< draft-ietf-alto-protocol-05.txt   draft-ietf-alto-protocol-06.txt >
ALTO WG R. Alimi, Ed. ALTO WG R. Alimi, Ed.
Internet-Draft Yale University Internet-Draft Google
Intended status: Standards Track R. Penno, Ed. Intended status: Standards Track R. Penno, Ed.
Expires: January 13, 2011 Juniper Networks Expires: April 28, 2011 Juniper Networks
Y. Yang, Ed. Y. Yang, Ed.
Yale University Yale University
July 12, 2010 October 25, 2010
ALTO Protocol ALTO Protocol
draft-ietf-alto-protocol-05.txt draft-ietf-alto-protocol-06.txt
Abstract Abstract
Networking applications today already have access to a great amount Networking applications today already have access to a great amount
of Inter-Provider network topology information. For example, views of Inter-Provider network topology information. For example, views
of the Internet routing table are easily available at looking glass of the Internet routing table are easily available at looking glass
servers and entirely practical to be downloaded by clients. What is servers and entirely practical to be downloaded by clients. What is
missing is knowledge of the underlying network topology from the ISP missing is knowledge of the underlying network topology from the ISP
or Content Provider (henceforth referred as Provider) point of view. or Content Provider (henceforth referred as Provider) point of view.
In other words, what a Provider prefers in terms of traffic In other words, what a Provider prefers in terms of traffic
skipping to change at page 2, line 16 skipping to change at page 2, line 16
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on January 13, 2011. This Internet-Draft will expire on April 28, 2011.
Copyright Notice Copyright Notice
Copyright (c) 2010 IETF Trust and the persons identified as the Copyright (c) 2010 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the BSD License. described in the BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 6
1.1. Background and Problem Statement . . . . . . . . . . . . . 5 1.1. Background and Problem Statement . . . . . . . . . . . . . 6
1.2. Design History and Merged Proposals . . . . . . . . . . . 5 1.2. Design History and Merged Proposals . . . . . . . . . . . 6
1.3. Solution Benefits . . . . . . . . . . . . . . . . . . . . 5 1.3. Solution Benefits . . . . . . . . . . . . . . . . . . . . 6
1.3.1. Service Providers . . . . . . . . . . . . . . . . . . 5 1.3.1. Service Providers . . . . . . . . . . . . . . . . . . 6
1.3.2. Applications . . . . . . . . . . . . . . . . . . . . . 6 1.3.2. Applications . . . . . . . . . . . . . . . . . . . . . 7
2. Architecture . . . . . . . . . . . . . . . . . . . . . . . . . 6 2. Architecture . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 6 2.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 7
2.1.1. Endpoint Address . . . . . . . . . . . . . . . . . . . 6 2.1.1. Endpoint Address . . . . . . . . . . . . . . . . . . . 7
2.1.2. ASN . . . . . . . . . . . . . . . . . . . . . . . . . 7 2.1.2. ASN . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.1.3. Network Location . . . . . . . . . . . . . . . . . . . 7 2.1.3. Network Location . . . . . . . . . . . . . . . . . . . 8
2.1.4. ALTO Information . . . . . . . . . . . . . . . . . . . 7 2.1.4. ALTO Information . . . . . . . . . . . . . . . . . . . 8
2.1.5. ALTO Information Base . . . . . . . . . . . . . . . . 7 2.1.5. ALTO Information Base . . . . . . . . . . . . . . . . 8
2.2. ALTO Service and Protocol Scope . . . . . . . . . . . . . 7 2.2. ALTO Service and Protocol Scope . . . . . . . . . . . . . 8
3. Protocol Structure . . . . . . . . . . . . . . . . . . . . . . 8 3. Protocol Structure . . . . . . . . . . . . . . . . . . . . . . 9
3.1. Server Information Service . . . . . . . . . . . . . . . . 9 3.1. Server Information Service . . . . . . . . . . . . . . . . 10
3.2. ALTO Information Services . . . . . . . . . . . . . . . . 10 3.2. ALTO Information Services . . . . . . . . . . . . . . . . 11
3.2.1. Map Service . . . . . . . . . . . . . . . . . . . . . 10 3.2.1. Map Service . . . . . . . . . . . . . . . . . . . . . 11
3.2.2. Map Filtering Service . . . . . . . . . . . . . . . . 10 3.2.2. Map Filtering Service . . . . . . . . . . . . . . . . 11
3.2.3. Endpoint Property Service . . . . . . . . . . . . . . 10 3.2.3. Endpoint Property Service . . . . . . . . . . . . . . 11
3.2.4. Endpoint Cost Service . . . . . . . . . . . . . . . . 10 3.2.4. Endpoint Cost Service . . . . . . . . . . . . . . . . 11
4. Network Map . . . . . . . . . . . . . . . . . . . . . . . . . 10 4. Network Map . . . . . . . . . . . . . . . . . . . . . . . . . 11
4.1. PID . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 4.1. PID . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
4.2. Endpoint Addresses . . . . . . . . . . . . . . . . . . . . 12 4.2. Endpoint Addresses . . . . . . . . . . . . . . . . . . . . 13
4.2.1. IP Addresses . . . . . . . . . . . . . . . . . . . . . 12 4.2.1. IP Addresses . . . . . . . . . . . . . . . . . . . . . 13
4.3. Example Network Map . . . . . . . . . . . . . . . . . . . 12 4.3. Example Network Map . . . . . . . . . . . . . . . . . . . 13
5. Cost Map . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 5. Cost Map . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
5.1. Cost Attributes . . . . . . . . . . . . . . . . . . . . . 13 5.1. Cost Attributes . . . . . . . . . . . . . . . . . . . . . 14
5.1.1. Cost Type . . . . . . . . . . . . . . . . . . . . . . 13 5.1.1. Cost Type . . . . . . . . . . . . . . . . . . . . . . 14
5.1.2. Cost Mode . . . . . . . . . . . . . . . . . . . . . . 13 5.1.2. Cost Mode . . . . . . . . . . . . . . . . . . . . . . 15
5.2. Cost Map Structure . . . . . . . . . . . . . . . . . . . . 14 5.2. Cost Map Structure . . . . . . . . . . . . . . . . . . . . 15
5.3. Network Map and Cost Map Dependency . . . . . . . . . . . 14 5.3. Network Map and Cost Map Dependency . . . . . . . . . . . 16
6. Protocol Overview . . . . . . . . . . . . . . . . . . . . . . 15 6. Protocol Design Overview . . . . . . . . . . . . . . . . . . . 16
6.1. Design Approach . . . . . . . . . . . . . . . . . . . . . 15 6.1. Existing Infrastructure . . . . . . . . . . . . . . . . . 17
6.1.1. Use of Existing Infrastructure . . . . . . . . . . . . 15 6.2. ALTO Information Reuse and Redistribution . . . . . . . . 17
6.1.2. ALTO Information Reuse and Redistribution . . . . . . 16 7. Protocol Messaging . . . . . . . . . . . . . . . . . . . . . . 18
7. Protocol Messaging . . . . . . . . . . . . . . . . . . . . . . 16 7.1. Notation . . . . . . . . . . . . . . . . . . . . . . . . . 18
7.1. Notation . . . . . . . . . . . . . . . . . . . . . . . . . 16 7.2. Message Format . . . . . . . . . . . . . . . . . . . . . . 18
7.2. Message Format . . . . . . . . . . . . . . . . . . . . . . 17 7.2.1. Protocol Versioning . . . . . . . . . . . . . . . . . 18
7.2.1. Protocol Versioning Approach . . . . . . . . . . . . . 17 7.2.2. Content Type . . . . . . . . . . . . . . . . . . . . . 19
7.2.2. Request Message . . . . . . . . . . . . . . . . . . . 17 7.2.3. Request Message . . . . . . . . . . . . . . . . . . . 19
7.2.3. Response Message . . . . . . . . . . . . . . . . . . . 18 7.2.4. Response Message . . . . . . . . . . . . . . . . . . . 20
7.3. General Processing . . . . . . . . . . . . . . . . . . . . 21 7.3. General Processing . . . . . . . . . . . . . . . . . . . . 22
7.4. ALTO Status Codes . . . . . . . . . . . . . . . . . . . . 21 7.4. ALTO Status Codes . . . . . . . . . . . . . . . . . . . . 22
7.5. Client Behavior . . . . . . . . . . . . . . . . . . . . . 22 7.5. Client Behavior . . . . . . . . . . . . . . . . . . . . . 23
7.5.1. Successful Response . . . . . . . . . . . . . . . . . 22 7.5.1. Successful Response . . . . . . . . . . . . . . . . . 23
7.5.2. Error Conditions . . . . . . . . . . . . . . . . . . . 22 7.5.2. Error Conditions . . . . . . . . . . . . . . . . . . . 24
7.6. HTTP Usage . . . . . . . . . . . . . . . . . . . . . . . . 22 7.6. HTTP Usage . . . . . . . . . . . . . . . . . . . . . . . . 24
7.6.1. Authentication and Encryption . . . . . . . . . . . . 23 7.6.1. Authentication and Encryption . . . . . . . . . . . . 24
7.6.2. Cookies . . . . . . . . . . . . . . . . . . . . . . . 23 7.6.2. Cookies . . . . . . . . . . . . . . . . . . . . . . . 24
7.6.3. Caching Parameters . . . . . . . . . . . . . . . . . . 23 7.6.3. Caching Parameters . . . . . . . . . . . . . . . . . . 24
7.7. ALTO Requests . . . . . . . . . . . . . . . . . . . . . . 23 7.7. ALTO Types . . . . . . . . . . . . . . . . . . . . . . . . 24
7.7.1. Server Information Service . . . . . . . . . . . . . . 24 7.7.1. PID Name . . . . . . . . . . . . . . . . . . . . . . . 24
7.7.2. Map Service . . . . . . . . . . . . . . . . . . . . . 27 7.7.2. Cost Mode . . . . . . . . . . . . . . . . . . . . . . 25
7.7.3. Map Filtering Service . . . . . . . . . . . . . . . . 31 7.7.3. Cost Type . . . . . . . . . . . . . . . . . . . . . . 25
7.7.4. Endpoint Property Service . . . . . . . . . . . . . . 35 7.8. ALTO Messages . . . . . . . . . . . . . . . . . . . . . . 25
7.7.5. Endpoint Cost Service . . . . . . . . . . . . . . . . 38 7.8.1. Server Information Service . . . . . . . . . . . . . . 26
7.8. Redistributable Responses . . . . . . . . . . . . . . . . 40 7.8.2. Map Service . . . . . . . . . . . . . . . . . . . . . 30
7.8.1. Server Capability Requirements . . . . . . . . . . . . 40 7.8.3. Map Filtering Service . . . . . . . . . . . . . . . . 34
7.8.2. Service ID . . . . . . . . . . . . . . . . . . . . . . 40 7.8.4. Endpoint Property Service . . . . . . . . . . . . . . 38
7.8.3. Server and Request Parameters . . . . . . . . . . . . 41 7.8.5. Endpoint Cost Service . . . . . . . . . . . . . . . . 41
7.8.4. Expiration Time . . . . . . . . . . . . . . . . . . . 41 8. Redistributable Responses . . . . . . . . . . . . . . . . . . 43
7.8.5. Signature . . . . . . . . . . . . . . . . . . . . . . 42 8.1. Concepts . . . . . . . . . . . . . . . . . . . . . . . . . 43
8. Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . . 43 8.1.1. Service ID . . . . . . . . . . . . . . . . . . . . . . 43
8.1. ALTO Client Embedded in P2P Tracker . . . . . . . . . . . 43 8.1.2. Expiration Time . . . . . . . . . . . . . . . . . . . 44
8.2. ALTO Client Embedded in P2P Client: Numerical Costs . . . 45 8.1.3. Signature . . . . . . . . . . . . . . . . . . . . . . 44
8.3. ALTO Client Embedded in P2P Client: Ranking . . . . . . . 46 8.2. Protocol . . . . . . . . . . . . . . . . . . . . . . . . . 46
9. Discussions . . . . . . . . . . . . . . . . . . . . . . . . . 46 8.2.1. Response Redistribution Descriptor Fields . . . . . . 47
9.1. Discovery . . . . . . . . . . . . . . . . . . . . . . . . 47 8.2.2. Signature . . . . . . . . . . . . . . . . . . . . . . 48
9.2. Hosts with Multiple Endpoint Addresses . . . . . . . . . . 47 9. Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . . 48
9.3. Network Address Translation Considerations . . . . . . . . 47 9.1. ALTO Client Embedded in P2P Tracker . . . . . . . . . . . 48
9.4. Mapping IPs to ASNs . . . . . . . . . . . . . . . . . . . 48 9.2. ALTO Client Embedded in P2P Client: Numerical Costs . . . 50
9.5. Endpoint and Path Properties . . . . . . . . . . . . . . . 48 9.3. ALTO Client Embedded in P2P Client: Ranking . . . . . . . 51
9.6. P2P Peer Selection . . . . . . . . . . . . . . . . . . . . 49 10. Discussions . . . . . . . . . . . . . . . . . . . . . . . . . 51
9.6.1. Client-based Peer Selection . . . . . . . . . . . . . 49 10.1. Discovery . . . . . . . . . . . . . . . . . . . . . . . . 52
9.6.2. Server-based Peer Selection . . . . . . . . . . . . . 49 10.2. Hosts with Multiple Endpoint Addresses . . . . . . . . . . 52
9.6.3. Protocol Extension: 'Location-Only' Peer Selection . . 50 10.3. Network Address Translation Considerations . . . . . . . . 52
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 51 10.4. Mapping IPs to ASNs . . . . . . . . . . . . . . . . . . . 53
11. Security Considerations . . . . . . . . . . . . . . . . . . . 51 10.5. Endpoint and Path Properties . . . . . . . . . . . . . . . 53
11.1. Privacy Considerations for ISPs . . . . . . . . . . . . . 51 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 53
11.2. ALTO Clients . . . . . . . . . . . . . . . . . . . . . . . 51 11.1. application/alto Media Type . . . . . . . . . . . . . . . 54
11.3. Authentication, Integrity Protection, and Encryption . . . 52 11.2. ALTO Cost Type Registry . . . . . . . . . . . . . . . . . 55
11.4. ALTO Information Redistribution . . . . . . . . . . . . . 52 12. Security Considerations . . . . . . . . . . . . . . . . . . . 56
11.5. Denial of Service . . . . . . . . . . . . . . . . . . . . 53 12.1. Privacy Considerations for ISPs . . . . . . . . . . . . . 56
11.6. ALTO Server Access Control . . . . . . . . . . . . . . . . 53 12.2. ALTO Clients . . . . . . . . . . . . . . . . . . . . . . . 56
12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 54 12.3. Authentication, Integrity Protection, and Encryption . . . 57
12.1. Normative References . . . . . . . . . . . . . . . . . . . 54 12.4. ALTO Information Redistribution . . . . . . . . . . . . . 57
12.2. Informative References . . . . . . . . . . . . . . . . . . 54 12.5. Denial of Service . . . . . . . . . . . . . . . . . . . . 58
Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . . 56 12.6. ALTO Server Access Control . . . . . . . . . . . . . . . . 58
Appendix B. Authors . . . . . . . . . . . . . . . . . . . . . . . 57 13. References . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 57 13.1. Normative References . . . . . . . . . . . . . . . . . . . 59
13.2. Informative References . . . . . . . . . . . . . . . . . . 59
Appendix A. TO BE MOVED . . . . . . . . . . . . . . . . . . . . . 61
A.1. Discovery . . . . . . . . . . . . . . . . . . . . . . . . 61
A.2. P2P Peer Selection . . . . . . . . . . . . . . . . . . . . 61
A.2.1. Client-based Peer Selection . . . . . . . . . . . . . 62
A.2.2. Server-based Peer Selection . . . . . . . . . . . . . 62
A.2.3. Location-Only Peer Selection . . . . . . . . . . . . . 62
Appendix B. Acknowledgments . . . . . . . . . . . . . . . . . . . 63
Appendix C. Authors . . . . . . . . . . . . . . . . . . . . . . . 64
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 64
1. Introduction 1. Introduction
1.1. Background and Problem Statement 1.1. Background and Problem Statement
Today, network information available to applications is mostly from Today, network information available to applications is mostly from
the view of endhosts. There is no clear mechanism to convey the view of endhosts. There is no clear mechanism to convey
information about the network's preferences to applications. By information about the network's preferences to applications. By
leveraging better network-provided information, applications have the leveraging better network-provided information, applications have the
potential to become more network-efficient (e.g., reduce network potential to become more network-efficient (e.g., reduce network
resource consumption) and achieve better application performance resource consumption) and achieve better application performance
(e.g., accelerated download rate). The ALTO Service intends to (e.g., accelerated download rate). The ALTO Service intends to
provide a simple way to convey network information to applications. provide a simple way to convey network information to applications.
