rfc8007v1.txt   rfc8007.txt 
skipping to change at page 2, line 36 skipping to change at page 2, line 36
5. CI/T Object Properties and Encoding . . . . . . . . . . . . . 16 5. CI/T Object Properties and Encoding . . . . . . . . . . . . . 16
5.1. CI/T Objects . . . . . . . . . . . . . . . . . . . . . . 16 5.1. CI/T Objects . . . . . . . . . . . . . . . . . . . . . . 16
5.1.1. CI/T Commands . . . . . . . . . . . . . . . . . . . . 16 5.1.1. CI/T Commands . . . . . . . . . . . . . . . . . . . . 16
5.1.2. Trigger Status Resources . . . . . . . . . . . . . . 17 5.1.2. Trigger Status Resources . . . . . . . . . . . . . . 17
5.1.3. Trigger Collections . . . . . . . . . . . . . . . . . 18 5.1.3. Trigger Collections . . . . . . . . . . . . . . . . . 18
5.2. Properties of CI/T Objects . . . . . . . . . . . . . . . 20 5.2. Properties of CI/T Objects . . . . . . . . . . . . . . . 20
5.2.1. Trigger Specification . . . . . . . . . . . . . . . . 20 5.2.1. Trigger Specification . . . . . . . . . . . . . . . . 20
5.2.2. Trigger Type . . . . . . . . . . . . . . . . . . . . 21 5.2.2. Trigger Type . . . . . . . . . . . . . . . . . . . . 21
5.2.3. Trigger Status . . . . . . . . . . . . . . . . . . . 22 5.2.3. Trigger Status . . . . . . . . . . . . . . . . . . . 22
5.2.4. PatternMatch . . . . . . . . . . . . . . . . . . . . 22 5.2.4. PatternMatch . . . . . . . . . . . . . . . . . . . . 22
5.2.5. Absolute Time . . . . . . . . . . . . . . . . . . . . 23 5.2.5. Absolute Time . . . . . . . . . . . . . . . . . . . . 24
5.2.6. Error Description . . . . . . . . . . . . . . . . . . 24 5.2.6. Error Description . . . . . . . . . . . . . . . . . . 24
5.2.7. Error Code . . . . . . . . . . . . . . . . . . . . . 24 5.2.7. Error Code . . . . . . . . . . . . . . . . . . . . . 25
6. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 25 6. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 25
6.1. Creating Triggers . . . . . . . . . . . . . . . . . . . . 25 6.1. Creating Triggers . . . . . . . . . . . . . . . . . . . . 26
6.1.1. Preposition . . . . . . . . . . . . . . . . . . . . . 25 6.1.1. Preposition . . . . . . . . . . . . . . . . . . . . . 26
6.1.2. Invalidate . . . . . . . . . . . . . . . . . . . . . 27 6.1.2. Invalidate . . . . . . . . . . . . . . . . . . . . . 27
6.2. Examining Trigger Status . . . . . . . . . . . . . . . . 28 6.2. Examining Trigger Status . . . . . . . . . . . . . . . . 28
6.2.1. Collection of All Triggers . . . . . . . . . . . . . 28 6.2.1. Collection of All Triggers . . . . . . . . . . . . . 28
6.2.2. Filtered Collections of Trigger Status Resources . . 29 6.2.2. Filtered Collections of Trigger Status Resources . . 29
6.2.3. Individual Trigger Status Resources . . . . . . . . . 31 6.2.3. Individual Trigger Status Resources . . . . . . . . . 31
6.2.4. Polling for Changes in Status . . . . . . . . . . . . 33 6.2.4. Polling for Changes in Status . . . . . . . . . . . . 33
6.2.5. Deleting Trigger Status Resources . . . . . . . . . . 36 6.2.5. Deleting Trigger Status Resources . . . . . . . . . . 36
6.2.6. Error Reporting . . . . . . . . . . . . . . . . . . . 37 6.2.6. Error Reporting . . . . . . . . . . . . . . . . . . . 37
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 38 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 38
7.1. CDNI Payload Type Parameter Registrations . . . . . . . . 38 7.1. CDNI Payload Type Parameter Registrations . . . . . . . . 38
skipping to change at page 6, line 20 skipping to change at page 6, line 20
The remainder of this document describes the messages, Trigger Status The remainder of this document describes the messages, Trigger Status
Resources, and collections of Trigger Status Resources in more Resources, and collections of Trigger Status Resources in more
detail. detail.
