 reasons for failure, and can be present while the Trigger Status 678 Resource is still "pending" or "active", if the CI/T Trigger Command 679 is still running for some URLs or Patterns in the Trigger 680 Specification. 682 Once a request has been accepted, processing errors are reported in 683 the Trigger Status Resource using a list of Error Descriptions. Each 684 Error Description is used to report errors against one or more of the 685 URLs or Patterns in the Trigger Specification. 687 If a surrogate affected by a CI/T Trigger Command is offline in the 688 dCDN, or the dCDN is unable to pass a CI/T Command on to any of its 689 cascaded dCDNs: 691 o If the CI/T Command is abandoned by the dCDN, the dCDN SHOULD 692 report an error. 694 o A CI/T "invalidate" command may be reported as "complete" when 695 surrogates that may have the data are offline. In this case, 696 surrogates MUST NOT use the affected data without first 697 revalidating it when they are back online. 699 o CI/T "preposition" and "purge" commands can be reported as 700 "processed" if affected caches are offline and the activity will 701 complete when they return to service. 703 o Otherwise, the dCDN SHOULD keep the Trigger Status Resource in 704 state "pending" or "active" until the CI/T Command is acted upon, 705 or the uCDN chooses to cancel it. 707 4.8. Content URLs 709 If content URLs are transformed by an intermediate CDN in a cascade, 710 that intermediate CDN MUST similarly transform URLs in CI/T Commands 711 it passes to its dCDN. 713 When processing Trigger Specifications, CDNs MUST ignore the URL 714 scheme (http or https) in comparing URLs. For example, for a CI/T 715 invalidate or purge command, content MUST be invalidated or purged 716 regardless of the protocol clients use to request it. 718 5. CI/T Object Properties and Encoding 720 CI/T Commands, Trigger Status Resources and Trigger Collections and 721 their properties are encoded using JSON, as defined in sections 722 Section 5.1.1, Section 5.2.1, and Section 5.1.2. They MUST use the 723 MIME Media Type 'application/cdni', with parameter 'ptype' values as 724 defined below and in Section 7.1. 726 Names in JSON are case sensitive. The names and literal values 727 specified in the present document MUST always use lower-case. 729 JSON types, including 'object', 'array', 'number' and 'string' are 730 defined in [RFC7159]. 732 Unrecognised name/value pairs in JSON objects SHOULD NOT be treated 733 as an error by either the uCDN or dCDN. They SHOULD be ignored in 734 the processing, and passed on by dCDN to any further dCDNs in a 735 cascade. 737 5.1. CI/T Objects 739 The top-level objects defined by the CI/T interface are described in 740 this section. 742 The encoding of values used by these objects is described in 743 Section 5.2. 745 5.1.1. CI/T Commands 747 CI/T Commands MUST use a MIME Media Type of 'application/cdni; 748 ptype=ci-trigger-command'. 750 A CI/T Command is encoded as a JSON object containing the following 751 name/value pairs. 753 Name: trigger 755 Description: A specification of the trigger type, and a set of 756 data to act upon. 758 Value: A Trigger Specification, as defined in Section 5.2.1. 760 Mandatory: No, but exactly one of "trigger" or "cancel" MUST be 761 present in a CI/T Command. 763 Name: cancel 764 Description: The URLs of Trigger Status Resources for CI/T 765 Trigger Commands that the uCDN wants to cancel. 767 Value: A non-empty JSON array of URLs represented as JSON 768 strings. 770 Mandatory: No, but exactly one of "trigger" or "cancel" MUST be 771 present in a CI/T Command. 773 Name: cdn-path 775 Description: The CDN Provider Identifiers of CDNs that have 776 already issued the CI/T Command to their dCDNs. 778 Value: A non-empty JSON array of JSON strings, where each 779 string is a CDN Provider Identifier as defined in Section 4.6. 781 Mandatory: Yes. 783 5.1.2. Trigger Status Resource 785 Trigger Status Resources MUST use a MIME Media Type of 'application/ 786 cdni; ptype=ci-trigger-status'. 788 A Trigger Status Resource is encoded as a JSON object containing the 789 following name/value pairs. 791 Name: trigger 793 Description: The Trigger Specification posted in the body of 794 the CI/T Command. Note that this need not be a byte-for-byte 795 copy. For example, in the JSON representation the dCDN may re- 796 serialise the information differently. 798 Value: A Trigger Specification, as defined in Section 5.2.1. 800 Mandatory: Yes 802 Name: ctime 804 Description: Time at which the CI/T Command was received by the 805 dCDN. Time is determined by the dCDN, there is no requirement 806 to synchronise clocks between interconnected CDNs. 808 Value: Absolute Time, as defined in Section 5.2.5. 810 Mandatory: Yes 812 Name: mtime 814 Description: Time at which the Trigger Status Resource was last 815 modified. Time is determined by the dCDN, there is no 816 requirement to synchronise clocks between interconnected CDNs. 818 Value: Absolute Time, as defined in Section 5.2.5. 