The goal of this document is to specify a simple and unified protocol The goal of this document is to specify a simple and unified protocol
that meets the ALTO requirements [8] while providing a migration path that meets the ALTO requirements [11] while providing a migration
for Internet Service Providers (ISP), Content Providers, and clients path for Internet Service Providers (ISP), Content Providers, and
that have deployed protocols with similar intentions (see below). clients that have deployed protocols with similar intentions (see
This document is a work in progress and will be updated with further below). This document is a work in progress and will be updated with
developments. further developments.
1.2. Design History and Merged Proposals 1.2. Design History and Merged Proposals
The protocol specified here consists of contributions from The protocol specified here consists of contributions from
o P4P [9], [10]; o P4P [12], [13];
o ALTO Info-Export [11]; o ALTO Info-Export [14];
o Query/Response [12], [13]; o Query/Response [15], [16];
o ATTP [ATTP]; o ATTP [ATTP];
o Proxidor [14]. o Proxidor [17].
See Appendix A for a list of people that have contributed See Appendix B for a list of people that have contributed
significantly to this effort and the projects and proposals listed significantly to this effort and the projects and proposals listed
above. above.
1.3. Solution Benefits 1.3. Solution Benefits
The ALTO Service offers many benefits to both end-users (consumers of The ALTO Service offers many benefits to both end-users (consumers of
the service) and Internet Service Providers (providers of the the service) and Internet Service Providers (providers of the
service). service).
1.3.1. Service Providers 1.3.1. Service Providers
skipping to change at page 6, line 31 skipping to change at page 7, line 31
2. Architecture 2. Architecture
Two key design objectives of the ALTO Protocol are simplicity and Two key design objectives of the ALTO Protocol are simplicity and
extensibility. At the same time, it introduces additional techniques extensibility. At the same time, it introduces additional techniques
to address potential scalability and privacy issues. After an to address potential scalability and privacy issues. After an
introduction to the terminology, the ALTO architecture and the ALTO introduction to the terminology, the ALTO architecture and the ALTO
Protocol's place in the overall architecture are defined. Protocol's place in the overall architecture are defined.
2.1. Terminology 2.1. Terminology
We use the following terms defined in [15]: Application, Overlay We use the following terms defined in [18]: Application, Overlay
Network, Peer, Resource, Resource Identifier, Resource Provider, Network, Peer, Resource, Resource Identifier, Resource Provider,
Resource Consumer, Resource Directory, Transport Address, Host Resource Consumer, Resource Directory, Transport Address, Host
Location Attribute, ALTO Service, ALTO Server, ALTO Client, ALTO Location Attribute, ALTO Service, ALTO Server, ALTO Client, ALTO
Query, ALTO Reply, ALTO Transaction, Local Traffic, Peering Traffic, Query, ALTO Reply, ALTO Transaction, Local Traffic, Peering Traffic,
Transit Traffic. Transit Traffic.
We also use the following additional terms: Endpoint Address, ASN, We also use the following additional terms: Endpoint Address, ASN,
and Network Location. and Network Location.
2.1.1. Endpoint Address 2.1.1. Endpoint Address
skipping to change at page 7, line 29 skipping to change at page 8, line 29
2.1.5. ALTO Information Base 2.1.5. ALTO Information Base
Internal representation of the ALTO Information maintained by the Internal representation of the ALTO Information maintained by the
ALTO Server. Note that the structure of this internal representation ALTO Server. Note that the structure of this internal representation
is not defined by this document. is not defined by this document.
2.2. ALTO Service and Protocol Scope 2.2. ALTO Service and Protocol Scope
An ALTO Server conveys the network information from the perspective An ALTO Server conveys the network information from the perspective
of a network region; the ALTO Server presents its "my-Internet View" of a network region; the ALTO Server presents its "my-Internet View"
[16] of the network region. A network region in this context can be [19] of the network region. A network region in this context can be
an Autonomous System, an ISP, or perhaps a smaller region or set of an Autonomous System, an ISP, or perhaps a smaller region or set of
ISPs; the details depend on the deployment scenario and discovery ISPs; the details depend on the deployment scenario and discovery
mechanism. mechanism.
To better understand the ALTO Service and the role of the ALTO To better understand the ALTO Service and the role of the ALTO
Protocol, we show in Figure 1 the overall system architecture. In Protocol, we show in Figure 1 the overall system architecture. In
this architecture, an ALTO Server prepares ALTO Information; an ALTO this architecture, an ALTO Server prepares ALTO Information; an ALTO
Client uses ALTO Service Discovery to identify an appropriate ALTO Client uses ALTO Service Discovery to identify an appropriate ALTO
Server; and the ALTO Client requests available ALTO Information from Server; and the ALTO Client requests available ALTO Information from
the ALTO Server using the ALTO Protocol. the ALTO Server using the ALTO Protocol.
skipping to change at page 13, line 30 skipping to change at page 14, line 30
semantics of the information distributed by the ALTO Server. This semantics of the information distributed by the ALTO Server. This
document does not discuss the internal representation of this data document does not discuss the internal representation of this data
structure within the ALTO Server. structure within the ALTO Server.
5.1. Cost Attributes 5.1. Cost Attributes
Path Costs have attributes: Path Costs have attributes:
o Type: identifies what the costs represent; o Type: identifies what the costs represent;
o Mode: identifies how the costs should be interpreted (numerical or o Mode: identifies how the costs should be interpreted.
ordinal).
Certain queries for Cost Maps allow the ALTO Client to indicate the Certain queries for Cost Maps allow the ALTO Client to indicate the
desired Type and Mode. desired Type and Mode.
5.1.1. Cost Type 5.1.1. Cost Type
The Type attribute indicates what the cost represents. For example, The Type attribute indicates what the cost represents. For example,
an ALTO Server could define costs representing air-miles, hop-counts, an ALTO Server could define costs representing air-miles, hop-counts,
or generic routing costs. or generic routing costs.
Cost types are indicated in protocol messages as alphanumeric Cost types are indicated in protocol messages as strings.
strings. An ALTO Server MUST at least define the routing cost type
denoted by the string 'routingcost'. 5.1.1.1. Cost Type: routingcost
An ALTO Server MUST define the 'routingcost' Cost Type.
This Cost Type conveys a generic measure for the cost of routing
traffic from a source to a destination. Lower values indicate a
higher preference for traffic to be sent from a source to a
destination.
Note that an ISP may internally compute routing cost using any method Note that an ISP may internally compute routing cost using any method
it chooses (including air-miles or hop-count). it chooses (e.g., air-miles or hop-count) as long as it conforms to
these semantics.
5.1.2. Cost Mode 5.1.2. Cost Mode
The Mode attribute indicates how costs should be interpreted. For The Mode attribute indicates how costs should be interpreted. An
example, an ALTO Server could return costs that should be interpreted ALTO Server return costs that are interpreted as either numerical
as numerical values or ordinal rankings. values or ordinal rankings.
It is important to communicate such information to ALTO Clients, as It is important to communicate such information to ALTO Clients, as
certain operations may not be valid on certain costs returned by an certain operations may not be valid on certain costs returned by an
ALTO Server. For example, it is possible for an ALTO Server to ALTO Server. For example, it is possible for an ALTO Server to
return a set of IP addresses with costs indicating a ranking of the return a set of IP addresses with costs indicating a ranking of the
IP addresses. Arithmetic operations, such as summation, that would IP addresses. Arithmetic operations, such as summation, that would
make sense for numerical values, do not make sense for ordinal make sense for numerical values, do not make sense for ordinal
rankings. ALTO Clients may handle such costs differently. rankings. ALTO Clients may handle such costs differently.
Cost Modes are indicated in protocol messages as alphanumeric Cost Modes are indicated in protocol messages as strings.
strings. An ALTO Server MUST at least define the modes 'numerical'
and 'ordinal'.
If an ALTO Client requests a Cost Mode that is not supported, the An ALTO Server MUST support at least one of 'numerical' and 'ordinal'
ALTO Server MUST reply with costs having Mode either 'numerical' or costs. ALTO Clients SHOULD be cognizant of operation when a desired
'ordinal'. Thus, an ALTO Server must implement at least one of cost mode is not supported. For example, an ALTO Client desiring
'numerical' or 'ordinal' Costs, but it may choose which to support. numerical costs may adjust behavior if only the ordinal Cost Mode is
ALTO Clients may choose how to handle such situations. Two available. Alternatively, an ALTO Client desiring ordinal costs may
particular possibilities are to use the returned costs as-is (e.g., construct ordinal costs given numerical values if only the numerical
treat numerical costs as ordinal rankings) or ignore the ALTO Cost Mode is available.
information altogether.
5.1.2.1. Cost Mode: numerical
This Cost Mode is indicated by the string 'numerical'. This mode
indicates that it is safe to perform numerical operations (e.g.
summation) on the returned costs.
5.1.2.2. Cost Mode: ordinal
This Cost Mode is indicated by the string 'ordinal'. This mode
indicates that the costs values to a set of Destination Network
Locations from a particular Source Network Location are a ranking,
with lower values indicating a higher preference.
It is important to note that the values in the Cost Map provided with
the ordinal Cost Mode are not necessarily the actual cost known to
the ALTO Server.
5.2. Cost Map Structure 5.2. Cost Map Structure
A query for a Cost Map either explicitly or implicitly includes a A query for a Cost Map either explicitly or implicitly includes a
list of Source Network Locations and a list of Destination Network list of Source Network Locations and a list of Destination Network
Locations. (Recall that a Network Location can be an endpoint Locations. (Recall that a Network Location can be an endpoint
address or a PID.) address or a PID.)
Specifically, assume that a query has a list of multiple Source Specifically, assume that a query has a list of multiple Source
Network Locations, say [Src_1, Src_2, ..., Src_m], and a list of Network Locations, say [Src_1, Src_2, ..., Src_m], and a list of
skipping to change at page 15, line 18 skipping to change at page 16, line 39
maintained by the ALTO Server. When the Network Map changes, the maintained by the ALTO Server. When the Network Map changes, the
Version Tag SHOULD also be changed. (Thus, the Version Tag is Version Tag SHOULD also be changed. (Thus, the Version Tag is
defined similarly to HTTP's ETag.) Possibilities for generating a defined similarly to HTTP's ETag.) Possibilities for generating a
Version Tag included the last-modified timestamp for the Network Map, Version Tag included the last-modified timestamp for the Network Map,
or a hash of its contents. or a hash of its contents.