2.1. Timing of Triggered Activity 2.1. Timing of Triggered Activity
Timing of the execution of CI/T Commands is under the dCDN's control, Timing of the execution of CI/T Commands is under the dCDN's control,
including its start time and pacing of the activity in the network. including its start time and pacing of the activity in the network.
CI/T invalidate and purge commands MUST be applied to all data CI/T "invalidate" and "purge" commands MUST be applied to all data
acquired before the command was accepted by the dCDN. The dCDN acquired before the command was accepted by the dCDN. The dCDN
SHOULD NOT apply CI/T invalidate and purge commands to data acquired SHOULD NOT apply CI/T "invalidate" and "purge" commands to data
after the CI/T Command was accepted, but this may not always be acquired after the CI/T Command was accepted, but this may not always
achievable, so the uCDN cannot count on that. be achievable, so the uCDN cannot count on that.
If the uCDN wishes to invalidate or purge content and then If the uCDN wishes to invalidate or purge content and then
immediately pre-position replacement content at the same URLs, it immediately pre-position replacement content at the same URLs, it
SHOULD ensure that the dCDN has completed the invalidate/purge before SHOULD ensure that the dCDN has completed the invalidate/purge before
initiating the prepositioning. Otherwise, there is a risk that the initiating the prepositioning. Otherwise, there is a risk that the
dCDN pre-positions the new content, then immediately invalidates or dCDN pre-positions the new content, then immediately invalidates or
purges it (as a result of the two uCDN requests running in parallel). purges it (as a result of the two uCDN requests running in parallel).
Because the CI/T Command timing is under the dCDN's control, the dCDN Because the CI/T Command timing is under the dCDN's control, the dCDN
implementation can choose whether to apply CI/T invalidate and purge implementation can choose whether to apply CI/T "invalidate" and
commands to content acquisition that has already started when the "purge" commands to content acquisition that has already started when
command is received. the command is received.
2.2. Scope of Triggered Activity 2.2. Scope of Triggered Activity
Each CI/T Command can operate on multiple metadata and content URLs. Each CI/T Command can operate on multiple metadata and content URLs.
Multiple representations of an HTTP resource may share the same URL. Multiple representations of an HTTP resource may share the same URL.
CI/T Trigger Commands that invalidate or purge metadata or content CI/T Trigger Commands that invalidate or purge metadata or content
apply to all resource representations with matching URLs. apply to all resource representations with matching URLs.
2.2.1. Multiple Interconnected CDNs 2.2.1. Multiple Interconnected CDNs
skipping to change at page 7, line 20 skipping to change at page 7, line 20
intermediate CDN, or via more than one intermediate CDN. intermediate CDN, or via more than one intermediate CDN.
CI/T Commands originating in the single source uCDN affect metadata CI/T Commands originating in the single source uCDN affect metadata
and content in all dCDNs; however, in a diamond configuration, it may and content in all dCDNs; however, in a diamond configuration, it may
not be possible for the dCDN to determine which uCDN it acquired not be possible for the dCDN to determine which uCDN it acquired
content from. In this case, a dCDN MUST allow each uCDN from which content from. In this case, a dCDN MUST allow each uCDN from which
it may have acquired the content to act upon that content using CI/T it may have acquired the content to act upon that content using CI/T
Commands. Commands.
In all other cases, a dCDN MUST reject CI/T Commands from a uCDN that In all other cases, a dCDN MUST reject CI/T Commands from a uCDN that
acts on another uCDN's data by using, for example, HTTP 403 attempts to act on another uCDN's content by using, for example,
("Forbidden"). HTTP 403 ("Forbidden").
Security considerations are discussed further in Section 8. Security considerations are discussed further in Section 8.