820 Mandatory: Yes 822 Name: etime 824 Description: Estimate of the time at which the dCDN expects to 825 complete the activity. Time is determined by the dCDN, there 826 is no requirement to synchronise clocks between interconnected 827 CDNs. 829 Value: Absolute Time, as defined in Section 5.2.5. 831 Mandatory: No 833 Name: status 835 Description: Current status of the triggered activity. 837 Value: Trigger Status, as defined in Section 5.2.3. 839 Mandatory: Yes 841 Name: errors 843 Description: Descriptions of errors that have occurred while 844 processing a Trigger Command. 846 Value: An array of Error Description, as defined in 847 Section 5.2.6. An empty array is allowed, and equivalent to 848 omitting "errors" from the object. 850 Mandatory: No. 852 5.1.3. Trigger Collection 854 Trigger Collections MUST use a MIME Media Type of 'application/cdni; 855 ptype=ci-trigger-collection'. 857 A Trigger Collection is encoded as a JSON object containing the 858 following name/value pairs. 860 Name: triggers 862 Description: Links to Trigger Status Resources in the 863 collection. 865 Value: A JSON array of zero or more URLs, represented as JSON 866 strings. 868 Mandatory: Yes 870 Name: staleresourcetime 872 Description: The length of time for which the dCDN guarantees 873 to keep a completed Trigger Status Resource. After this time, 874 the dCDN SHOULD delete the Trigger Status Resource and all 875 references to it from collections. 877 Value: A JSON number, which must be a positive integer, 878 representing time in seconds. 880 Mandatory: Yes, in the collection of all Trigger Status 881 Resources if the dCDN deletes stale entries. If the property 882 is present in the filtered collections, it MUST have the same 883 value as in the collection of all Trigger Status Resources. 885 Names: coll-all, coll-pending, coll-active, coll-complete, coll- 886 failed 888 Description: Link to a Trigger Collection. 890 Value: A URL represented as a JSON string. 892 Mandatory: Links to all of the filtered collections are 893 mandatory in the collection of all Trigger Status Resources, if 894 the dCDN implements the filtered collections. Otherwise, 895 optional. 897 Name: cdn-id 899 Description: The CDN Provider Identifier of the dCDN. 901 Value: A JSON string, the dCDN's CDN Provider Identifier, as 902 defined in Section 4.6. 904 Mandatory: Only in the collection of all Trigger Status 905 Resources, if the dCDN implements the filtered collections. 906 Optional in the filtered collections (the uCDN can always find 907 the dCDN's cdn-id in the collection of all Trigger Status 908 Resources, but the dCDN can choose to repeat that information 909 in its implementation of filtered collections). 911 5.2. Properties of CI/T Objects 913 This section defines the values that can appear in the top level 914 objects described in Section 5.1, and their encodings. 916 5.2.1. Trigger Specification 918 A Trigger Collection is encoded as a JSON object containing the 919 following name/value pairs. 921 An unrecognised name/value pair in the Trigger Specification object 922 contained in a CI/T Command SHOULD be preserved in the Trigger 923 Specification of any Trigger Status Resource it creates. 925 Name: type 927 Description: This property defines the type of the CI/T Trigger 928 Command. 930 Value: Trigger Type, as defined in Section 5.2.2. 932 Mandatory: Yes 934 Name: metadata.urls 936 Description: The uCDN URLs of the metadata the CI/T Trigger 937 Command applies to. 939 Value: A JSON array of URLs represented as JSON strings. 941 Mandatory: No, but at least one of 'metadata.*' or 'content.*' 942 MUST be present and non-empty. 944 Name: content.urls 946 Description: URLs of content the CI/T Trigger Command applies 947 to, see Section 4.8. 949 Value: A JSON array of URLs represented as JSON strings. 951 Mandatory: No, but at least one of 'metadata.*' or 'content.*' 952 MUST be present and non-empty. 954 Name: content.ccid 955 Description: The Content Collection Identifier of content the 956 trigger applies to. The 'ccid' is a grouping of content, as 957 defined by [I-D.ietf-cdni-metadata]. 959 Value: A JSON array of strings, where each string is a Content 960 Collection Identifier. 962 Mandatory: No, but at least one of 'metadata.*' or 'content.*' 963 MUST be present and non-empty. 965 Name: metadata.patterns 967 Description: The metadata the trigger applies to. 969 Value: A JSON array of Pattern Match, as defined in 970 Section 5.2.4. 972 Mandatory: No, but at least one of 'metadata.*' or 'content.*' 973 MUST be present and non-empty, and metadata.patterns MUST NOT 974 be present if the TriggerType is Preposition. 976 Name: content.patterns 978 Description: The content data the trigger applies to. 980 Value: A JSON array of Pattern Match, as defined in 981 Section 5.2.4. 983 Mandatory: No, but at least one of 'metadata.*' or 'content.*' 984 MUST be present and non-empty, and content.patterns MUST NOT be 985 present if the TriggerType is Preposition. 