A Network Map distributed by the ALTO Server includes its Version A Network Map distributed by the ALTO Server includes its Version
Tag. A Cost Map referring to PIDs also includes the Version Tag of Tag. A Cost Map referring to PIDs also includes the Version Tag of
the Network Map on which it is based. the Network Map on which it is based.
6. Protocol Overview 6. Protocol Design Overview
6.1. Design Approach
The ALTO Protocol design uses a REST-like interface with the goal of The ALTO Protocol design uses a REST-like interface with the goal of
leveraging current HTTP [2] [3] implementations and infrastructure, leveraging current HTTP [2] [3] implementations and infrastructure,
as well as familiarity with existing REST-like services in popular as well as familiarity with existing REST-like services in popular
use. ALTO messages are denoted with HTTP Content-Type "application/ use. ALTO messages use JSON [4] to encode message bodies.
alto" and use JSON [4] to encode message bodies.
This document currently specifies both services and and the message This document currently specifies both services and and the message
encoding in a descriptive fashion. Care is taken to make encoding in a descriptive fashion. Care is taken to make
descriptions precise and unambiguous, but it still lacks benefits of descriptions precise and unambiguous, but it still lacks benefits of
automatic tooling that exists for certain encoding formats. automatic tooling that exists for certain encoding formats.
Standards such as WSDL 2.0 and WADL are capable of describing Standards such as WSDL 2.0 and WADL are capable of describing
available interfaces. JSON Schema [17] allows message encodings to available interfaces. JSON Schema [20] allows message encodings to
be specified precisely and messages may be verified against the be specified precisely and messages may be verified against the
schema. It is not yet clear whether such an approach should be taken schema. It is not yet clear whether such an approach should be taken
in this document. in this document.
Other benefits enabled by these design choices include easier Other benefits enabled by these design choices include easier
understanding and debugging, flexible ALTO Server implementation understanding and debugging, flexible ALTO Server implementation
strategies, and more importantly, simple caching and redistribution strategies, and more importantly, simple caching and redistribution
of ALTO information to increase scalability. of ALTO information to increase scalability.
6.1.1. Use of Existing Infrastructure 6.1. Existing Infrastructure
HTTP is a natural choice for integration with existing applications HTTP is a natural choice for integration with existing applications
and infrastructure. In particular, the ALTO Protocol design and infrastructure. In particular, the ALTO Protocol design
leverages: leverages:
o the huge installed base of infrastructure, including HTTP caches, o the huge installed base of infrastructure, including HTTP caches,
o mature software implementations, o mature software implementations,
o the fact that many P2P clients already have an embedded HTTP o the fact that many P2P clients already have an embedded HTTP
client, and client, and
o authentication and encryption mechanisms in HTTP and SSL/TLS. o authentication and encryption mechanisms in HTTP and SSL/TLS.
6.1.2. ALTO Information Reuse and Redistribution 6.2. ALTO Information Reuse and Redistribution
ALTO information may be useful to a large number of applications and ALTO information may be useful to a large number of applications and
users. For example, an identical Network Map may be used by all ALTO users. For example, an identical Network Map may be used by all ALTO
Clients querying a particular ALTO Server. At the same time, Clients querying a particular ALTO Server. At the same time,
distributing ALTO information must be efficient and not become a distributing ALTO information must be efficient and not become a
bottleneck. Therefore, the ALTO Protocol specified in this document bottleneck.
integrates with existing HTTP caching infrastructure to allow reuse
of ALTO information by ALTO Clients and reduce load on ALTO servers.
ALTO information may also be cached or redistributed using Beyond integration with existing HTTP caching infrastructure, ALTO
application-dependent mechanisms, such as P2P DHTs or P2P file- information may also be cached or redistributed using application-
sharing. This document does not define particular mechanisms for dependent mechanisms, such as P2P DHTs or P2P file-sharing. This
such redistribution, but it does define the primitives (e.g., digital document does not define particular mechanisms for such
signatures) needed to support such a mechanism. See [18] for further redistribution, but it does define the primitives (e.g., digital
signatures) needed to support such a mechanism. See [21] for further
discussion. discussion.
Note that if caching or redistribution is used, the Response message Note that if caching or redistribution is used, the Response message
may be returned from another (possibly third-party) entity. Reuse may be returned from another (possibly third-party) entity. Reuse
and Redistribution is further discussed in Section 11.4. Protocol and Redistribution is further discussed in Section 12.4. Protocol
support for redistribution is specified in Section 7.8. support for redistribution is specified in Section 8.
7. Protocol Messaging 7. Protocol Messaging
This section specifies client and server processing, as well as This section specifies client and server processing, as well as
messages in the ALTO Protocol. Details common to ALTO Server messages in the ALTO Protocol. Details common to ALTO Server
processing of all messages is first discussed, followed by details of processing of all messages is first discussed, followed by details of
the individual messages. the individual messages.
7.1. Notation 7.1. Notation
This document uses C-style struct notation to define the required and This document uses an adaptation of the C-style struct notation to
optional members of JSON objects. Unless explicitly noted, each define the required and optional members of JSON objects. Unless
member of a struct is REQUIRED. explicitly noted, each member of a struct is REQUIRED.
The types 'JSONString', 'JSONNumber', 'JSONBool' indicate the JSON The types 'JSONString', 'JSONNumber', 'JSONBool' indicate the JSON
string, number, and boolean types respectively. string, number, and boolean types respectively.
This document only includes object members used by this This document only includes object members used by this
specification. It is possible that protocol extensions include specification. It is possible that protocol extensions include
additional members to JSON objects defined in this document; such additional members to JSON objects defined in this document; such
additional members will be silently ignored by ALTO Servers and additional members will be silently ignored by ALTO Servers and
Clients only implementing the base protocol defined in this document. Clients only implementing the base protocol defined in this document.
7.2. Message Format 7.2. Message Format
Request and Response follow the standard format for HTTP Request and Request and Response follow the standard format for HTTP Request and
Response messages [2] [3]. Response messages [2] [3].
The following subsections provide an overview of how ALTO Requests The following subsections provide an overview of how ALTO Requests
and Responses are encoded in HTTP, and discusses rationale for and Responses are encoded in HTTP, and discusses rationale for
certain design decisions. certain design decisions.
7.2.1. Protocol Versioning Approach 7.2.1. Protocol Versioning
The ALTO Protocol uses a simple and clean approach to versioning that The ALTO Protocol uses a simple versioning approach that permits
permits evolution between versions even if ALTO information is being evolution between versions even if ALTO information is being served
served as static, pre-generated files. as static, pre-generated files.
In particular, it is assumed that a single host responding to ALTO It is assumed that a single host responding to ALTO Requests
Requests implements a single protocol version. Note that virtual implements a single protocol version. Virtual hosting may be used if
hosting can be used if multiple protocol versions need to be multiple protocol versions need to be supported by a single physical
supported by a single physical server. server.
A common query (Server List, detailed in Section 7.7.1.1) to be A common query (Server List, detailed in Section 7.8.1.1) to be
present in all ALTO protocol versions allows an ALTO Client to present in all ALTO protocol versions allows an ALTO Client to
discover additional ALTO Servers and the ALTO Protocol version number discover additional ALTO Servers and the ALTO Protocol version number
of each. of each.
This approach keeps the ALTO Server implementation free from parsing This approach keeps the ALTO Server implementation free from parsing
and directing each request based on version number. Although ALTO and directing each request based on version number. Although ALTO
Requests are free from protocol version numbers, the protocol version Requests are free from protocol version numbers, the protocol version
number is echoed in each ALTO Response to keep responses self- number is echoed in each ALTO Response to keep responses self-
contained to, for example, ease reading persisted or redistributed contained to, for example, ease reading persisted or redistributed
ALTO responses. ALTO responses.
Using virtual hosting with TLS may require the Server Name Indication
extension for TLS [5] [22].
This document specifies ALTO Protocol version 1. This document specifies ALTO Protocol version 1.
7.2.2. Request Message 7.2.2. Content Type
All ALTO Request and Response messages MUST set the Content-Type HTTP
header to "application/alto".
7.2.3. Request Message
An ALTO Request is a standard HTTP Request generated by an ALTO An ALTO Request is a standard HTTP Request generated by an ALTO
Client, with certain components defined by the ALTO Protocol. Client, with certain components defined by the ALTO Protocol.
The basic syntax of an ALTO Request is: The basic syntax of an ALTO Request is:
<Method> /<Resource> HTTP/1.1 <Method> /<Resource> HTTP/1.1
Host: <Host> Host: <Host>
For example: For example:
GET /info/capability HTTP/1.1 GET /info/capability HTTP/1.1
Host: alto.example.com:6671 Host: alto.example.com:6671
7.2.2.1. Standard HTTP Headers 7.2.3.1. Standard HTTP Headers
The Host header MUST follow the standard rules for the HTTP 1.1 Host The Host header MUST follow the standard rules for the HTTP 1.1 Host
Header. Header.
The Content-Length header MUST follow the standard rules defined in The Content-Length header MUST follow the standard rules defined in
HTTP 1.1. HTTP 1.1.
The Content-Type HTTP Header MUST have value "application/alto" if The Content-Type HTTP Header MUST have value "application/alto" if
the Body is non-empty. the Body is non-empty.
7.2.2.2. Method and Resource 7.2.3.2. Method and Resource
Next, both the HTTP Method and URI-Path (denoted as Resource) Next, both the HTTP Method and URI-Path (denoted as Resource)
indicate the operation requested by the ALTO Client. In this indicate the operation requested by the ALTO Client. In this
example, the ALTO Client is requesting basic capability information example, the ALTO Client is requesting basic capability information
from the ALTO Server. from the ALTO Server.
7.2.2.3. Input Parameters 7.2.3.3. Input Parameters
Certain operations defined by the ALTO Protocol (e.g., in the Map Certain operations defined by the ALTO Protocol (e.g., in the Map
Filtering Service) allow the ALTO Client to supply additional input Filtering Service) allow the ALTO Client to supply additional input
parameters. Such input parameters are encoded in a URI-Query-String parameters. Such input parameters are encoded in a URI-Query-String
where possible and appropriate. However, due to practical where possible and appropriate. However, due to practical
limitations (e.g. underlying HTTP implementations may have limitations (e.g. underlying HTTP implementations may have
limitations on the total length of a URI and the Query-String is limitations on the total length of a URI and the Query-String is
better-suited for simple unstructured parameters and lists), some better-suited for simple unstructured parameters and lists), some
operations in the ALTO Protocol use input parameters encoded in the operations in the ALTO Protocol use input parameters encoded in the
HTTP Request Body. HTTP Request Body.
7.2.3. Response Message 7.2.4. Response Message
A Response message is a standard HTTP Response generated by an ALTO A Response message is a standard HTTP Response generated by an ALTO
Server with certain components defined by the ALTO Protocol. Server with certain components defined by the ALTO Protocol.
The basic syntax of an ALTO Response is: The basic syntax of an ALTO Response is:
HTTP/1.1 <StatusCode> <StatusMsg> HTTP/1.1 <StatusCode> <StatusMsg>
Content-Length: <ContentLength> Content-Length: <ContentLength>
Content-Type: <ContentType> Content-Type: <ContentType>
<ALTOResponse> <ALTOResponse>
where the HTTP Response Body is an ALTOResponse JSON Object (defined where the HTTP Response Body is an ALTOResponse JSON Object (defined
in Section 7.2.3.3). For example: in Section 7.2.4.3). For example:
HTTP/1.1 200 OK HTTP/1.1 200 OK
Content-Length: 1000 Content-Length: 1000
Content-Type: application/alto Content-Type: application/alto
{ {
"meta" : { "meta" : {
"version": 1, "version": 1,
"status" : { "status" : {
"code" : 1, "code" : 1,
"reason" : "Success" "reason" : "Success"
}, },
... ...
}, },
"type" : "capability", "type" : "capability",
"data" : { "data" : {
... ...
} }
} }
7.2.3.1. Standard HTTP Headers 7.2.4.1. Standard HTTP Headers
The Content-Length header MUST follow the standard rules defined in The Content-Length header MUST follow the standard rules defined in
HTTP 1.1. HTTP 1.1.
The Content-Type HTTP Header MUST have value "application/alto" if The Content-Type HTTP Header MUST have value "application/alto" if
the Body is non-empty. the Body is non-empty.
7.2.3.2. Status Code and Message 7.2.4.2. Status Code and Message
Two sets of status codes are used in the ALTO Protocol. First, an Two sets of status codes are used in the ALTO Protocol. First, an
ALTO Status Code provides detailed information about the success or ALTO Status Code provides detailed information about the success or
failure of a particular operation. Second, an HTTP Status Code failure of a particular operation. Second, an HTTP Status Code
indicates to HTTP processing elements (e.g., intermediaries and indicates to HTTP processing elements (e.g., intermediaries and
clients) how the response should be treated. clients) how the response should be treated.
7.2.3.3. HTTP Body 7.2.4.3. HTTP Body
The Response body MUST encode a single top-level JSON object of type The Response body MUST encode a single top-level JSON object of type
ALTOResponse: ALTOResponse:
struct { object {
RspMetaData meta; RspMetaData meta;
JSONString type; JSONString type;
[RspDataType] data; [RspDataType] data;
} ALTOResponse; } ALTOResponse;
The ALTOResponse object has distinct sections for: The ALTOResponse object has distinct sections for:
o meta information encoded in an extensible way, o meta information encoded in an extensible way,
o the type of ALTO Information to follow, and o the type of ALTO Information to follow, and
o the requested ALTO Information. o the requested ALTO Information.