The diamond configuration may lead to inefficient interactions, but The diamond configuration may lead to inefficient interactions, but
the interactions are otherwise harmless. For example: the interactions are otherwise harmless. For example:
o When the uCDN issues an invalidate CI/T Command, a dCDN will o When the uCDN issues an "invalidate" CI/T Command, a dCDN will
receive that command from multiple directly connected uCDNs. The receive that command from multiple directly connected uCDNs. The
dCDN may schedule multiple those commands separately, and the last dCDN may schedule multiple such commands separately, and the last
may affect content already revalidated following execution of the scheduled command may affect content already revalidated following
invalidate command scheduled first. execution of the "invalidate" command that was scheduled first.
o If one of a dCDN's directly connected uCDNs loses its rights to o If one of a dCDN's directly connected uCDNs loses its rights to
distribute content, it may issue a CI/T purge command. That purge distribute content, it may issue a CI/T "purge" command. That
may affect content the dCDN could retain because it's distributed purge may affect content the dCDN could retain because it's
by another directly connected uCDN. But, that content can be distributed by another directly connected uCDN. But, that content
reacquired by the dCDN from the remaining uCDN. can be reacquired by the dCDN from the remaining uCDN.
o When the uCDN originating an item of content issues a CI/T purge o When the uCDN originating an item of content issues a CI/T purge
followed by a preposition, two directly connected uCDNs will pass followed by a preposition, two directly connected uCDNs will pass
those commands to a dCDN. That dCDN implementation need not merge those commands to a dCDN. That dCDN implementation need not merge
those operations or notice the repetition, in which case the purge those operations or notice the repetition, in which case the purge
issued by one uCDN will complete before the other. The first uCDN issued by one uCDN will complete before the other. The first uCDN
to finish its purge may then forward the preposition trigger, and to finish its purge may then forward the "preposition" trigger,
content pre-positioned as a result might be affected by the and content pre-positioned as a result might be affected by the
still-running purge issued by the other uCDN. However, the dCDN still-running purge issued by the other uCDN. However, the dCDN
will reacquire that content as needed, or when it's asked to will reacquire that content as needed, or when it's asked to
pre-position the content by the second uCDN. A dCDN pre-position the content by the second uCDN. A dCDN
implementation could avoid this interaction by knowing which uCDN implementation could avoid this interaction by knowing which uCDN
it acquired the content from, or it could minimize the it acquired the content from, or it could minimize the
consequences by recording the time at which the invalidate/purge consequences by recording the time at which the
command was received and not applying it to content acquired after "invalidate"/"purge" command was received and not applying it to
that time. content acquired after that time.
2.3. Trigger Results 2.3. Trigger Results
Possible states for a Trigger Status Resource are defined in Possible states for a Trigger Status Resource are defined in
Section 5.2.3. Section 5.2.3.
The CI/T Trigger Command MUST NOT be reported as "complete" until all The CI/T Trigger Command MUST NOT be reported as "complete" until all
actions have been completed successfully. The reasons for failure, actions have been completed successfully. The reasons for failure,
and URLs or patterns affected, SHOULD be enumerated in the Trigger and URLs or patterns affected, SHOULD be enumerated in the Trigger
Status Resource. For more details, see Section 4.7. Status Resource. For more details, see Section 4.7.
skipping to change at page 11, line 15 skipping to change at page 11, line 15
the same URLs is expected to have finished. the same URLs is expected to have finished.
If the dCDN is able to track the execution of CI/T Commands and a If the dCDN is able to track the execution of CI/T Commands and a
CI/T Command is queued by the dCDN for later action, the "status" CI/T Command is queued by the dCDN for later action, the "status"
property of the Trigger Status Resource MUST be "pending". Once property of the Trigger Status Resource MUST be "pending". Once
processing has started, the status MUST be "active". Finally, once processing has started, the status MUST be "active". Finally, once
the CI/T Command is complete, the status MUST be set to "complete" or the CI/T Command is complete, the status MUST be set to "complete" or
"failed". "failed".