987 5.2.2. Trigger Type 989 Trigger Type is used in a Trigger Specification to describe trigger 990 action. It MUST be one of the JSON strings in the following table: 992 +-------------+-----------------------------------------------------+ 993 | JSON String | Description | 994 +-------------+-----------------------------------------------------+ 995 | preposition | A request for the dCDN to acquire metadata or | 996 | | content. | 997 | invalidate | A request for the dCDN to invalidate metadata or | 998 | | content. After servicing this request the dCDN will | 999 | | not use the specified data without first re- | 1000 | | validating it using, for example, an "If-None- | 1001 | | Match" HTTP request. The dCDN need not erase the | 1002 | | associated data. | 1003 | purge | A request for the dCDN to erase metadata or | 1004 | | content. After servicing the request, the specified | 1005 | | data MUST NOT be held on the dCDN (the dCDN should | 1006 | | re-acquire the metadata or content from uCDN if it | 1007 | | needs it). | 1008 +-------------+-----------------------------------------------------+ 1010 5.2.3. Trigger Status 1012 This describes the current status of a Trigger. It MUST be one of 1013 the JSON strings in the following table: 1015 +------------+------------------------------------------------------+ 1016 | JSON | Description | 1017 | String | | 1018 +------------+------------------------------------------------------+ 1019 | pending | The CI/T Trigger Command has not yet been acted | 1020 | | upon. | 1021 | active | The CI/T Trigger Command is currently being acted | 1022 | | upon. | 1023 | complete | The CI/T Trigger Command completed successfully. | 1024 | processed | The CI/T Trigger Command has been accepted and no | 1025 | | further status update will be made (can be used in | 1026 | | cases where completion cannot be confirmed). | 1027 | failed | The CI/T Trigger Command could not be completed. | 1028 | cancelling | Processing of the CI/T Trigger Command is still in | 1029 | | progress, but the CI/T Trigger Command has been | 1030 | | cancelled by the uCDN. | 1031 | cancelled | The CI/T Trigger Command was cancelled by the uCDN. | 1032 +------------+------------------------------------------------------+ 1034 5.2.4. PatternMatch 1036 A Pattern Match consists of a string pattern to match against a URI, 1037 and flags describing the type of match. 1039 It is encoded as a JSON object with the following name/value pairs: 1041 Name: pattern 1043 Description: A pattern for URI matching. 1045 Value: A JSON string representing the pattern. The pattern may 1046 contain the wildcards * and ?, where * matches any sequence of 1047 characters (including the empty string) and ? matches exactly 1048 one character. The three literals "\" , "*" and "?" MUST be 1049 escaped as "\\", "\*" and "\?". 1051 Mandatory: Yes. 1053 Name: case-sensitive 1055 Description: Flag indicating whether or not case-sensitive 1056 matching should be used. 1058 Value: One of the JSON values 'true' (the matching is case- 1059 sensitive) or 'false' (the matching is case-insensitive). 1061 Mandatory: No, default is case-insensitive match. 1063 Name: match-query-string 1065 Description: Flag indicating whether or not the query part of 1066 the URI should be included in the pattern match. 1068 Value: One of the JSON values 'true' (the full URI including 1069 the query part should be compared against the given pattern), 1070 or 'false' (the query part of the URI should be dropped before 1071 comparison with the given pattern). 1073 Mandatory: No, default is 'false', the query part of the URI 1074 should be dropped before comparison with the given pattern. 1076 Example of case-sensitive prefix match against 1077 "https://www.example.com/trailers/": 1079 { 1080 "pattern": "https://www.example.com/trailers/*", 1081 "case-sensitive": true 1082 } 1084 5.2.5. Absolute Time 1086 A JSON number, seconds since the UNIX epoch, 00:00:00 UTC on 1 1087 January 1970. 1089 5.2.6. Error Description 1091 An Error Description is used to report failure of a CI/T Command, or 1092 in the activity it triggered. It is encoded as a JSON object with 1093 the following name/value pairs: 1095 Name: error 1097 Value: Error Code, as defined in Section 5.2.7. 1099 Mandatory: Yes. 1101 Names: metadata.urls, content.urls, metadata.patterns, 1102 content.patterns 1104 Description: Metadata and content references copied from the 1105 Trigger Specification. Only those URLs and patterns to which 1106 the error applies are included in each property, but those URLs 1107 and patterns MUST be exactly as they appear in the request, the 1108 dCDN MUST NOT generalise the URLs. (For example, if the uCDN 1109 requests prepositioning of URLs "https://content.example.com/a" 1110 and "https://content.example.com/b", the dCDN must not 1111 generalise its error report to Pattern 1112 "https://content.example.com/*".) 1114 Value: A JSON array of JSON strings, where each string is 1115 copied from a 'content.*' or 'metadata.*' value in the 1116 corresponding Trigger Specification. 1118 Mandatory: At least one of these name/value pairs is mandatory 1119 in each Error Description object. 1121 Name: description 1123 Description: A human-readable description of the error. 1125 Value: A JSON string, the human-readable description. 