7.2.3.3.1. Meta Information 7.2.4.3.1. Meta Information
Meta information is encoded as a JSON object with type RspMetaData: Meta information is encoded as a JSON object with type RspMetaData:
struct { object {
JSONNumber code; JSONString code;
JSONString reason; [OPTIONAL] JSONString reason; [OPTIONAL]
} RspStatus; } RspStatus;
struct { object {
JSONNumber version; JSONNumber version;
RspStatus status; RspStatus status;
RspRedistInfo redistribution; [OPTIONAL] RspRedistDesc redistribution; [OPTIONAL]
} RspMetaData; } RspMetaData;
with members: with members:
o version: the ALTO Protocol version o version: the ALTO Protocol version
o status: the ALTO Status Code indicating a more detailed reason for o status: an ALTO Status Code from Section 7.4 and corresponding
the success or failure of a request than HTTP Status Codes permit. reason (free-form string) providing a human-readable explanation
See Section 7.4 for a list of ALTO Status Codes defined in this of the particular status code.
document. The corresponding 'reason' is a free-form string
providing a human-readable indication of the particular status
code.
o redistribution: additional meta information used by ALTO o redistribution: see Section 8.
information redistribution (see Section 7.8)
7.2.3.3.2. ALTO Information 7.2.4.3.2. ALTO Information
If the Response is successful (see Section 7.4), then the "type" and If the Response is successful (see Section 7.4), then the "type" and
"data" members of the ALTOResponse object are REQUIRED. "type" "data" members of the ALTOResponse object are REQUIRED. "type"
encodes a Response-specific string which indicates to the ALTO Client encodes a Response-specific string which indicates to the ALTO Client
the type of data encoded in the message. The "data" member encodes the type of data encoded in the message. The "data" member encodes
the actual Response-specific data. The structure of this member is the actual Response-specific data; the structure of this member is
detailed later in this section for each particular ALTO Response. detailed later in this section for each particular ALTO Response.
7.2.3.4. Signature 7.2.4.4. Signature
An ALTO Server MAY additionally supply a signature asserting that it An ALTO Server MAY additionally supply a signature asserting that it
generated a particular response. In order to allow the signature to generated a particular response. See Section 8.2.2.
be computed over the entire response message, the signature itself is
specified in an HTTP Header or Trailer (see Section 7.8.5).
7.3. General Processing 7.3. General Processing
The protocol is structured in such a way that, independent of the The protocol is structured in such a way that, independent of the
query type, there are a set of general processing steps. The ALTO query type, there are a set of general processing steps. The ALTO
Client selects a specific ALTO Server with which to communicate, Client selects a specific ALTO Server with which to communicate,
establishes a TCP connection, and constructs and sends ALTO Request establishes a TCP connection, and constructs and sends ALTO Request
messages which MUST conform to Section 7.7. In response to Request messages which MUST conform to Section 7.8. In response to Request
messages, an ALTO Server constructs and sends ALTO Response messages messages, an ALTO Server constructs and sends ALTO Response messages
which also MUST conform to Section 7.7. which also MUST conform to Section 7.8.
7.4. ALTO Status Codes 7.4. ALTO Status Codes
This document defines ALTO Status Codes to support the operations This document defines ALTO Status Codes to support the operations
defined in this document. Additional status codes may be defined in defined in this document. Additional status codes may be defined in
companion or extension documents. companion or extension documents.
An ALTO Server MUST return the 'Success' code in Table 1 if and only An ALTO Server MUST return the SUCCESS status code if and only if the
if the Request message is successfully processed and the requested Request message is successfully processed and the requested ALTO
ALTO information is returned by the ALTO Server. information is returned by the ALTO Server.
The HTTP Status Codes corresponding to each ALTO Status Code are The HTTP Status Codes corresponding to each ALTO Status Code are
defined to provide correct behavior with HTTP intermediaries and defined to provide correct behavior with HTTP intermediaries and
clients. When an ALTO Server returns a particular ALTO Status Code, clients. When an ALTO Server returns a particular ALTO Status Code,
it MUST indicate one of the corresponding HTTP Status Codes in it MUST indicate one of the corresponding HTTP Status Codes in
Table 1. Table 1.
If multiple errors are present in a single ALTO Request (e.g., a If multiple errors are present in a single ALTO Request (e.g., a
request uses a JSONString when a JSONInteger is expected and a request uses a JSONString when a JSONInteger is expected and a
required field is missing), then the ALTO Server MUST return exactly required field is missing), then the ALTO Server MUST return exactly
skipping to change at page 22, line 22 skipping to change at page 23, line 32
| E_JSON_FIELD_MISSING | 400 | Required field missing | | E_JSON_FIELD_MISSING | 400 | Required field missing |
| E_JSON_VALUE_TYPE | 400 | JSON Value of | | E_JSON_VALUE_TYPE | 400 | JSON Value of |
| | | unexpected type | | | | unexpected type |
| E_INVALID_OPERATION | 501 | Invalid operation | | E_INVALID_OPERATION | 501 | Invalid operation |
| | | requested | | | | requested |
| E_INVALID_COST_TYPE | 501 | Invalid cost type | | E_INVALID_COST_TYPE | 501 | Invalid cost type |
+----------------------+------------------+-------------------------+ +----------------------+------------------+-------------------------+
Table 1: Defined ALTO Status Codes Table 1: Defined ALTO Status Codes
Status codes described in Table 1 are a work in progress. The set of Status codes described in Table 1 are a work in progress. This
status codes will be modified or expanded as implementation document will be modified to update the available status codes as
experience is gained; feedback is welcomed. implementation experience is gained. Feedback is welcomed.
In addition, feedback from implementers of ALTO Clients is welcomed In addition, feedback from implementers of ALTO Clients is welcomed
to identify if there is a need to communicate multiple status codes to identify if there is a need to communicate multiple status codes
in a single response. in a single response.
7.5. Client Behavior 7.5. Client Behavior
7.5.1. Successful Response 7.5.1. Successful Response
This specification does not indicate any required actions taken by This specification does not indicate any required actions taken by
ALTO Clients upon receiving a successful response from an ALTO ALTO Clients upon receiving a successful response from an ALTO
Server. Although ALTO Clients are suggested to interpret the Server. Although ALTO Clients are suggested to interpret the
received ALTO Information and adapt application behavior, ALTO received ALTO Information and adapt application behavior, ALTO
Clients may also choose to ignore the received information. Clients are not required to do so.
7.5.2. Error Conditions 7.5.2. Error Conditions
If an ALTO Client does not receive a successful response from the If an ALTO Client does not receive a successful response from the
ALTO Server, it can either choose another server or fall back to a ALTO Server, it can either choose another server or fall back to a
default behavior (e.g., perform peer selection without the use of default behavior (e.g., perform peer selection without the use of
ALTO information). An ALTO Client may also retry the request at a ALTO information). An ALTO Client may also retry the request at a
later time. later time.
7.6. HTTP Usage 7.6. HTTP Usage
skipping to change at page 23, line 4 skipping to change at page 24, line 14
7.5.2. Error Conditions 7.5.2. Error Conditions
If an ALTO Client does not receive a successful response from the If an ALTO Client does not receive a successful response from the
ALTO Server, it can either choose another server or fall back to a ALTO Server, it can either choose another server or fall back to a
default behavior (e.g., perform peer selection without the use of default behavior (e.g., perform peer selection without the use of
ALTO information). An ALTO Client may also retry the request at a ALTO information). An ALTO Client may also retry the request at a
later time. later time.
7.6. HTTP Usage 7.6. HTTP Usage
7.6.1. Authentication and Encryption 7.6.1. Authentication and Encryption
An ALTO Server MAY support SSL/TLS to implement server and/or client An ALTO Server MAY support SSL/TLS to implement server and/or client
authentication, as well as encryption. authentication, as well as encryption. See [6] for considerations
regarding verifcation of server identity.
An ALTO Server MAY support HTTP Digest authentication. An ALTO Server MAY support HTTP Digest authentication.
7.6.2. Cookies 7.6.2. Cookies
Cookies MUST NOT be used. Cookies MUST NOT be used.
7.6.3. Caching Parameters 7.6.3. Caching Parameters
If the Response generated by the ALTO Server is cachable, the ALTO If the Response generated by the ALTO Server is cachable, the ALTO
Server MAY include 'Cache-Control' and 'Expires' HTTP headers. Server MAY include 'Cache-Control' and 'Expires' HTTP headers.
If a Response generated by the ALTO Server is not cachable, the ALTO If a Response generated by the ALTO Server is not cachable, the ALTO
Server MUST specify the "Cache-Control: no-cache" HTTP Header. Server MUST specify the "Cache-Control: no-cache" HTTP Header.
7.7. ALTO Requests 7.7. ALTO Types
This section details the encoding for particular data values used in
the ALTO Protocol.
7.7.1. PID Name
A PID Name is encoded as a US-ASCII string. The string MUST be no
more than 32 characters, and MUST NOT contain characters other than
alphanumeric characters or the '.' separator. The '.' separator is
reserved for future use and MUST NOT unless specifically indicated by
a companion or extension document.
The type 'PIDName' is used in this document to indicate a string of
this format.
7.7.2. Cost Mode
A Cost Mode is encoded as a US-ASCII string. The string MUST either
have the value 'numerical' or 'ordinal'.
The type 'CostMode' is used in this document to indicate a string of
this format.
7.7.3. Cost Type
A Cost Type is encoded as a US-ASCII string. The string MUST be no
more than 32 characters, and MUST NOT contain characters other than
alphanumeric characters or the ':' separator.
Identifiers prefixed with 'priv:' are reserved for Private Use [7].
Identifiers prefixed with 'exp:' are reserved for Experimental use.
All other identifiers appearing in an ALTO Request or Response MUST
be registered in the ALTO Cost Types registry Section 11.
The type 'CostType' is used in this document to indicate a string of
this format.
7.8. ALTO Messages
This section documents the individual operations supported in the This section documents the individual operations supported in the
ALTO Protocol. See Section 7.2.2 and Section 7.2.3 for ALTO Protocol. See Section 7.2.3 and Section 7.2.4 for
specifications of HTTP Request/Response components common to all specifications of HTTP Request/Response components common to all
operations in the ALTO Protocol. operations in the ALTO Protocol.
Table 2 provides an summary of the HTTP Method and URI-Paths used for Table 2 provides an summary of the HTTP Method and URI-Paths used for
ALTO Requests: ALTO Requests:
+----------------+--------------+----------------------------+ +----------------+--------------+----------------------------+
| Service | Operation | HTTP Method and URI-Path | | Service | Operation | HTTP Method and URI-Path |
+----------------+--------------+----------------------------+ +----------------+--------------+----------------------------+
| Server Info | List Servers | GET /info/servers | | Server Info | List Servers | GET /info/servers |
skipping to change at page 24, line 5 skipping to change at page 26, line 25
| Map Filtering | Cost Map | POST /map/filter/pid/cost | | Map Filtering | Cost Map | POST /map/filter/pid/cost |
| | | | | | | |
| Endpoint Prop. | Lookup | GET /endpoint/prop/<name> | | Endpoint Prop. | Lookup | GET /endpoint/prop/<name> |
| | | POST /endpoint/prop/lookup | | | | POST /endpoint/prop/lookup |
| | | | | | | |
| Endpoint Cost | Lookup | POST /endpoint/cost/lookup | | Endpoint Cost | Lookup | POST /endpoint/cost/lookup |
+----------------+--------------+----------------------------+ +----------------+--------------+----------------------------+
Table 2: Overview of ALTO Requests Table 2: Overview of ALTO Requests
7.7.1. Server Information Service 7.8.1. Server Information Service
The Server Information Service provides information about available The Server Information Service provides information about available
ALTO Servers and their capabilities (e.g., supported services). ALTO Servers and their capabilities (e.g., supported services).
An ALTO Server MUST support the Server Information Service and MUST An ALTO Server MUST support the Server Information Service and MUST
implement all operations defined in this section. implement all operations defined in this section.
7.7.1.1. Server List 7.8.1.1. Server List
The Server List request allows an ALTO Client to discover other ALTO The Server List request allows an ALTO Client to discover other ALTO
Servers provided by the ALTO Service Provider. Upon discovering an Servers provided by the ALTO Service Provider. Upon discovering an
additional ALTO Server, the ALTO Client may then query the server additional ALTO Server, the ALTO Client may then query the server
capabilities (see Section 7.7.1.2) to test if it supports desired capabilities (see Section 7.8.1.2) to test if it supports desired
functionality. functionality.
The Server List request is intended to help an ALTO Client find an The Server List request is intended to help an ALTO Client find an
ALTO Server supporting the desired ALTO Protocol version and ALTO Server supporting the desired ALTO Protocol version and
capabilities. It is not intended to serve as a substitute for the capabilities. It is not intended to serve as a substitute for the
ALTO Server Discovery which helps an ALTO Client locate an initial ALTO Server Discovery which helps an ALTO Client locate an initial
ALTO Server. ALTO Server.
This operation MUST be supported by the ALTO Server. This operation MUST be supported by the ALTO Server.