A CI/T Trigger Command may result in no activity in the dCDN if, for A CI/T Trigger Command may result in no activity in the dCDN if, for
example, it is an invalidate or purge request for data the dCDN has example, it is an "invalidate" or "purge" request for data the dCDN
not yet acquired, or a pre-position request for data that it has has not yet acquired, or a "pre-position" request for data that it
already acquired and that is still valid. In this case, the status has already acquired and that is still valid. In this case, the
of the Trigger Status Resource MUST be "processed" or "complete", and status of the Trigger Status Resource MUST be "processed" or
the Trigger Status Resource MUST be added to the dCDN's collection of "complete", and the Trigger Status Resource MUST be added to the
Complete Trigger Status Resources. dCDN's collection of Complete Trigger Status Resources.
Once created, Trigger Status Resources can be canceled or deleted by Once created, Trigger Status Resources can be canceled or deleted by
the uCDN, but not modified. The dCDN MUST reject PUT and POST the uCDN, but not modified. The dCDN MUST reject PUT and POST
requests from the uCDN to Trigger Status Resources by responding with requests from the uCDN to Trigger Status Resources by responding with
an appropriate HTTP status code -- for example, 405 ("Method Not an appropriate HTTP status code -- for example, 405 ("Method Not
Allowed"). Allowed").
4.2. Checking Status 4.2. Checking Status
The uCDN has two ways to check the progress of CI/T Commands it has The uCDN has two ways to check the progress of CI/T Commands it has
skipping to change at page 15, line 49 skipping to change at page 15, line 49
upon or the uCDN chooses to cancel it. upon or the uCDN chooses to cancel it.
4.8. Content URLs 4.8. Content URLs
If content URLs are transformed by an intermediate CDN in a cascade, If content URLs are transformed by an intermediate CDN in a cascade,
that intermediate CDN MUST similarly transform URLs in CI/T Commands that intermediate CDN MUST similarly transform URLs in CI/T Commands
it passes to its dCDN. it passes to its dCDN.
When processing Trigger Specifications, CDNs MUST ignore the URL When processing Trigger Specifications, CDNs MUST ignore the URL
scheme (HTTP or HTTPS) in comparing URLs. For example, for a CI/T scheme (HTTP or HTTPS) in comparing URLs. For example, for a CI/T
invalidate or purge command, content MUST be invalidated or purged "invalidate" or "purge" command, content MUST be invalidated or
regardless of the protocol clients used to request it. purged regardless of the protocol clients used to request it.
5. CI/T Object Properties and Encoding 5. CI/T Object Properties and Encoding
The CI/T Commands, Trigger Status Resources, and Trigger Collections, The CI/T Commands, Trigger Status Resources, and Trigger Collections,
as well as their properties, are encoded using JSON, as defined in as well as their properties, are encoded using JSON, as defined in
Sections 5.1.1, 5.1.2, and 5.2.1. They MUST use the MIME media type Sections 5.1.1, 5.1.2, and 5.1.3. They MUST use the MIME media type
"application/cdni", with parameter "ptype" values as defined below "application/cdni", with parameter "ptype" values as defined below
and in Section 7.1. and in Section 7.1.
Names in JSON are case sensitive. The names and literal values Names in JSON are case sensitive. The names and literal values
specified in the present document MUST always use lowercase. specified in the present document MUST always use lowercase.
JSON types, including "object", "array", "number", and "string", are JSON types, including "object", "array", "number", and "string", are
defined in [RFC7159]. defined in [RFC7159].