1127 Mandatory: No. 1129 5.2.7. Error Code 1131 This type is used by the dCDN to report failures in trigger 1132 processing. 1134 +------------+------------------------------------------------------+ 1135 | Error Code | Description | 1136 +------------+------------------------------------------------------+ 1137 | emeta | The dCDN was unable to acquire metadata required to | 1138 | | fulfil the request. | 1139 | econtent | The dCDN was unable to acquire content (CT/T | 1140 | | preposition commands only). | 1141 | eperm | The uCDN does not have permission to issue the CI/T | 1142 | | Command (for example, the data is owned by another | 1143 | | CDN). | 1144 | ereject | The dCDN is not willing to fulfil the CI/T Command | 1145 | | (for example, a preposition request for content at a | 1146 | | time when the dCDN would not accept Request Routing | 1147 | | requests from the uCDN). | 1148 | ecdn | An internal error in the dCDN or one of its | 1149 | | downstream CDNs. | 1150 | ecancelled | The uCDN cancelled the request. | 1151 +------------+------------------------------------------------------+ 1153 6. Examples 1155 The following sections provide examples of different CI/T objects 1156 encoded as JSON. 1158 Discovery of the triggers interface is out of scope of this document. 1159 In an implementation, all CI/T URLs are under the control of the 1160 dCDN. The uCDN MUST NOT attempt to ascribe any meaning to individual 1161 elements of the path. 1163 In examples in this section, the URL 'https://dcdn.example.com/ 1164 triggers' is used as the location of the collection of all Trigger 1165 Status Resources, and the CDN Provider Id of uCDN is "AS64496:1". 1167 6.1. Creating Triggers 1169 Examples of the uCDN triggering activity in the dCDN: 1171 6.1.1. Preposition 1173 An example of a CI/T preposition command, a POST to the collection of 1174 all Trigger Status Resources. 1176 Note that "metadata.patterns" and "content.patterns" are not allowed 1177 in a preposition Trigger Specification. 1179 REQUEST: 1181 POST /triggers HTTP/1.1 1182 User-Agent: example-user-agent/0.1 1183 Host: dcdn.example.com 1184 Accept: */* 1185 Content-Type: application/cdni; ptype=ci-trigger-command 1186 Content-Length: 352 1188 { 1189 "trigger" : { 1190 "type": "preposition", 1192 "metadata.urls" : [ "https://metadata.example.com/a/b/c" ], 1193 "content.urls" : [ 1194 "https://www.example.com/a/b/c/1", 1195 "https://www.example.com/a/b/c/2", 1196 "https://www.example.com/a/b/c/3", 1197 "https://www.example.com/a/b/c/4" 1198 ] 1199 }, 1200 "cdn-path" : [ "AS64496:1" ] 1201 } 1203 RESPONSE: 1205 HTTP/1.1 201 Created 1206 Date: Thu, 17 Mar 2016 18:56:38 GMT 1207 Content-Length: 467 1208 Content-Type: application/cdni; ptype=ci-trigger-status 1209 Location: https://dcdn.example.com/triggers/0 1210 Server: example-server/0.1 1212 { 1213 "ctime": 1458240998, 1214 "etime": 1458241006, 1215 "mtime": 1458240998, 1216 "status": "pending", 1217 "trigger": { 1218 "content.urls": [ 1219 "https://www.example.com/a/b/c/1", 1220 "https://www.example.com/a/b/c/2", 1221 "https://www.example.com/a/b/c/3", 1222 "https://www.example.com/a/b/c/4" 1223 ], 1224 "metadata.urls": [ 1225 "https://metadata.example.com/a/b/c" 1226 ], 1227 "type": "preposition" 1228 } 1229 } 1231 6.1.2. Invalidate 1233 An example of a CI/T invalidate command, another POST to the 1234 collection of all Trigger Status Resources. This instructs the dCDN 1235 to re-validate the content at "https://www.example.com/a/index.html", 1236 as well as any metadata and content whose URLs are prefixed by 1237 "https://metadata.example.com/a/b/" using case-insensitive matching, 1238 and "https://www.example.com/a/b/" respectively, using case-sensitive 1239 matching. 1241 REQUEST: 1243 POST /triggers HTTP/1.1 1244 User-Agent: example-user-agent/0.1 1245 Host: dcdn.example.com 1246 Accept: */* 1247 Content-Type: application/cdni; ptype=ci-trigger-command 1248 Content-Length: 387 1250 { 1251 "trigger" : { 1252 "type": "invalidate", 1254 "metadata.patterns" : [ 1255 { "pattern" : "https://metadata.example.com/a/b/*" } 1256 ], 1258 "content.urls" : [ "https://www.example.com/a/index.html" ], 1259 "content.patterns" : [ 1260 { "pattern" : "https://www.example.com/a/b/*", 1261 "case-sensitive" : true 1262 } 1263 ] 1264 }, 1265 "cdn-path" : [ "AS64496:1" ] 1266 } 1268 RESPONSE: 1270 HTTP/1.1 201 Created 1271 Date: Thu, 17 Mar 2016 18:56:39 GMT 1272 Content-Length: 545 1273 Content-Type: application/cdni; ptype=ci-trigger-status 1274 Location: https://dcdn.example.com/triggers/1 1275 Server: example-server/0.1 1277 { 1278 "ctime": 1458240999, 1279 "etime": 1458241007, 1280 "mtime": 1458240999, 1281 "status": "pending", 1282 "trigger": { 1283 "content.patterns": [ 1284 { 1285 "case-sensitive": true, 1286 "pattern": "https://www.example.com/a/b/*" 1287 } 1288 ], 1289 "content.urls": [ 1290 "https://www.example.com/a/index.html" 1291 ], 1292 "metadata.patterns": [ 1293 { 1294 "pattern": "https://metadata.example.com/a/b/*" 1295 } 1296 ], 1297 "type": "invalidate" 1298 } 1299 } 1301 6.2. Examining Trigger Status 1303 Once Trigger Status Resources have been created, the uCDN can check 1304 their status as shown in these examples. 