7.7.1.1.1. Request Syntax 7.8.1.1.1. Request Syntax
GET /info/servers HTTP/1.1 GET /info/servers HTTP/1.1
Host: <Host> Host: <Host>
7.7.1.1.2. Response Syntax 7.8.1.1.2. Response Syntax
HTTP/1.1 200 <StatusMsg> HTTP/1.1 200 <StatusMsg>
Content-Length: <BodyLength> Content-Length: <BodyLength>
Content-Type: application/alto Content-Type: application/alto
<ALTOResponse> <ALTOResponse>
where the ALTOResponse object has "type" member equal to the string where the ALTOResponse object has "type" member equal to the string
"server-list" and "data" member of type RspServerList: "server-list" and "data" member of type RspServerList:
struct { object {
JSONString uri; JSONString uri;
JSONNumber version; JSONNumber version;
} ServerItem; } ServerItem;
struct { object {
ServerItem servers<0..*>; ServerItem servers<0..*>;
} RspServerList; } RspServerList;
RspServerList has members: RspServerList has members:
o servers: Array of available ALTO Servers, detailing the URI of the o servers: Array of available ALTO Servers, detailing the URI of the
ALTO Server and the ALTO Protocol version that it implements. The ALTO Server and the ALTO Protocol version that it implements. The
array must at least contain an entry corresponding to the ALTO array must at least contain an entry corresponding to the ALTO
Server at the URI from which it is retrieving the server list. Server at the URI from which it is retrieving the server list.
7.7.1.1.3. Example 7.8.1.1.3. Example
GET /info/servers HTTP/1.1 GET /info/servers HTTP/1.1
Host: alto.example.com:6671 Host: alto.example.com:6671
HTTP/1.1 200 OK HTTP/1.1 200 OK
Content-Length: [TODO] Content-Length: [TODO]
Content-Type: application/alto Content-Type: application/alto
{ {
"meta" : { "meta" : {
"version" : 1, "version" : 1,
"status" : { "status" : {
"code" : 1 "code" : 1
} }
skipping to change at page 25, line 39 skipping to change at page 28, line 26
"data" : { "data" : {
"servers" : [ "servers" : [
{ {
"uri": "http://alto.example.com:6671", "uri": "http://alto.example.com:6671",
"version" : 1 "version" : 1
} }
] ]
} }
} }
7.7.1.2. Server Capability 7.8.1.2. Server Capability
The Server Capability request allows an ALTO Client to determine the The Server Capability request allows an ALTO Client to determine the
functionality supported by the queried ALTO Server. functionality supported by the queried ALTO Server.
This operation MUST be supported by the ALTO Server. This operation MUST be supported by the ALTO Server.
7.7.1.2.1. Request Syntax 7.8.1.2.1. Request Syntax
GET /info/capability HTTP/1.1 GET /info/capability HTTP/1.1
Host: <Host> Host: <Host>
7.7.1.2.2. Response Syntax 7.8.1.2.2. Response Syntax
HTTP/1.1 200 <StatusMsg> HTTP/1.1 200 <StatusMsg>
Content-Length: <BodyLength> Content-Length: <BodyLength>
Content-Type: application/alto Content-Type: application/alto
<ALTOResponse> <ALTOResponse>
where the ALTOResponse object has "type" member equal to the string where the ALTOResponse object has "type" member equal to the string
"capability" and "data" member of type RspCapability: "capability" and "data" member of type RspCapability:
enum { enum {
map, map,
map_filtering, map-filtering,
endpoint_property, endpoint-property,
endpoint_cost endpoint-cost
} ServiceType; [Note: encoded as JSONString's] } ServiceType; [Note: encoded as JSONString's]
struct { object {
ServiceType services<0..*>; ServiceType services<0..*>;
JSONString cost_types<0..*>; [OPTIONAL] CostMode cost-modes<0..*>; [OPTIONAL]
JSONBool cost_constraints; [OPTIONAL] CostType cost-types<0..*>; [OPTIONAL]
JSONString service_id; [OPTIONAL+] JSONBool cost-constraints; [OPTIONAL]
JSONString certificate; [OPTIONAL+] JSONString service-id; [OPTIONAL]
JSONString certificates<0..*>; [OPTIONAL]
} RspCapability; } RspCapability;
See Section 7.8.1 for additional notes concerning the 'service_id'
and 'certificate' fields for ALTO Servers enabling response
redistribution.
RspCapability has members: RspCapability has members:
o services: Lists the services supported by the ALTO Server. The o services: Lists the services supported by the ALTO Server. The
service names defined in this document are are "map", service names defined in this document are are "map", "map-
"map_filtering", "endpoint_property", and "endpoint_cost". filtering", "endpoint-property", and "endpoint-cost".
o cost_types: Array of cost type information for additional o cost-modes: Array of supported ALTO Cost Modes.
supported ALTO Cost types, detailing the name for each supported
additional type. [[Comment.1: Need to discuss IANA implications
or alternate approaches. Note that current definition assumes the
unit for a cost type is fixed.]]
o cost_constraints: Indicates if the ALTO Server supports cost o cost-types: Array of supported ALTO Cost Types.
o cost-constraints: Indicates if the ALTO Server supports cost
constraints. The value 'false' is implied if this member is not constraints. The value 'false' is implied if this member is not
present. present.
o service_id: UUID [5] indicating an set of ALTO Servers (possibly o service-id: UUID [8] indicating an one or more ALTO Servers
just a single ALTO Server) serving equivalent ALTO Information serving equivalent ALTO Information.
(see Section 7.8).
o certificate: PEM-encoded X.509 certificate used by the ALTO Server o certificates: List of PEM-encoded X.509 certificates used by the
to sign distributed information (see Section 7.8). ALTO Server in the signing of responses.
7.7.1.2.3. Example If an ALTO Server denotes a response as redistributable, the
'service-id' and 'certificates' fields are REQUIRED instead of
OPTIONAL. See Section 8 for detailed specification.
7.8.1.2.3. Example
GET /info/capability HTTP/1.1 GET /info/capability HTTP/1.1
Host: alto.example.com:6671 Host: alto.example.com:6671
HTTP/1.1 200 OK HTTP/1.1 200 OK
Content-Length: [TODO] Content-Length: [TODO]
Content-Type: application/alto Content-Type: application/alto
{ {
"meta" : { "meta" : {
"version" : 1, "version" : 1,
"status" : { "status" : {
"code" : 1 "code" : 1
} }
skipping to change at page 27, line 28 skipping to change at page 30, line 18
{ {
"meta" : { "meta" : {
"version" : 1, "version" : 1,
"status" : { "status" : {
"code" : 1 "code" : 1
} }
}, },
"type" : "capability", "type" : "capability",
"data" : { "data" : {
"services" : [ "map", "map-filtering" ], "services" : [ "map", "map-filtering" ],
"cost_types": [ "cost-modes": [
"numerical",
"ordinal"
],
"cost-types": [
"routingcost", "routingcost",
"hopcount" "hopcount"
], ],
"cost_constraints": false "cost-constraints": false
} }
} }
7.7.2. Map Service 7.8.2. Map Service
The Map Service provides batch information to ALTO Clients in the The Map Service provides batch information to ALTO Clients in the
form of two maps: a Network Map and Cost Map. form of two maps: a Network Map and Cost Map.
An ALTO Server MUST support the Map Service and MUST implement all An ALTO Server MUST support the Map Service and MUST implement all
operations defined in this section. operations defined in this section.
7.7.2.1. Network Map 7.8.2.1. Network Map
The full Network Map lists for each PID, the network locations The full Network Map lists for each PID, the network locations
(endpoints) within the PID. (endpoints) within the PID.
7.7.2.1.1. Request Syntax 7.8.2.1.1. Request Syntax
GET /map/core/pid/net HTTP/1.1 GET /map/core/pid/net HTTP/1.1
Host: <Host> Host: <Host>
7.7.2.1.2. Response Syntax 7.8.2.1.2. Response Syntax
HTTP/1.1 200 <StatusMsg> HTTP/1.1 200 <StatusMsg>
Content-Length: <BodyLength> Content-Length: <BodyLength>
Content-Type: application/alto Content-Type: application/alto
<ALTOResponse> <ALTOResponse>
where the ALTOResponse object has "type" member equal to the string where the ALTOResponse object has "type" member equal to the string
"network_map" and "data" member of type RspNetworkMap: "network-map" and "data" member of type RspNetworkMap:
struct { object {
CIDRString [pidname]<0..*>; CIDRString [pidname]<0..*>;
... ...
} NetworkMapData; } NetworkMapData;
struct { object {
JSONString map_vtag; JSONString map-vtag;
NetworkMapData map; NetworkMapData map;
} RspNetworkMap; } RspNetworkMap;
RspNetworkMap has members: RspNetworkMap has members:
o map_vtag: The Version Tag of the Network Map (Section 5.3) o map-vtag: The Version Tag of the Network Map (Section 5.3)
o map: The network map data itself. o map: The network map data itself.
NetworkMapData is a JSON object with each member representing a NetworkMapData is a JSON object with each member representing a
single PID and its associated set of IP Prefixes (encoded as a string single PID and its associated set of IP Prefixes (encoded as a string
in CIDR notation). A member's name is a JSONString denoting the in CIDR notation). A member's name is a PIDName string denoting the
PID's name. PID's name.
7.7.2.1.3. Example 7.8.2.1.3. Example
GET /map/core/pid/net HTTP/1.1 GET /map/core/pid/net HTTP/1.1
Host: alto.example.com:6671 Host: alto.example.com:6671
HTTP/1.1 200 OK HTTP/1.1 200 OK
Content-Length: [TODO] Content-Length: [TODO]
Content-Type: application/alto Content-Type: application/alto
{ {
"meta" : { "meta" : {
"version" : 1, "version" : 1,
"status" : { "status" : {
"code" : 1 "code" : 1
} }
}, },
"type" : "network_map", "type" : "network-map",
"data" : { "data" : {
"map_vtag" : "1266506139", "map-vtag" : "1266506139",
"map" : { "map" : {
"PID1" : [ "PID1" : [
"192.0.2.0/24", "192.0.2.0/24",
"198.51.100.0/25" "198.51.100.0/25"
], ],
"PID2" : [ "PID2" : [
"198.51.100.128/25" "198.51.100.128/25"
], ],
"PID3" : [ "PID3" : [
"0.0.0.0/0" "0.0.0.0/0"
] ]
} }
} }
} }
7.7.2.2. Cost Map 7.8.2.2. Cost Map
The Map Service Cost Map query is a batch operation in which the ALTO The Map Service Cost Map query is a batch operation in which the ALTO
Server returns the Path Cost for each pair of source/destination PID Server returns the Path Cost for each pair of source/destination PID
defined by the ALTO Server. defined by the ALTO Server.
The ALTO Server provides costs using the default Cost Type The ALTO Server provides costs using the default Cost Type
('routingcost') and default Cost Mode ('numerical'). ('routingcost') and default Cost Mode ('numerical').
7.7.2.2.1. Request Syntax 7.8.2.2.1. Request Syntax
GET /map/core/pid/cost HTTP/1.1 GET /map/core/pid/cost HTTP/1.1
Host: <Host> Host: <Host>
7.7.2.2.2. Response Syntax 7.8.2.2.2. Response Syntax
HTTP/1.1 200 <StatusMsg> HTTP/1.1 200 <StatusMsg>
Content-Length: <BodyLength> Content-Length: <BodyLength>
Content-Type: application/alto Content-Type: application/alto
<ALTOResponse> <ALTOResponse>
where the ALTOResponse object has "type" member equal to the string where the ALTOResponse object has "type" member equal to the string
"cost_map" and "data" member of type RspCostMap: "cost-map" and "data" member of type RspCostMap:
struct DstCosts { object DstCosts {
JSONNumber [dstname]; JSONNumber [dstname];
... ...
}; };
struct { object {
DstCosts [srcname]<0..*>; DstCosts [srcname]<0..*>;
... ...
} CostMapData; } CostMapData;
struct { object {
JSONString map_vtag; JSONString map-vtag;
JSONString cost_type; CostType cost-type;
JSONString cost_mode; CostMode cost-mode;
CostMapData map; CostMapData map;
} RspCostMap; } RspCostMap;
RspCostMap has members: RspCostMap has members:
o map_vtag: The Version Tag of the Network Map used to generate the o map-vtag: The Version Tag of the Network Map used to generate the
Cost Map (Section 5.3). Cost Map (Section 5.3).
o cost_type: Cost Type used in the map (Section 5.1.1) o cost-type: Cost Type used in the map (Section 5.1.1)
o cost_mode: Cost Mode used in the map (Section 5.1.2) o cost-mode: Cost Mode used in the map (Section 5.1.2)
o map: The cost map data itself. o map: The cost map data itself.
CostMapData is a JSON object with each member representing a single CostMapData is a JSON object with each member representing a single
Source PID. For each Source PID, a DstCosts structure denotes the Source PID; the name for a member is the PIDName string identifying
associated cost to a set of destination PIDs (Section 5.2). DstCosts the corresponding Source PID. For each Source PID, a DstCosts object
has a single member for each destination PID in the map. denotes the associated cost to a set of destination PIDs
(Section 5.2); the name for each member in the object is the PIDName
string identifying the corresponding Destination PID. DstCosts has a
single member for each destination PID in the map.