Unrecognized name/value pairs in JSON objects SHOULD NOT be treated Unrecognized name/value pairs in JSON objects SHOULD NOT be treated
skipping to change at page 22, line 25 skipping to change at page 22, line 25
| | erase the associated data. | | | erase the associated data. |
| purge | A request for the dCDN to erase metadata or | | purge | A request for the dCDN to erase metadata or |
| | content. After servicing the request, the | | | content. After servicing the request, the |
| | specified data MUST NOT be held on the dCDN (the | | | specified data MUST NOT be held on the dCDN (the |
| | dCDN should reacquire the metadata or content from | | | dCDN should reacquire the metadata or content from |
| | the uCDN if it needs it). | | | the uCDN if it needs it). |
+-------------+-----------------------------------------------------+ +-------------+-----------------------------------------------------+
5.2.3. Trigger Status 5.2.3. Trigger Status
Trigger Status describes the current status of a Trigger. It MUST be Trigger Status describes the current status of the triggered
one of the JSON strings in the following table: activity. It MUST be one of the JSON strings in the following table:
+-----------+-------------------------------------------------------+ +-----------+-------------------------------------------------------+
| JSON | Description | | JSON | Description |
| String | | | String | |
+-----------+-------------------------------------------------------+ +-----------+-------------------------------------------------------+
| pending | The CI/T Trigger Command has not yet been acted upon. | | pending | The CI/T Trigger Command has not yet been acted upon. |
| active | The CI/T Trigger Command is currently being acted | | active | The CI/T Trigger Command is currently being acted |
| | upon. | | | upon. |
| complete | The CI/T Trigger Command completed successfully. | | complete | The CI/T Trigger Command completed successfully. |
| processed | The CI/T Trigger Command has been accepted, and no | | processed | The CI/T Trigger Command has been accepted, and no |
skipping to change at page 23, line 9 skipping to change at page 23, line 9
A PatternMatch consists of a string pattern to match against a URI, A PatternMatch consists of a string pattern to match against a URI,
and flags describing the type of match. and flags describing the type of match.
It is encoded as a JSON object with the following name/value pairs: It is encoded as a JSON object with the following name/value pairs:
Name: pattern Name: pattern
Description: A pattern for URI matching. Description: A pattern for URI matching.
Value: A JSON string representing the pattern. The pattern may Value: A JSON string representing the pattern. The pattern can
contain the wildcards "*" and "?", where "*" matches any contain the wildcards * and ?, where * matches any sequence of
sequence of characters (including the empty string) and "?" [RFC3986] pchar or "/" characters (including the empty string)
matches exactly one character. The three literals "\", "*", and ? matches exactly one [RFC3986] pchar character. The three
and "?" MUST be escaped as "\\", "\*", and "\?". literals $, * and ? MUST be escaped as $$, $* and $? (where $
is the designated escape character). All other characters are
treated as literals.
Mandatory: Yes. Mandatory: Yes.
Name: case-sensitive Name: case-sensitive
Description: Flag indicating whether or not case-sensitive Description: Flag indicating whether or not case-sensitive
matching should be used. matching should be used.
Value: One of the JSON values "true" (the matching is case Value: One of the JSON values "true" (the matching is case
sensitive) or "false" (the matching is case insensitive). sensitive) or "false" (the matching is case insensitive).
skipping to change at page 25, line 14 skipping to change at page 25, line 22
The following error codes are defined by this document and MUST be The following error codes are defined by this document and MUST be
supported by an implementation of the CI/T interface. supported by an implementation of the CI/T interface.
+--------------+----------------------------------------------------+ +--------------+----------------------------------------------------+
| Error Code | Description | | Error Code | Description |
+--------------+----------------------------------------------------+ +--------------+----------------------------------------------------+
| emeta | The dCDN was unable to acquire metadata required | | emeta | The dCDN was unable to acquire metadata required |
| | to fulfill the request. | | | to fulfill the request. |
| econtent | The dCDN was unable to acquire content (CI/T | | econtent | The dCDN was unable to acquire content (CI/T |
| | preposition commands only). | | | "preposition" commands only). |
| eperm | The uCDN does not have permission to issue the | | eperm | The uCDN does not have permission to issue the |
| | CI/T Command (for example, the data is owned by | | | CI/T Command (for example, the data is owned by |
| | another CDN). | | | another CDN). |
| ereject | The dCDN is not willing to fulfill the CI/T | | ereject | The dCDN is not willing to fulfill the CI/T |
| | Command (for example, a preposition request for | | | Command (for example, a "preposition" request for |
| | content at a time when the dCDN would not accept | | | content at a time when the dCDN would not accept |
| | Request Routing requests from the uCDN). | | | Request Routing requests from the uCDN). |
| ecdn | An internal error in the dCDN or one of its dCDNs. | | ecdn | An internal error in the dCDN or one of its dCDNs. |
| ecanceled | The uCDN canceled the request. | | ecanceled | The uCDN canceled the request. |
| eunsupported | The Trigger Specification contained a "type" that | | eunsupported | The Trigger Specification contained a "type" that |
| | is not supported by the dCDN. No action was taken | | | is not supported by the dCDN. No action was taken |
| | by the dCDN other than to create a Trigger Status | | | by the dCDN other than to create a Trigger Status |
| | Resource in state "failed". | | | Resource in state "failed". |
+--------------+----------------------------------------------------+ +--------------+----------------------------------------------------+
6. Examples 6. Examples
The following subsections provide examples of different CI/T objects The following subsections provide examples of different CI/T objects
encoded as JSON. encoded as JSON.