1306 6.2.1. Collection of All Triggers 1308 The uCDN can fetch the collection of all Trigger Status Resources it 1309 has created that have not yet been deleted or removed as expired. 1310 After creation of the "preposition" and "invalidate" triggers shown 1311 above, this collection might look as follows: 1313 REQUEST: 1315 GET /triggers HTTP/1.1 1316 User-Agent: example-user-agent/0.1 1317 Host: dcdn.example.com 1318 Accept: */* 1320 RESPONSE: 1322 HTTP/1.1 200 OK 1323 Content-Length: 341 1324 Expires: Thu, 17 Mar 2016 18:57:39 GMT 1325 Server: example-server/0.1 1326 ETag: "-936094426920308378" 1327 Cache-Control: max-age=60 1328 Date: Thu, 17 Mar 2016 18:56:39 GMT 1329 Content-Type: application/cdni; ptype=ci-trigger-collection 1331 { 1332 "cdn-id": "AS64496:0", 1333 "coll-active": "/triggers/active", 1334 "coll-complete": "/triggers/complete", 1335 "coll-failed": "/triggers/failed", 1336 "coll-pending": "/triggers/pending", 1337 "staleresourcetime": 86400, 1338 "triggers": [ 1339 "https://dcdn.example.com/triggers/0", 1340 "https://dcdn.example.com/triggers/1" 1341 ] 1342 } 1344 6.2.2. Filtered Collections of Trigger Status Resources 1346 The filtered collections are also available to the uCDN. Before the 1347 dCDN starts processing the two CI/T Trigger Commands shown above, 1348 both will appear in the collection of Pending Triggers, for example: 1350 REQUEST: 1352 GET /triggers/pending HTTP/1.1 1353 User-Agent: example-user-agent/0.1 1354 Host: dcdn.example.com 1355 Accept: */* 1357 RESPONSE: 1359 HTTP/1.1 200 OK 1360 Content-Length: 152 1361 Expires: Thu, 17 Mar 2016 18:57:39 GMT 1362 Server: example-server/0.1 1363 ETag: "4331492443626270781" 1364 Cache-Control: max-age=60 1365 Date: Thu, 17 Mar 2016 18:56:39 GMT 1366 Content-Type: application/cdni; ptype=ci-trigger-collection 1368 { 1369 "staleresourcetime": 86400, 1370 "triggers": [ 1371 "https://dcdn.example.com/triggers/0", 1372 "https://dcdn.example.com/triggers/1" 1373 ] 1374 } 1376 At this point, if no other Trigger Status Resources had been created, 1377 the other filtered views would be empty. For example: 1379 REQUEST: 1381 GET /triggers/complete HTTP/1.1 1382 User-Agent: example-user-agent/0.1 1383 Host: dcdn.example.com 1384 Accept: */* 1386 RESPONSE: 1388 HTTP/1.1 200 OK 1389 Content-Length: 54 1390 Expires: Thu, 17 Mar 2016 18:57:39 GMT 1391 Server: example-server/0.1 1392 ETag: "7958041393922269003" 1393 Cache-Control: max-age=60 1394 Date: Thu, 17 Mar 2016 18:56:39 GMT 1395 Content-Type: application/cdni; ptype=ci-trigger-collection 1397 { 1398 "staleresourcetime": 86400, 1399 "triggers": [] 1400 } 1402 6.2.3. Individual Trigger Status Resources 1404 The Trigger Status Resources can also be examined for detail about 1405 individual CI/T Trigger Commands. For example, for the CI/T 1406 "preposition" and "invalidate" commands from previous examples: 1408 REQUEST: 1410 GET /triggers/0 HTTP/1.1 1411 User-Agent: example-user-agent/0.1 1412 Host: dcdn.example.com 1413 Accept: */* 1415 RESPONSE: 1417 HTTP/1.1 200 OK 1418 Content-Length: 467 1419 Expires: Thu, 17 Mar 2016 18:57:38 GMT 1420 Server: example-server/0.1 1421 ETag: "-4577812884843999747" 1422 Cache-Control: max-age=60 1423 Date: Thu, 17 Mar 2016 18:56:38 GMT 1424 Content-Type: application/cdni; ptype=ci-trigger-status 1426 { 1427 "ctime": 1458240998, 1428 "etime": 1458241006, 1429 "mtime": 1458240998, 1430 "status": "pending", 1431 "trigger": { 1432 "content.urls": [ 1433 "https://www.example.com/a/b/c/1", 1434 "https://www.example.com/a/b/c/2", 1435 "https://www.example.com/a/b/c/3", 1436 "https://www.example.com/a/b/c/4" 1437 ], 1438 "metadata.urls": [ 1439 "https://metadata.example.com/a/b/c" 1440 ], 1441 "type": "preposition" 1442 } 1443 } 1445 REQUEST: 1447 GET /triggers/1 HTTP/1.1 1448 User-Agent: example-user-agent/0.1 1449 Host: dcdn.example.com 1450 Accept: */* 1452 RESPONSE: 1454 HTTP/1.1 200 OK 1455 Content-Length: 545 1456 Expires: Thu, 17 Mar 2016 18:57:39 GMT 1457 Server: example-server/0.1 1458 ETag: "7076408296782046945" 1459 Cache-Control: max-age=60 1460 Date: Thu, 17 Mar 2016 18:56:39 GMT 1461 Content-Type: application/cdni; ptype=ci-trigger-status 1463 { 1464 "ctime": 1458240999, 1465 "etime": 1458241007, 1466 "mtime": 1458240999, 1467 "status": "pending", 1468 "trigger": { 1469 "content.patterns": [ 1470 { 1471 "case-sensitive": true, 1472 "pattern": "https://www.example.com/a/b/*" 1473 } 1474 ], 1475 "content.urls": [ 1476 "https://www.example.com/a/index.html" 1477 ], 1478 "metadata.patterns": [ 1479 { 1480 "pattern": "https://metadata.example.com/a/b/*" 1481 } 1482 ], 1483 "type": "invalidate" 1484 } 1485 } 1487 6.2.4. Polling for Change 1489 The uCDN SHOULD use the Entity Tags of collections or Trigger Status 1490 Resources when polling for change in status, as shown in the 1491 following examples: 1493 REQUEST: 1495 GET /triggers/pending HTTP/1.1 1496 User-Agent: example-user-agent/0.1 1497 Host: dcdn.example.com 1498 Accept: */* 1499 If-None-Match: "4331492443626270781" 1501 RESPONSE: 1503 HTTP/1.1 304 Not Modified 1504 Content-Length: 0 1505 Expires: Thu, 17 