7.7.2.2.3. Example 7.8.2.2.3. Example
GET /map/core/pid/cost HTTP/1.1 GET /map/core/pid/cost HTTP/1.1
Host: alto.example.com:6671 Host: alto.example.com:6671
HTTP/1.1 200 OK HTTP/1.1 200 OK
Content-Length: [TODO] Content-Length: [TODO]
Content-Type: application/alto Content-Type: application/alto
{ {
"meta" : { "meta" : {
"version" : 1, "version" : 1,
"status" : { "status" : {
"code" : 1 "code" : 1
} }
skipping to change at page 31, line 15 skipping to change at page 34, line 21
Content-Length: [TODO] Content-Length: [TODO]
Content-Type: application/alto Content-Type: application/alto
{ {
"meta" : { "meta" : {
"version" : 1, "version" : 1,
"status" : { "status" : {
"code" : 1 "code" : 1
} }
}, },
"type" : "cost_map", "type" : "cost-map",
"data" : { "data" : {
"map_vtag" : "1266506139", "map-vtag" : "1266506139",
"cost_type" : "routingcost", "cost-type" : "routingcost",
"cost_mode" : "numerical", "cost-mode" : "numerical",
"map" : { "map" : {
"PID1": { "PID1": 1, "PID2": 5, "PID3": 10 }, "PID1": { "PID1": 1, "PID2": 5, "PID3": 10 },
"PID2": { "PID1": 5, "PID2": 1, "PID3": 15 }, "PID2": { "PID1": 5, "PID2": 1, "PID3": 15 },
"PID3": { "PID1": 20, "PID2": 15, "PID3": 1 } "PID3": { "PID1": 20, "PID2": 15, "PID3": 1 }
} }
} }
} }
7.7.3. Map Filtering Service 7.8.3. Map Filtering Service
The Map Filtering Service allows ALTO Clients to specify filtering The Map Filtering Service allows ALTO Clients to specify filtering
criteria to return a subset of the full maps available in the Map criteria to return a subset of the full maps available in the Map
Service. Service.
An ALTO Server MAY support the Map Filtering Service. If an ALTO An ALTO Server MAY support the Map Filtering Service. If an ALTO
Server supports the Map Filtering Service, all operations defined in Server supports the Map Filtering Service, all operations defined in
this section MUST be implemented. this section MUST be implemented.
7.7.3.1. Network Map 7.8.3.1. Network Map
ALTO Clients can query for a subset of the full network map (see ALTO Clients can query for a subset of the full network map (see
Section 7.7.2.1). Section 7.8.2.1).
7.7.3.1.1. Request Syntax 7.8.3.1.1. Request Syntax
POST /map/filter/pid/net HTTP/1.1 POST /map/filter/pid/net HTTP/1.1
Host: <Host> Host: <Host>
Content-Length: <BodyLength> Content-Length: <BodyLength>
<ReqNetworkMap> <ReqNetworkMap>
where: where:
struct { object {
JSONString pids<0..*>; PIDName pids<0..*>;
} ReqNetworkMap; } ReqNetworkMap;
The Body of the request encodes an array of PIDs to be included in The Body of the request encodes an array of PIDs to be included in
the resulting Network Map. If the list of PIDs is empty, the ALTO the resulting Network Map. If the list of PIDs is empty, the ALTO
Server MUST interpret the list as if it contained a list of all Server MUST interpret the list as if it contained a list of all
currently-defined PIDs. currently-defined PIDs.
7.7.3.1.2. Response Syntax 7.8.3.1.2. Response Syntax
The Response syntax is identical to that of the Map Service's Network The Response syntax is identical to that of the Map Service's Network
Map Response (Section 7.7.2.1.2). Map Response (Section 7.8.2.1.2).
The ALTO Server MUST only include PIDs in the Response that were The ALTO Server MUST only include PIDs in the Response that were
specified (implicitly or explicitly) in the Request. If the Request specified (implicitly or explicitly) in the Request. If the Request
contains a PID name that is not currently defined by the ALTO Server, contains a PID name that is not currently defined by the ALTO Server,
the ALTO Server MUST behave as if the PID did not appear in the the ALTO Server MUST behave as if the PID did not appear in the
request. request.
7.7.3.1.3. Example 7.8.3.1.3. Example
POST /map/filter/pid/net HTTP/1.1 POST /map/filter/pid/net HTTP/1.1
Host: alto.example.com:6671 Host: alto.example.com:6671
Content-Length: <BodyLength> Content-Length: <BodyLength>
{ {
pids: [ "PID1", "PID2" ] pids: [ "PID1", "PID2" ]
} }
HTTP/1.1 200 OK HTTP/1.1 200 OK
Content-Length: [TODO] Content-Length: [TODO]
Content-Type: application/alto Content-Type: application/alto
{ {
"meta" : { "meta" : {
"version" : 1, "version" : 1,
"status" : { "status" : {
"code" : 1 "code" : 1
} }
}, },
"type" : "network_map", "type" : "network-map",
"data" : { "data" : {
"map_vtag" : "1266506139", "map-vtag" : "1266506139",
"map" : { "map" : {
"PID1" : [ "PID1" : [
"192.0.2.0/24", "192.0.2.0/24",
"198.51.100.0/24", "198.51.100.0/24",
], ],
"PID2" : [ "PID2" : [
"198.51.100.128/24", "198.51.100.128/24",
] ]
} }
} }
} }
7.7.3.2. Cost Map 7.8.3.2. Cost Map
ALTO Clients can query for the Cost Map (see Section 7.7.2.2) based ALTO Clients can query for the Cost Map (see Section 7.8.2.2) based
on additional parameters. on additional parameters.
7.7.3.2.1. Request Syntax 7.8.3.2.1. Request Syntax
POST /map/filter/pid/cost?<URI-Query-String> HTTP/1.1 POST /map/filter/pid/cost?<URI-Query-String> HTTP/1.1
Host: <Host> Host: <Host>
<ReqCostMap> <ReqCostMap>
where: where:
struct { object {
JSONString srcs<0..*>; PIDName srcs<0..*>;
JSONString dsts<0..*>; PIDName dsts<0..*>;
} ReqCostMap; } ReqCostMap;
The Query String may contain the following parameters: The Query String may contain the following parameters:
o type: The requested Cost Type (Section 5.1.1). If not specified, o type: The requested Cost Type (Section 5.1.1). If not specified,
the default value is "routingcost". This parameter MUST NOT be the default value is "routingcost". This parameter MUST NOT be
specified multiple times. specified multiple times.
o mode: The requested Cost mode (Section 5.1.2). If not specified, o mode: The requested Cost mode (Section 5.1.2). If not specified,
the default value is "numerical". This parameter MUST NOT be the default value is "numerical". This parameter MUST NOT be
specified multiple times. specified multiple times.
o constraint: Defines a constraint on which elements of the Cost Map o constraint: Defines a constraint on which elements of the Cost Map
are returned. This parameter MUST NOT be used if the Server are returned. This parameter MUST NOT be used if the Server
Capability Response (Section 7.7.1.2) indicates that constraint Capability Response (Section 7.8.1.2) indicates that constraint
support is not available. A constraint contains two entities support is not available. A constraint contains two entities
separated by whitespace (before URL encoding): (1) an operator separated by whitespace (before URL encoding): (1) an operator
either 'gt' for greater than , 'lt' for less than or 'eq' for either 'gt' for greater than , 'lt' for less than or 'eq' for
equal to with 10 percent on either side, (2) a target numerical equal to with 10 percent on either side, (2) a target numerical
cost. The numerical cost is a number that MUST be defined in the cost. The numerical cost is a number that MUST be defined in the
units specified in the Server Capability Response. If multiple units specified in the Server Capability Response. If multiple
'constraint' parameters are specified, the ALTO Server assumes 'constraint' parameters are specified, the ALTO Server assumes
they are related to each other with a logical AND. If no they are related to each other with a logical AND. If no
'constraint' parameters are specified, then the ALTO Server 'constraint' parameters are specified, then the ALTO Server
returns the full Cost Map. returns the full Cost Map.
The Request body MAY specify a list of Source PIDs, and a list of The Request body MAY specify a list of Source PIDs, and a list of
Destination PIDs. If a list is empty, it is interpreted by the ALTO Destination PIDs. If a list is empty, it is interpreted by the ALTO
Server as the full set of currently-defined PIDs. The ALTO Server Server as the full set of currently-defined PIDs. The ALTO Server
returns costs between each pair of source/destination PID. If the returns costs between each pair of source/destination PID. If the
Request body is empty, both lists are interpreted to be empty. Request body is empty, both lists are interpreted to be empty.
7.7.3.2.2. Response Syntax 7.8.3.2.2. Response Syntax
The Response syntax is identical to that of the Map Service's Cost The Response syntax is identical to that of the Map Service's Cost
Map Response (Section 7.7.2.2.2). Map Response (Section 7.8.2.2.2).
The Response MUST NOT contain any source/destination pair that was The Response MUST NOT contain any source/destination pair that was
not indicated (implicitly or explicitly) in the Request. If the not indicated (implicitly or explicitly) in the Request. If the
Request contains a PID name that is not currently defined by the ALTO Request contains a PID name that is not currently defined by the ALTO
Server, the ALTO Server MUST behave as if the PID did not appear in Server, the ALTO Server MUST behave as if the PID did not appear in
the request. the request.
7.7.3.2.3. Example 7.8.3.2.3. Example
POST /map/filter/pid/cost?type=hopcount HTTP/1.1 POST /map/filter/pid/cost?type=hopcount HTTP/1.1
Host: alto.example.com:6671 Host: alto.example.com:6671
{ {
"srcs" : [ "PID1" ], "srcs" : [ "PID1" ],
"dsts" : [ "PID1", "PID2", "PID3" ] "dsts" : [ "PID1", "PID2", "PID3" ]
} }
HTTP/1.1 200 OK HTTP/1.1 200 OK
Content-Length: [TODO] Content-Length: [TODO]
Content-Type: application/alto Content-Type: application/alto
{ {
"meta" : { "meta" : {
"version" : 1, "version" : 1,
"status" : { "status" : {
"code" : 1 "code" : 1
} }
}, },
"type" : "cost_map", "type" : "cost-map",
"data" : { "data" : {
"map_vtag" : "1266506139", "map-vtag" : "1266506139",
"cost_type" : "hopcount", "cost-type" : "hopcount",
"cost_mode" : "numerical", "cost-mode" : "numerical",
"map" : { "map" : {
"PID1": { "PID1": 0, "PID2": 1, "PID3": 2 } "PID1": { "PID1": 0, "PID2": 1, "PID3": 2 }
} }
} }
} }
7.7.4. Endpoint Property Service 7.8.4. Endpoint Property Service
The Endpoint Property Lookup query allows an ALTO Client to lookup The Endpoint Property Lookup query allows an ALTO Client to lookup
properties of Endpoints known to the ALTO Server. If the ALTO Server properties of Endpoints known to the ALTO Server. If the ALTO Server
provides the Endpoint Property Service, the ALTO Server MUST define provides the Endpoint Property Service, the ALTO Server MUST define
at least the 'pid' property for Endpoints. at least the 'pid' property for Endpoints.
An ALTO Server MAY support the Endpoint Property Service. If an ALTO An ALTO Server MAY support the Endpoint Property Service. If an ALTO
Server supports the Endpoint Property Service, all operations defined Server supports the Endpoint Property Service, all operations defined
in this section MUST be implemented. in this section MUST be implemented.
7.7.4.1. Endpoint Property Lookup 7.8.4.1. Endpoint Property Lookup
7.7.4.1.1. Request Syntax 7.8.4.1.1. Request Syntax
POST /endpoint/prop/lookup?<URI-Query-String> HTTP/1.1 POST /endpoint/prop/lookup?<URI-Query-String> HTTP/1.1
Host: <Host> Host: <Host>
Content-Length: <BodyLength> Content-Length: <BodyLength>
<ReqEndpointProp> <ReqEndpointProp>
where: where:
struct { object {
JSONString endpoints<0..*>; JSONString endpoints<0..*>;
} ReqEndpointProp; } ReqEndpointProp;
The Query String may contain the following parameters: The Query String may contain the following parameters:
o prop: The requested property type. This parameter MUST be o prop: The requested property type. This parameter MUST be
specified at least once, and MAY be specified multiple times specified at least once, and MAY be specified multiple times
(e.g., to query for multiple different properties at once). (e.g., to query for multiple different properties at once).
The body encodes a list of endpoints (IP addresses) as strings. The body encodes a list of endpoints (IP addresses) as strings.
An alternate syntax is supported for the case when properties are An alternate syntax is supported for the case when properties are
requested for a single endpoint: requested for a single endpoint:
GET /endpoint/prop/<Endpoint>?<URI-Query-String> HTTP/1.1 GET /endpoint/prop/<Endpoint>?<URI-Query-String> HTTP/1.1
Host: <Host> Host: <Host>
where the Query String is the same as in the first form. where the Query String is the same as in the first form.
7.7.4.1.2. Response Syntax 7.8.4.1.2. Response Syntax
HTTP/1.1 200 <StatusMsg> HTTP/1.1 200 <StatusMsg>
Content-Length: <BodyLength> Content-Length: <BodyLength>
Content-Type: application/alto Content-Type: application/alto
<ALTOResponse> <ALTOResponse>
where the ALTOResponse object has "type" member equal to the string where the ALTOResponse object has "type" member equal to the string
"endpoint_property" and "data" member of type RspEndpointProperty: "endpoint-property" and "data" member of type RspEndpointProperty:
struct { object {
JSONString [propertyname]; JSONString [propertyname];
... ...
} EndpointProps; } EndpointProps;
struct { object {
EndpointProps [endpointname]<0..*>; EndpointProps [endpointname]<0..*>;
... ...
} RspEndpointProperty; } RspEndpointProperty;
RspEndpointProperty has one member for each endpoint indicated in the RspEndpointProperty has one member for each endpoint indicated in the
Request. The requested properties for each endpoint are encoded in a Request. The requested properties for each endpoint are encoded in a
corresponding EndpointProps object, which encodes one name/value pair corresponding EndpointProps object, which encodes one name/value pair
for each requested property. Note that property values are JSON for each requested property. Note that property values are JSON
Strings. If the ALTO Server does not define a requested property for Strings. If the ALTO Server does not define a requested property for
a particular endpoint, then it MUST omit it from the Response for a particular endpoint, then it MUST omit it from the Response for
only that endpoint. only that endpoint.