Discovery of the triggers interface is out of scope for this Discovery of the CI/T interface is out of scope for this document.
document. In an implementation, all CI/T URLs are under the control In an implementation, all CI/T URLs are under the control of the
of the dCDN. The uCDN MUST NOT attempt to ascribe any meaning to dCDN. The uCDN MUST NOT attempt to ascribe any meaning to individual
individual elements of the path. elements of the path.
In examples in this section, the URL "https://dcdn.example.com/ In examples in this section, the URL "https://dcdn.example.com/
triggers" is used as the location of the collection of all Trigger triggers" is used as the location of the collection of all Trigger
Status Resources, and the CDN PID of the uCDN is "AS64496:1". Status Resources, and the CDN PID of the uCDN is "AS64496:1".
6.1. Creating Triggers 6.1. Creating Triggers
Examples of the uCDN triggering activity in the dCDN: Examples of the uCDN triggering activity in the dCDN:
6.1.1. Preposition 6.1.1. Preposition
Below is an example of a CI/T preposition command -- a POST to the Below is an example of a CI/T "preposition" command -- a POST to the
collection of all Trigger Status Resources. collection of all Trigger Status Resources.
Note that "metadata.patterns" and "content.patterns" are not allowed Note that "metadata.patterns" and "content.patterns" are not allowed
in a preposition Trigger Specification. in a preposition Trigger Specification.
REQUEST: REQUEST:
POST /triggers HTTP/1.1 POST /triggers HTTP/1.1
User-Agent: example-user-agent/0.1 User-Agent: example-user-agent/0.1
Host: dcdn.example.com Host: dcdn.example.com
skipping to change at page 27, line 13 skipping to change at page 27, line 22
], ],
"metadata.urls": [ "metadata.urls": [
"https://metadata.example.com/a/b/c" "https://metadata.example.com/a/b/c"
], ],
"type": "preposition" "type": "preposition"
} }
} }
6.1.2. Invalidate 6.1.2. Invalidate
Below is an example of a CI/T invalidate command -- another POST to Below is an example of a CI/T "invalidate" command -- another POST to
the collection of all Trigger Status Resources. This instructs the the collection of all Trigger Status Resources. This instructs the
dCDN to revalidate the content at "https://www.example.com/a/ dCDN to revalidate the content at "https://www.example.com/a/
index.html", as well as any metadata and content whose URLs are index.html", as well as any metadata and content whose URLs are
prefixed by "https://metadata.example.com/a/b/" using prefixed by "https://metadata.example.com/a/b/" using
case-insensitive matching, and "https://www.example.com/a/b/" using case-insensitive matching, and "https://www.example.com/a/b/" using
case-sensitive matching, respectively. case-sensitive matching, respectively.
REQUEST: REQUEST:
POST /triggers HTTP/1.1 POST /triggers HTTP/1.1
skipping to change at page 28, line 36 skipping to change at page 28, line 46
"pattern": "https://metadata.example.com/a/b/*" "pattern": "https://metadata.example.com/a/b/*"
} }
], ],
"type": "invalidate" "type": "invalidate"
} }
} }
6.2. Examining Trigger Status 6.2. Examining Trigger Status
Once Trigger Status Resources have been created, the uCDN can check Once Trigger Status Resources have been created, the uCDN can check
their status as shown in these examples. their status as shown in the following examples.
6.2.1. Collection of All Triggers 6.2.1. Collection of All Triggers
The uCDN can fetch the collection of all Trigger Status Resources it The uCDN can fetch the collection of all Trigger Status Resources it
has created that have not yet been deleted or removed as expired. has created that have not yet been deleted or removed as expired.