Mar 2016 18:57:39 GMT 1506 Server: example-server/0.1 1507 ETag: "4331492443626270781" 1508 Cache-Control: max-age=60 1509 Date: Thu, 17 Mar 2016 18:56:39 GMT 1510 Content-Type: application/cdni; ptype=ci-trigger-collection 1512 REQUEST: 1514 GET /triggers/0 HTTP/1.1 1515 User-Agent: example-user-agent/0.1 1516 Host: dcdn.example.com 1517 Accept: */* 1518 If-None-Match: "-4577812884843999747" 1520 RESPONSE: 1522 HTTP/1.1 304 Not Modified 1523 Content-Length: 0 1524 Expires: Thu, 17 Mar 2016 18:57:38 GMT 1525 Server: example-server/0.1 1526 ETag: "-4577812884843999747" 1527 Cache-Control: max-age=60 1528 Date: Thu, 17 Mar 2016 18:56:38 GMT 1529 Content-Type: application/cdni; ptype=ci-trigger-status 1531 When the CI/T Trigger Command is complete, the contents of the 1532 filtered collections will be updated along with their Entity Tags. 1533 For example, when the two example CI/T Trigger Commands are complete, 1534 the collections of pending and complete Trigger Status Resources 1535 might look like: 1537 REQUEST: 1539 GET /triggers/complete HTTP/1.1 1540 User-Agent: example-user-agent/0.1 1541 Host: dcdn.example.com 1542 Accept: */* 1544 RESPONSE: 1546 HTTP/1.1 200 OK 1547 Content-Length: 54 1548 Expires: Thu, 17 Mar 2016 18:57:39 GMT 1549 Server: example-server/0.1 1550 ETag: "7958041393922269003" 1551 Cache-Control: max-age=60 1552 Date: Thu, 17 Mar 2016 18:56:39 GMT 1553 Content-Type: application/cdni; ptype=ci-trigger-collection 1555 { 1556 "staleresourcetime": 86400, 1557 "triggers": [] 1558 } 1560 REQUEST: 1562 GET /triggers/complete HTTP/1.1 1563 User-Agent: example-user-agent/0.1 1564 Host: dcdn.example.com 1565 Accept: */* 1567 RESPONSE: 1569 HTTP/1.1 200 OK 1570 Content-Length: 152 1571 Expires: Thu, 17 Mar 2016 18:57:50 GMT 1572 Server: example-server/0.1 1573 ETag: "4481489539378529796" 1574 Cache-Control: max-age=60 1575 Date: Thu, 17 Mar 2016 18:56:50 GMT 1576 Content-Type: application/cdni; ptype=ci-trigger-collection 1578 { 1579 "staleresourcetime": 86400, 1580 "triggers": [ 1581 "https://dcdn.example.com/triggers/0", 1582 "https://dcdn.example.com/triggers/1" 1583 ] 1584 } 1586 6.2.5. Deleting Trigger Status Resources 1588 The uCDN can delete completed and failed Trigger Status Resources to 1589 reduce the size of the collections. For example, to delete the 1590 "preposition" request from earlier examples: 1592 REQUEST: 1594 DELETE /triggers/0 HTTP/1.1 1595 User-Agent: example-user-agent/0.1 1596 Host: dcdn.example.com 1597 Accept: */* 1599 RESPONSE: 1601 HTTP/1.1 204 No Content 1602 Date: Thu, 17 Mar 2016 18:56:50 GMT 1603 Content-Length: 0 1604 Content-Type: text/html; charset=UTF-8 1605 Server: example-server/0.1 1607 This would, for example, cause the collection of completed Trigger 1608 Status Resources shown in the example above to be updated to: 1610 REQUEST: 1612 GET /triggers/complete HTTP/1.1 1613 User-Agent: example-user-agent/0.1 1614 Host: dcdn.example.com 1615 Accept: */* 1617 RESPONSE: 1619 HTTP/1.1 200 OK 1620 Content-Length: 105 1621 Expires: Thu, 17 Mar 2016 18:57:50 GMT 1622 Server: example-server/0.1 1623 ETag: "-6938620031669085677" 1624 Cache-Control: max-age=60 1625 Date: Thu, 17 Mar 2016 18:56:50 GMT 1626 Content-Type: application/cdni; ptype=ci-trigger-collection 1628 { 1629 "staleresourcetime": 86400, 1630 "triggers": [ 1631 "https://dcdn.example.com/triggers/1" 1632 ] 1633 } 1635 6.2.6. Error Reporting 1637 In this example the uCDN has requested prepositioning of 1638 "https://newsite.example.com/index.html", but the dCDN was unable to 1639 locate metadata for that site: 1641 REQUEST: 1643 GET /triggers/2 HTTP/1.1 1644 User-Agent: example-user-agent/0.1 1645 Host: dcdn.example.com 1646 Accept: */* 1648 RESPONSE: 1650 HTTP/1.1 200 OK 1651 Content-Length: 486 1652 Expires: Thu, 17 Mar 2016 18:57:54 GMT 1653 Server: example-server/0.1 1654 ETag: "-1916002386108948179" 1655 Cache-Control: max-age=60 1656 Date: Thu, 17 Mar 2016 18:56:54 GMT 1657 Content-Type: application/cdni; ptype=ci-trigger-status 1659 { 1660 "ctime": 1458241010, 1661 "errors": [ 1662 { 1663 "content.urls": [ 1664 "https://newsite.example.com/index.html" 1665 ], 1666 "description": "newsite.example.com not in HostIndex", 1667 "error": "emeta" 1668 } 1669 ], 1670 "etime": 1458241018, 1671 "mtime": 1458241014, 1672 "status": "active", 1673 "trigger": { 1674 "content.urls": [ 1675 "https://newsite.example.com/index.html" 1676 ], 1677 "type": "preposition" 1678 } 1679 } 1681 7. IANA Considerations 1683 7.1. CDNI Payload Type Parameter Registrations 1685 The IANA is requested to register the following new Payload Types in 1686 the CDNI Payload Type Parameter registry defined by [RFC7736], for 1687 use with the 'application/cdni' MIME media type. 1689 RFC Editor Note: Please replace references to [RFCthis] below with 1690 this document's RFC number before publication. 