7.7.4.1.3. Example 7.8.4.1.3. Example
POST /endpoint/prop/lookup?prop=pid HTTP/1.1 POST /endpoint/prop/lookup?prop=pid HTTP/1.1
Host: alto.example.com:6671 Host: alto.example.com:6671
Content-Length: [TODO] Content-Length: [TODO]
{ {
"endpoints" : [ "192.0.2.34", "203.0.113.129" ] "endpoints" : [ "192.0.2.34", "203.0.113.129" ]
} }
HTTP/1.1 200 OK HTTP/1.1 200 OK
Content-Length: [TODO] Content-Length: [TODO]
Content-Type: application/alto Content-Type: application/alto
{ {
"meta" : { "meta" : {
"version" : 1, "version" : 1,
"status" : { "status" : {
"code" : 1 "code" : 1
} }
}, },
"type" : "endpoint_property", "type" : "endpoint-property",
"data": { "data": {
"192.0.2.34" : { "pid": "PID1" }, "192.0.2.34" : { "pid": "PID1" },
"203.0.113.129" : { "pid": "PID3" } "203.0.113.129" : { "pid": "PID3" }
} }
} }
7.7.5. Endpoint Cost Service 7.8.5. Endpoint Cost Service
The Endpoint Cost Service allows ALTO Clients to directly supply The Endpoint Cost Service allows ALTO Clients to directly supply
endpoints to an ALTO Server. The ALTO Server replies with costs endpoints to an ALTO Server. The ALTO Server replies with costs
(numerical or ordinal) amongst the endpoints. (numerical or ordinal) amongst the endpoints.
In particular, this service allows lists of Endpoint addresses to be In particular, this service allows lists of Endpoint addresses to be
ranked (ordered) by an ALTO Server. ranked (ordered) by an ALTO Server.
An ALTO Server MAY support the Endpoint Cost Service. If an ALTO An ALTO Server MAY support the Endpoint Cost Service. If an ALTO
Server supports the Endpoint Cost Service, all operations defined in Server supports the Endpoint Cost Service, all operations defined in
this section MUST be implemented. this section MUST be implemented.
7.7.5.1. Endpoint Cost Lookup 7.8.5.1. Endpoint Cost Lookup
7.7.5.1.1. Request Syntax 7.8.5.1.1. Request Syntax
POST /endpoint/cost/lookup?<URI-Query-String> HTTP/1.1 POST /endpoint/cost/lookup?<URI-Query-String> HTTP/1.1
Host: <Host> Host: <Host>
Content-Length: <BodyLength> Content-Length: <BodyLength>
<ReqCostMap> <ReqCostMap>
The request body includes a list of source and destination endpoints The request body includes a list of source and destination endpoints
that should be assigned a cost by the ALTO Server. The allowed Query that should be assigned a cost by the ALTO Server. The allowed Query
String parameters are defined identically to Section 7.7.3.2. String parameters are defined identically to Section 7.8.3.2.
The request body MUST specify a list of source Endpoints, and a list The request body MUST specify a list of source Endpoints, and a list
of destination Endpoints, using an structure identical to of destination Endpoints, using an structure identical to
Section 7.7.3.2 with the exception that identifiers are endpoints Section 7.8.3.2 with the exception that identifiers are endpoints
instead of PIDs. If the list of source Endpoints is empty (or it is instead of PIDs. If the list of source Endpoints is empty (or it is
not included), the ALTO Server MUST treat it as if it contained the not included), the ALTO Server MUST treat it as if it contained the
Endpoint address of the requesting client. The list of destination Endpoint address of the requesting client. The list of destination
Endpoints MUST NOT be empty. The ALTO Server returns costs between Endpoints MUST NOT be empty. The ALTO Server returns costs between
each pair of source/destination Endpoint. each pair of source/destination Endpoint.
7.7.5.1.2. Response Syntax 7.8.5.1.2. Response Syntax
HTTP/1.1 200 <StatusMsg> HTTP/1.1 200 <StatusMsg>
Content-Length: <BodyLength> Content-Length: <BodyLength>
Content-Type: application/alto Content-Type: application/alto
<ALTOResponse> <ALTOResponse>
where ALTOResponse is encoded identically to Section 7.7.2.2.2 with where ALTOResponse is encoded identically to Section 7.8.2.2.2 with
the following exceptions: the following exceptions:
o ALTO Response's "type" member must be equal to o ALTO Response's "type" member must be equal to "endpoint-cost-
"endpoint_cost_map", map",
o The "map_vtag" member of RspCostMap MUST be omitted, and o The "map-vtag" member of RspCostMap MUST be omitted, and
o Identifiers refer to endpoints instead of PIDs. o Identifiers refer to endpoints instead of PIDs.
7.7.5.1.3. Example 7.8.5.1.3. Example
POST /endpoint/cost/lookup?mode=ordinal HTTP/1.1 POST /endpoint/cost/lookup?mode=ordinal HTTP/1.1
Host: alto.example.com:6671 Host: alto.example.com:6671
Content-Length: [TODO] Content-Length: [TODO]
{ {
"src": [ "192.0.2.2" ], "src": [ "192.0.2.2" ],
"dst": [ "192.0.2.89", "198.51.100.34", "203.0.113.45" ] "dst": [ "192.0.2.89", "198.51.100.34", "203.0.113.45" ]
} }
skipping to change at page 39, line 34 skipping to change at page 42, line 34
Content-Length: [TODO] Content-Length: [TODO]
Content-Type: application/alto Content-Type: application/alto
{ {
"meta" : { "meta" : {
"version" : 1, "version" : 1,
"status" : { "status" : {
"code" : 1 "code" : 1
} }
}, },
"type" : "endpoint_cost_map", "type" : "endpoint-cost-map",
"data" : { "data" : {
"cost-type" : "routingcost", "cost-type" : "routingcost",
"cost-mode" : "ordinal", "cost-mode" : "ordinal",
"map" : { "map" : {
"192.0.2.2": { "192.0.2.2": {
"192.0.2.89" : 1, "192.0.2.89" : 1,
"198.51.100.34" : 2, "198.51.100.34" : 2,
"203.0.113.45" : 3 "203.0.113.45" : 3
} }
} }
} }
} }
7.8. Redistributable Responses 8. Redistributable Responses
An ALTO Server MAY indicate that a response is suitable for
redistribution by including the "redistribution" member in the
RspMetaData JSON object of an ALTO Response message. This additional
member has type RspRedistInfo:
struct { This section defines how an ALTO Server enables certain responses to
JSONString service_id; be redistributed by ALTO Clients. Concepts are first introduced,
JSONString request_uri; followed by the protocol specification.
JSONValue request_body;
JSONString expires;
} RspRedistInfo;
If an ALTO Server indicates the that the response is redistributable, 8.1. Concepts
the Response message MUST satisfy all requirements in this section.
The ALTO Server generating the response indicates its own unique 8.1.1. Service ID
identifier (Service ID) and any input parameters used to generate the
response. This allows ALTO Clients to which the information is
distributed to understand the context of the query and interpret the
results. This information is encoded in the RspRedistInfo JSON
Object.
7.8.1. Server Capability Requirements The Service ID is a UUID that identifies a set of ALTO Servers that
would provide identical ALTO Information for any ALTO Request for any
ALTO Client. Each ALTO Server within such a set is configured with
an identical Service ID.
The 'service_id' and 'certificate' fields of the Server Capability If a pair of ALTO Servers would provide different ALTO Information in
response are REQUIRED if an ALTO Server generates redistributable response to a particular ALTO Client request, then the pair of ALTO
responses. Servers MUST have a different Service ID.
7.8.2. Service ID 8.1.1.1. Rationale
For scalability and fault tolerance, multiple ALTO Servers may be For scalability and fault tolerance, multiple ALTO Servers may be
deployed to serve equivalent ALTO Information. In such a scenario, deployed to serve equivalent ALTO Information. In such a scenario,
ALTO Responses from any such redundant server should be seen as ALTO Responses from any such redundant server should be seen as
equivalent for the purposes of redistribution. For example, if two equivalent for the purposes of redistribution. For example, if two
ALTO Servers A and B are deployed by the service provider to ALTO Servers A and B are deployed by the service provider to
distribute equivalent ALTO Information, then clients contacting distribute equivalent ALTO Information, then clients contacting
Server A should be able to redistribute ALTO Responses to Server B. Server A should be able to redistribute ALTO Responses to clients
contacting Server B.
One technique for doing this would be to rely on the server's DNS To accomplish this behavior, ALTO Clients must be able to determine
name. However, such an approach would mandate that all ALTO Servers that Server A and Server B serve identical ALTO Information. One
resolved by a particular DNS name would need to provide equivalent technique would be to rely on the ALTO Server's DNS name. However,
ALTO information, which may be unneccessarily restrictive. Another such an approach would mandate that all ALTO Servers resolved by a
particular DNS name would need to provide equivalent ALTO
information, which may be unneccessarily restrictive. Another
technique would be to rely on the server's IP adddress. However, technique would be to rely on the server's IP adddress. However,
this suffers similar problems as the DNS name in deployment scenarios this suffers similar problems as the DNS name in deployment scenarios
using IP Anycast. using IP Anycast.
To avoid such restrictions, the ALTO Protocol allows an ALTO Service To avoid such restrictions, the ALTO Protocol allows an ALTO Service
Provider to explicitly denote ALTO Servers that provide equivalent Provider to explicitly denote ALTO Servers that provide equivalent
ALTO Information by giving them identical Service IDs. ALTO Information by giving them identical Service IDs. Service IDs
decouple the identification of equivalent ALTO Servers from the
discovery process.
8.1.1.2. Server Capability Response
If an ALTO Server generates redistributable responses, the Server If an ALTO Server generates redistributable responses, the Server
Capability response's 'service_id' field MUST be set to the ALTO Capability response's 'service-id' field MUST be set to the ALTO
Server's Service ID. Server's Service ID.
To help prevent ALTO Servers from mistakenly claiming to distribute 8.1.1.3. Configuration
equivalent ALTO Information, ALTO Server Implementations SHOULD by
default generate a new UUID at installation time. The default,
generated UUID may be overridden by the service provider.
7.8.3. Server and Request Parameters
This section defines the members of the RspRedistInfo JSON object.
The 'service_id' member is REQUIRED and MUST have a value equal to
the ALTO Server's Service ID.
The 'request_uri' member is REQUIRED and MUST specify the HTTP
Request-URI that was passed in the HTTP Request.
If the HTTP Request body was non-empty, the 'request_body' member
MUST specify full JSON value passed in the HTTP Request (note that
whitespace may differ, as long as the JSON Value is identical). If
the HTTP Request was empty, then the 'request_body' MUST NOT be
included.
Note that information about ALTO Client performing the Request and To help prevent ALTO Servers from mistakenly claiming to distribute
any HTTP Headers passed in the request are not included. If any such equivalent ALTO Information, ALTO Server implementations SHOULD by
information or headers influence the response generated by the ALTO default generate a new UUID at installation time or startup if one
Server, the response SHOULD NOT be indicated as redistributable. has not explicitly been configured.
7.8.4. Expiration Time 8.1.2. Expiration Time
ALTO Responses marked as redistributable SHOULD indicate a time after ALTO Responses marked as redistributable should indicate a time after
which the information is considered stale and should be refreshed which the information is considered stale and should be refreshed
from the ALTO Server (or possibly another ALTO Client). from the ALTO Server (or possibly another ALTO Client).
The 'expires' element is RECOMMENDED and, if present, MUST specify a
time in UTC formatted according to [6].
If an expiration time is present, the ALTO Server SHOULD ensure that If an expiration time is present, the ALTO Server SHOULD ensure that
it is reasonably consistent with the expiration time that would be it is reasonably consistent with the expiration time that would be
computed by HTTP header fields. If the expiration time in the computed by HTTP header fields. This specification makes no
'expires' element is earlier, some ALTO Clients may refresh data from recommendation on which expiration time takes precedence, but
the ALTO Server earlier than expected. If the expiration time implementers should be cognizant that HTTP intermediaries will obey
included in the response body is later, some ALTO Clients may refresh only the HTTP header fields.
the data later than expected.
7.8.5. Signature 8.1.3. Signature
ALTO Responses marked as redistributable MUST include a signature ALTO Responses marked as redistributable include a signature used to
used to assert that the ALTO Server Provider generated the ALTO assert that the ALTO Server Provider generated the ALTO Information.
Information.
8.1.3.1. Rationale
Verification of the signature requires the ALTO Client to retrieve Verification of the signature requires the ALTO Client to retrieve
the ALTO Server's public key. There are multiple possibilities to the ALTO Server's public key. There are multiple possibilities
retrieve it: through which the ALTO Protocol could be designed to retrieve it:
o SSL/TLS connection with the ALTO Server: The public key algorithm o SSL/TLS connection with the ALTO Server: The public key algorithm
and public key may be retrieved from the ALTO Server's X.509 and public key may be retrieved from the ALTO Server's X.509
Certificate used on an HTTPS connection between the ALTO Server Certificate used on an HTTPS connection between the ALTO Server
and ALTO Client. and ALTO Client.
o Included in ALTO Server's Server Capability Response: If the ALTO o Included in ALTO Server's Server Capability Response: An X.509
Client requests from the ALTO Server over a non SSL/TLS certificate (including the public key and public key algorithm)
connection, an X.509 certificate (including the public key and can be included in the Server Capability Response. This could be
public key algorithm) can be included in the Server Capability achieved even if the ALTO Server and ALTO Client do not have a
Response. SSL/TLS channel.