After creation of the "preposition" and "invalidate" triggers shown After creation of the "preposition" and "invalidate" triggers shown
above, this collection might look as follows: above, this collection might look as follows:
REQUEST: REQUEST:
GET /triggers HTTP/1.1 GET /triggers HTTP/1.1
User-Agent: example-user-agent/0.1 User-Agent: example-user-agent/0.1
Host: dcdn.example.com Host: dcdn.example.com
Accept: */* Accept: */*
skipping to change at page 40, line 8 skipping to change at page 40, line 8
requests into the dCDN and to inspect its own CI/T requests and their requests into the dCDN and to inspect its own CI/T requests and their
current states. The CI/T interface does not allow access to, or current states. The CI/T interface does not allow access to, or
modification of, the uCDN or dCDN metadata relating to content modification of, the uCDN or dCDN metadata relating to content
delivery or to the content itself. It can only control the presence delivery or to the content itself. It can only control the presence
of that metadata in the dCDN, and the processing work and network of that metadata in the dCDN, and the processing work and network
utilization involved in ensuring that presence. utilization involved in ensuring that presence.
By examining pre-positioning requests to a dCDN, and correctly By examining pre-positioning requests to a dCDN, and correctly
interpreting content and metadata URLs, an attacker could learn the interpreting content and metadata URLs, an attacker could learn the
uCDN's or content owner's predictions for future content popularity. uCDN's or content owner's predictions for future content popularity.
By examining invalidate or purge requests, an attacker could learn By examining "invalidate" or "purge" requests, an attacker could
about changes in the content owner's catalog. learn about changes in the content owner's catalog.
By injecting CI/T Commands, an attacker or a misbehaving uCDN would By injecting CI/T Commands, an attacker or a misbehaving uCDN would
generate work in the dCDN and uCDN as they process those requests. generate work in the dCDN and uCDN as they process those requests.
So would a man-in-the-middle attacker modifying valid CI/T Commands So would a man-in-the-middle attacker modifying valid CI/T Commands
generated by the uCDN. In both cases, that would decrease the dCDN's generated by the uCDN. In both cases, that would decrease the dCDN's
caching efficiency by causing it to unnecessarily acquire or caching efficiency by causing it to unnecessarily acquire or
reacquire content metadata and/or content. reacquire content metadata and/or content.
A dCDN implementation of CI/T MUST restrict the actions of a uCDN to A dCDN implementation of CI/T MUST restrict the actions of a uCDN to
the data corresponding to that uCDN. Failure to do so would allow the data corresponding to that uCDN. Failure to do so would allow
skipping to change at page 42, line 32 skipping to change at page 42, line 32
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>. <http://www.rfc-editor.org/info/rfc2119>.
[RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818,
DOI 10.17487/RFC2818, May 2000, DOI 10.17487/RFC2818, May 2000,
<http://www.rfc-editor.org/info/rfc2818>. <http://www.rfc-editor.org/info/rfc2818>.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66,
RFC 3986, DOI 10.17487/RFC3986, January 2005,
<http://www.rfc-editor.org/info/rfc3986>.
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 5226, IANA Considerations Section in RFCs", BCP 26, RFC 5226,
DOI 10.17487/RFC5226, May 2008, DOI 10.17487/RFC5226, May 2008,
<http://www.rfc-editor.org/info/rfc5226>. <http://www.rfc-editor.org/info/rfc5226>.
[RFC6707] Niven-Jenkins, B., Le Faucheur, F., and N. Bitar, "Content [RFC6707] Niven-Jenkins, B., Le Faucheur, F., and N. Bitar, "Content
Distribution Network Interconnection (CDNI) Problem Distribution Network Interconnection (CDNI) Problem
Statement", RFC 6707, DOI 10.17487/RFC6707, September Statement", RFC 6707, DOI 10.17487/RFC6707, September
2012, <http://www.rfc-editor.org/info/rfc6707>. 2012, <http://www.rfc-editor.org/info/rfc6707>.
 End of changes. 26 change blocks. 
53 lines changed or deleted 61 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/