1692 +-----------------------+---------------+ 1693 | Payload Type | Specification | 1694 +-----------------------+---------------+ 1695 | ci-trigger-command | [RFCthis] | 1696 | ci-trigger-status | [RFCthis] | 1697 | ci-trigger-collection | [RFCthis] | 1698 +-----------------------+---------------+ 1700 8. Security Considerations 1702 The CI/T interface provides a mechanism to allow a uCDN to generate 1703 requests into the dCDN and to inspect its own CI/T requests and their 1704 current state. The CI/T interface does not allow access to or 1705 modification of the uCDN or dCDN metadata relating to content 1706 delivery, or to the content itself. It can only control the presence 1707 of that metadata in the dCDN, and the processing work and network 1708 utilisation involved in ensuring that presence. 1710 By examining pre-positioning requests to a dCDN, and correctly 1711 interpreting content and metadata URLs, an attacker could learn the 1712 uCDN or content owner's predictions for future content popularity. 1713 By examining invalidate or purge requests, an attacker could learn 1714 about changes in the content owner's catalogue. 1716 By injecting CI/T commands an attacker, or a misbehaving uCDN, would 1717 generate work in the dCDN and uCDN as they process those requests. 1718 And so would a man in the middle attacker modifying valid CI/T 1719 commands generated by the uCDN. In both cases, that would decrease 1720 the dCDN caching efficiency by causing it to unnecessarily acquire or 1721 re-acquire content metadata and/or content. 1723 A dCDN implementation of CI/T MUST restrict the actions of a uCDN to 1724 the data corresponding to that uCDN. Failure to do so would allow 1725 uCDNs to detrimentally affect each other's efficiency by generating 1726 unnecessary acquisition or re-acquisition load. 1728 An origin that chooses to delegate its delivery to a CDN is trusting 1729 that CDN to deliver content on its behalf, CDN-interconnection is an 1730 extension of that trust to downstream CDNs. That trust relationship 1731 is a commercial arrangement, outside the scope of the CDNi protocols. 1732 So, while a malicious CDN could deliberately generate load on a dCDN 1733 using the CI/T, the protocol does not otherwise attempt to address 1734 malicious behaviour between interconnected CDNs. 1736 8.1. Authentication, Authorization, Confidentiality, Integrity 1737 Protection 1739 A CI/T implementation MUST support TLS transport for HTTP (https) as 1740 per [RFC2818] and [RFC7230]. 1742 TLS MUST be used by the server-side (dCDN) and the client-side (uCDN) 1743 of the CI/T interface, including authentication of the remote end, 1744 unless alternate methods are used for ensuring the security of the 1745 information in the CI/T interface requests and responses (such as 1746 setting up an IPsec tunnel between the two CDNs or using a physically 1747 secured internal network between two CDNs that are owned by the same 1748 corporate entity). 1750 The use of TLS for transport of the CI/T interface allows: 1752 o The dCDN and the uCDN to authenticate each other using TLS client 1753 auth and TLS server auth. 1755 And, once they have mutually authenticated each other, it allows: 1757 o The dCDN and the uCDN to authorize each other (to ensure they are 1758 receiving CI/T Commands from, or reporting status to, an 1759 authorized CDN). 1761 o CDNI commands and responses to be transmitted with 1762 confidentiality. 1764 o Protection of the integrity of CDNI commands and responses. 1766 When TLS is used, the general TLS usage guidance in [RFC7525] MUST be 1767 followed. 1769 The mechanisms for access control are dCDN-specific, not standardised 1770 as part of this CI/T specification. 1772 HTTP requests that attempt to access or operate on CI/T data 1773 belonging to another CDN MUST be rejected using, for example, HTTP 1774 "403 Forbidden" or "404 Not Found". This is intended to prevent 1775 unauthorised users from generating unnecessary load in dCDN or uCDN 1776 due to revalidation, reacquisition, or unnecessary acquisition. 1778 When deploying a network of interconnected CDNs, the possible 1779 inefficiencies related to the "diamond" configuration discussed in 1780 Section 2.2.1 should be considered. 1782 8.2. Denial of Service 1784 This document does not define a specific mechanism to protect against 1785 Denial of Service (DoS) attacks on the CI/T. However, CI/T endpoints 1786 can be protected against DoS attacks through the use of TLS transport 1787 and/or via mechanisms outside the scope of the CI/T interface, such 1788 as firewalling or use of Virtual Private Networks (VPNs). 1790 Depending on the implementation, triggered activity may consume 1791 significant processing and bandwidth in the dCDN. A malicious or 1792 faulty uCDN could use this to generate unnecessary load in the dCDN. 1793 The dCDN should consider mechanisms to avoid overload, for example by 1794 rate-limiting acceptance or processing of CI/T Commands, or batching 1795 up its processing. 1797 8.3. Privacy 1799 The CI/T protocol does not carry any information about individual End 1800 Users of a CDN, there are no privacy concerns for End Users. 1802 The CI/T protocol does carry information which could be considered 1803 commercially sensitive by CDN operators and content owners. The use 1804 of mutually authenticated TLS to establish a secure session for the 1805 transport of CI/T data, as discussed in Section 8.1, provides 1806 confidentiality while the CI/T data is in transit, and prevents 1807 parties other than the authorised dCDN from gaining access to that 1808 data. The dCDN MUST ensure that it only exposes CI/T data related to 1809 a uCDN to clients it has authenticated as belonging to that uCDN. 1811 9. Acknowledgements 1813 The authors thank Kevin Ma for his input, and Carsten Bormann for his 1814 review and formalization of the JSON data. 1816 10. References 1818 10.1. Normative References 1820 [I-D.ietf-cdni-metadata] 1821 Niven-Jenkins, B., Murray, R., Caulfield, M., and K. Ma, 1822 "CDN Interconnection Metadata", draft-ietf-cdni- 1823 metadata-15 (work in progress), April 2016. 1825 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1826 Requirement Levels", BCP 14, RFC 2119, March 1997. 1828 [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000. 1830 [RFC6707] Niven-Jenkins, B., Le Faucheur, F., and N. Bitar, "Content 1831 Distribution Network Interconnection (CDNI) Problem 1832 Statement", RFC 6707, September 2012. 1834 [RFC7159] Bray, T., "The JavaScript Object Notation (JSON) Data 1835 Interchange Format", RFC 7159, March 2014. 1837 [RFC7230] Fielding, R. and J. Reschke, "Hypertext Transfer Protocol 1838 (HTTP/1.1): Message Syntax and Routing", RFC 7230, June 1839 2014. 1841 [RFC7231] Fielding, R. and J. Reschke, "Hypertext Transfer Protocol 1842 (HTTP/1.1): Semantics and Content", RFC 7231, June 2014. 1844 [RFC7232] Fielding, R. and J. Reschke, "Hypertext Transfer Protocol 1845 (HTTP/1.1): Conditional Requests", RFC 7232, June 2014. 1847 [RFC7525] Sheffer, Y., Holz, R., and P. Saint-Andre, 1848 "Recommendations for Secure Use of Transport Layer 1849 Security (TLS) and Datagram Transport Layer Security 1850 (DTLS)", BCP 195, RFC 7525, May 2015. 1852 10.2. Informative References 1854 [I-D.greevenbosch-appsawg-cbor-cddl] 1855 Vigano, C. and H. Birkholz, "CBOR data definition language 1856 (CDDL): a notational convention to express CBOR data 1857 structures", draft-greevenbosch-appsawg-cbor-cddl-08 (work 1858 in progress), March 2016. 1860 [I-D.ietf-cdni-redirection] 1861 Niven-Jenkins, B. and R. Brandenburg, "Request Routing 1862 Redirection interface for CDN Interconnection", draft- 1863 ietf-cdni-redirection-18 (work in progress), April 2016. 1865 [RFC7336] Peterson, L., Davie, B., and R. van Brandenburg, 1866 "Framework for Content Distribution Network 1867 Interconnection (CDNI)", RFC 7336, August 2014. 1869 [RFC7337] Leung, K. and Y. Lee, "Content Distribution Network 1870 Interconnection (CDNI) Requirements", RFC 7337, August 1871 2014. 1873 [RFC7736] Ma, K., "Content Delivery Network Interconnection (CDNI) 1874 Media Type Registration", RFC 7736, DOI 10.17487/RFC7736, 1875 December 2015, . 1877 Appendix A. Formalization of the JSON Data 1879 This appendix is non-normative. 1881 The JSON data described in this document has been formalised using 1882 CDDL [I-D.greevenbosch-appsawg-cbor-cddl] as follows: 1884 CIT-object = CIT-command / Trigger-Status-Resource / Trigger-Collection 1886 CIT-command ; use media type application/cdni; ptype=ci-trigger-command 1887 = { 1888 ? trigger: Triggerspec 1889 ? cancel: [* URI] 1890 cdn-path: [* Cdn-PID] 1891 } 1893 Trigger-Status-Resource ; application/cdni; ptype=ci-trigger-status 1894 = { 1895 trigger: Triggerspec 1896 ctime: Absolute-Time 1897 mtime: Absolute-Time 1898 ? etime: Absolute-Time 1899 status: Trigger-Status 1900 ? errors: [* Error-Description] 1901 } 1903 Trigger-Collection ; application/cdni; ptype=ci-trigger-collection 1904 = { 1905 triggers: [* URI] 1906 ? staleresourcetime: int ; time in seconds 1907 ? coll-all: URI 1908 ? coll-pending: URI 1909 ? coll-active: URI 1910 ? coll-complete: URI 1911 ? coll-failed: URI 1912 ? cdn-id: Cdn-PID 1913 } 1915 Triggerspec = { ; 5.2.1 1916 type: Trigger-Type 1917 ? metadata.urls: [* URI] 1918 ? content.urls: [* URI] 1919 ? content.ccid: [* Ccid] 1920 ? metadata.patterns: [* Pattern-Match] 1921 ? content.patterns: [* Pattern-Match] 1922 } 1924 Trigger-Type = "preposition" / "invalidate" / "purge" ; 5.2.2 1925 Trigger-Status = "pending" / "active" / "complete" / "processed" 1926 / "failed" / "cancelling" / "cancelled" ; 5.2.3 1928 Pattern-Match = { ; 5.2.4 1929 pattern: tstr 1930 ? case-sensitive: bool 1931 ? match-query-string: bool 1932 } 1934 Absolute-Time = number ; seconds since UNIX epoch, 5.2.5 1936 Error-Description = { ; 5.2.6 1937 error: Error-Code 1938 ? metadata.urls: [* URI] 1939 ? content.urls: [* URI] 1940 ? metadata.patterns: [* Pattern-Match] 1941 ? content.patterns: [* Pattern-Match] 1942 ? description: tstr 1943 } 1945 Error-Code = "emeta" / "econtent" / "eperm" / "ereject" 1946 / "ecdn" / "ecancelled" ; 5.2.7 1948 Ccid = tstr ; see I-D.ietf-cdni-metadata 1950 Cdn-PID = tstr .regexp "AS[0-9]+:[0-9]+" 1952 URI = tstr 1954 Authors' Addresses 1956 Rob Murray 1957 Nokia 1958 3 Ely Road 1959 Milton, Cambridge CB24 6DD 1960 UK 1962 Email: rob.murray@nokia.com 1964 Ben Niven-Jenkins 1965 Nokia 1966 3 Ely Road 1967 Milton, Cambridge CB24 6DD 1968 UK 1970 Email: ben.niven-jenkins@nokia.com