To reduce requirements on the underlying transport (i.e., requiring To reduce requirements on the underlying transport (i.e., requiring
SSL/TLS), the ALTO Protocol uses the latter option. This SSL/TLS), the ALTO Protocol uses the latter option.
specification makes the following requirements of the X.509
certificates:
o The certificate's corresponding private key MUST be used to sign 8.1.3.2. Certificates
redistributable responses.
o The certificate for each ALTO Server with an identical Service ID 8.1.3.2.1. Local Certificate
MUST be identical.
ALTO Clients SHOULD verify that the certificate satisfies any local The ALTO Server's public key is encoded within an X.509 certificate.
policies (e.g., Issuer, expiration date, etc). The corresponding private key MUST be used to sign redistributable
responses. This certificate is termed the Local Certificate for an
ALTO Server.
The ALTO Server may include the Hash Algorithm, Signature Algorithm, 8.1.3.2.2. Certificate Chain
and Signature in either HTTP Headers or Trailers. Headers may be
useful if Responses are pre-generated, while Trailers may be useful
if Responses are dynamically generated (e.g., to avoid buffering
large responses in memory while the hash value is computed).
The following HTTP Headers (the ALTO Server MAY specify them as HTTP To ease key provisioning, the ALTO Protocol is designed such that
Trailers) MUST be used to encode the Signature parameters for each ALTO Server with an identical Service ID may have a unique
redistributable ALTO Responses: private key (and hence certificate).
ALTO-HashAlgorithm: <HashAlgorithm> The ALTO Service Provider may configure a certificate chain at each
ALTO-SignatureAlgorithm: <SignatureAlgorithm> such ALTO Server. The Local Certificate for a single ALTO Server is
ALTO-SignatureDigest: <Signature> the bottom-most certificate in the chain. The Certificate Chains of
each ALTO Server with an identical Service ID MUST share a common
Root Certificate.
where <HashAlgorithm> and <SignatureAlgorithm> are an integer values Note that there are two simple deployment scenarios:
from the IANA TLS HashAlgorithm and SignatureAlgorithm registries,
and <Signature> is the corresponding PEM-encoded signature. o One-Level Certificate Chain (Local Certificate Only): In this
deployment scenario, each ALTO Server with an identical Service ID
may provisioned with an identical Local Certificate.
o Two-Level Certificate Chain: In this deployment scenario, a Root
Certificate is maintained for a set of ALTO Servers with the same
Service ID. A unique Local Certificate signed by this CA is
provisioned to each ALTO Server.
There are advantages to using a Certificate Chain instead of
deploying the same Local Certificate to each ALTO Server.
Specifically, it avoids storage of the CA's private key at ALTO
Servers. It is possible to revoke and re-issue a key to a single
ALTO Server.
8.1.3.2.3. Server Capability Response
If an ALTO Server generates redistributable responses, the Server
Capability response's 'certificates' field MUST be populated with the
ALTO Server's full certificate chain. The first element MUST be the
ALTO Server's Local Certificate, followed by the remaining
Certificate Chain in ascending order to the Root Certificate.
8.1.3.3. Signature Verification
ALTO Clients SHOULD verify the signature on any ALTO information ALTO Clients SHOULD verify the signature on any ALTO information
received via redistribution before adjusting application behavior received via redistribution before adjusting application behavior
based on it. based on it.
If an ALTO Client consumes ALTO Information from multiple ALTO An ALTO Client SHOULD cache its ALTO Server's Service ID and
Servers, it can locally maintain a map of the corresponding corresponding Certificate Chain included in the Server Capability
certificate for each ALTO Server. Upon receiving redistributed response. Recall that the last certificate in this chain is the Root
information, it may lookup the appropriate certificate to use for Certificate. The retrieval of the Service ID and certificates SHOULD
signature verification based on the Service ID contained in the be secured using HTTPS with proper validation of the server endpoint
redistributed ALTO Response. Note that verifying the signature also of the SSL/TLS connection [6].
protects against hijacking of a Service ID as long as the initial
certificate retrieval (via the Server Capability Response) is secure An ALTO Response received via redistribution from Service ID S is
from hijacking. declared valid if an ALTO Client can construct a transitive
certificate chain from the certificate (public key) used to sign the
ALTO Response to the Root Certificate corresponding to Service ID S
obtained by the ALTO Client in a Server Capability response.
To properly construct the chain and complete this validation, an ALTO
Client may need to request additional certificates from other ALTO
Clients. A simple mechanism is to request the certificate chain from
the ALTO Client that received the ALTO Response. Note that these
additional received certificates may be cached locally by an ALTO
CLient.
ALTO Clients SHOULD verify ALTO Responses received via
redistribution.
8.1.3.4. Redistribution by ALTO Clients
ALTO Clients SHOULD pass the ALTO Server Certificate, Signature, and ALTO Clients SHOULD pass the ALTO Server Certificate, Signature, and
Signature Algorithm along with the body of the ALTO Response. The Signature Algorithm along with the body of the ALTO Response. The
mechanism for redistributing such information is not specified by the mechanism for redistributing such information is not specified by the
ALTO Protocol, but one possibility is to add additional messages or ALTO Protocol, but one possibility is to add additional messages or
fields to the application's native protocol. fields to the application's native protocol.
8. Use Cases 8.2. Protocol
An ALTO Server MAY indicate that a response is suitable for
redistribution by including the "redistribution" member in the
RspMetaData JSON object of an ALTO Response message. This additional
member, called the Response Redistribution Descriptor, has type
RspRedistDesc:
object {
JSONString service-id;
JSONString request-uri;
JSONValue request-body;
JSONString expires;
} RspRedistDesc;
The fields encoded in the Response Redistribution Descriptor allows
an ALTO Client receiving redistributed ALTO Information to understand
the context of the query (the ALTO Service generating the response
and any input parameters) and to interpret the results.
Information about ALTO Client performing the Request and any HTTP
Headers passed in the request are not included in the Response
Redistribution Descriptor. If any such information or headers
influence the response generated by the ALTO Server, the response
SHOULD NOT be indicated as redistributable.
8.2.1. Response Redistribution Descriptor Fields
This section defines the fields of the Response Redistribution
Descriptor.
8.2.1.1. Service ID
The 'service-id' member is REQUIRED and MUST have a value equal to
the ALTO Server's Service ID.
8.2.1.2. Request URI
The 'request-uri' member is REQUIRED and MUST specify the HTTP
Request-URI that was passed in the HTTP Request.
8.2.1.3. Request Body
If the HTTP Request body was non-empty, the 'request-body' member
MUST specify full JSON value passed in the HTTP Request (note that
whitespace may differ, as long as the JSON Value is identical). If
the HTTP Request was empty, then the 'request-body' MUST NOT be
included.
8.2.1.4. Expiration Time
The 'expires' element is RECOMMENDED and, if present, MUST specify a
time in UTC formatted according to [9].
8.2.2. Signature
The Hash Algorithm, Signature Algorithm, and Signature are included
as either HTTP Headers or Trailers. Headers may be useful if
Responses are pre-generated, while Trailers may be useful if
Responses are dynamically generated (e.g., to avoid buffering large
responses in memory while the hash value is computed).
The following HTTP Headers (the ALTO Server MAY specify them as HTTP
Trailers instead) MUST be used to encode the Signature parameters for
redistributable ALTO Responses:
ALTO-HashAlgorithm: <HashAlgorithm>
ALTO-SignatureAlgorithm: <SignatureAlgorithm>
ALTO-SignatureDigest: <Signature>
where <HashAlgorithm> and <SignatureAlgorithm> are an integer values
from the IANA TLS HashAlgorithm and SignatureAlgorithm registries,
and <Signature> is the corresponding PEM-encoded signature.
9. Use Cases
The sections below depict typical use cases. The sections below depict typical use cases.
8.1. ALTO Client Embedded in P2P Tracker 9.1. ALTO Client Embedded in P2P Tracker
Many P2P currently-deployed P2P systems use a Tracker to manage Many P2P currently-deployed P2P systems use a Tracker to manage
swarms and perform peer selection. P2P trackers may currently use a swarms and perform peer selection. P2P trackers may currently use a
variety of information to perform peer selection to meet application- variety of information to perform peer selection to meet application-
specific goals. By acting as an ALTO Client, an P2P tracker can use specific goals. By acting as an ALTO Client, an P2P tracker can use
ALTO information as an additional information source to enable more ALTO information as an additional information source to enable more
network-efficient traffic patterns and improve application network-efficient traffic patterns and improve application
performance. performance.
A particular requirement of many P2P trackers is that they must A particular requirement of many P2P trackers is that they must
skipping to change at page 45, line 5 skipping to change at page 50, line 5
sources. Note that it is possible that a tracker may use only sources. Note that it is possible that a tracker may use only
the Network Map to implement hierarchical peer selection by the Network Map to implement hierarchical peer selection by
preferring peers within the same PID and ISP. preferring peers within the same PID and ISP.
5. The P2P Client connects to the selected peers. 5. The P2P Client connects to the selected peers.
Note that the P2P tracker may provide peer lists to P2P clients Note that the P2P tracker may provide peer lists to P2P clients
distributed across multiple ISPs. In such a case, the P2P tracker distributed across multiple ISPs. In such a case, the P2P tracker
may communicate with multiple ALTO Servers. may communicate with multiple ALTO Servers.
8.2. ALTO Client Embedded in P2P Client: Numerical Costs 9.2. ALTO Client Embedded in P2P Client: Numerical Costs
P2P clients may also utilize ALTO information themselves when P2P clients may also utilize ALTO information themselves when
selecting from available peers. It is important to note that not all selecting from available peers. It is important to note that not all
P2P systems use a P2P tracker for peer discovery and selection. P2P systems use a P2P tracker for peer discovery and selection.
Furthermore, even when a P2P tracker is used, the P2P clients may Furthermore, even when a P2P tracker is used, the P2P clients may
rely on other sources, such as peer exchange and DHTs, to discover rely on other sources, such as peer exchange and DHTs, to discover
peers. peers.
When an P2P Client uses ALTO information, it typically queries only When an P2P Client uses ALTO information, it typically queries only
the ALTO Server servicing its own ISP. The my-Internet view provided the ALTO Server servicing its own ISP. The my-Internet view provided
skipping to change at page 46, line 5 skipping to change at page 51, line 5
2. The P2P Client requests the Cost Map amongst all PIDs from the 2. The P2P Client requests the Cost Map amongst all PIDs from the
ALTO Server. The Cost Map by default specifies numerical costs. ALTO Server. The Cost Map by default specifies numerical costs.
3. The P2P Client discovers peers from sources such as Peer Exchange 3. The P2P Client discovers peers from sources such as Peer Exchange
(PEX) from other P2P Clients, Distributed Hash Tables (DHT), and (PEX) from other P2P Clients, Distributed Hash Tables (DHT), and
P2P Trackers. P2P Trackers.
4. The P2P Client uses ALTO information as part of the algorithm for 4. The P2P Client uses ALTO information as part of the algorithm for
selecting new peers, and connects to the selected peers. selecting new peers, and connects to the selected peers.
8.3. ALTO Client Embedded in P2P Client: Ranking 9.3. ALTO Client Embedded in P2P Client: Ranking
It is also possible for a P2P Client to offload the selection and It is also possible for a P2P Client to offload the selection and
ranking process to an ALTO Server. In this use case, the ALTO Client ranking process to an ALTO Server. In this use case, the ALTO Client
gathers a list of known peers in the swarm, and asks the ALTO Server gathers a list of known peers in the swarm, and asks the ALTO Server
to rank them. to rank them.
As in the use case using numerical costs, the P2P Client typically As in the use case using numerical costs, the P2P Client typically
only queries the ALTO Server servicing its own ISP. only queries the ALTO Server servicing its own ISP.
.---------. .---------------. .---------. .---------------.
skipping to change at page 46, line 48 skipping to change at page 51, line 48
P2P Trackers. P2P Trackers.
2. The P2P Client queries the ALTO Server's Ranking Service, 2. The P2P Client queries the ALTO Server's Ranking Service,
including discovered peers as the set of Destination Endpoints, including discovered peers as the set of Destination Endpoints,
and indicates the 'ordinal' Cost Mode. The response indicates and indicates the 'ordinal' Cost Mode. The response indicates
the ranking of the candidate peers. the ranking of the candidate peers.
3. The P2P Client connects to the peers in the order specified in 3. The P2P Client connects to the peers in the order specified in
the ranking. the ranking.
9. Discussions 10. Discussions
9.1. Discovery 10.1. Discovery
The particular mechanism by which an ALTO Client discovers its ALTO
Server is an important component to the ALTO architecture and
numerous techniques have been discussed [19]. However, the discovery
mechanism is out of scope for this document. This document assumes
that an ALTO Client can discover an appropriate ALTO Server. Note
that the Server List query in the Server Information Service is
intended to aid an ALTO Client in selecting an available ALTO Server
with the capabilities necessary for its application.
Some ISPs have proposed the possibility of delegation, in which an The discovery mechanism by which an ALTO Client locates an
ISP provides information for customer networks which do not wish to appropriate ALTO Server is out of scope for this document. This
run ALTO Servers themselves. A consideration for delegation is that document assumes that an ALTO Client can discover an appropriate ALTO
customer networks may wish to explicitly configure such delegation. Server. Once it has done so, the ALTO Client may use the Server List
query Section 7.8.1.1 to locate an ALTO Server with capabilities
necessary for its application.
9.2. Hosts with Multiple Endpoint Addresses 10.2. Hosts with Multiple Endpoint Addresses
In practical deployments, especially during the transition from IPv4 In practical deployments, especially during the transition from IPv4
to IPv6, a particular host may be reachable using multiple addresses. to IPv6, a particular host may be reachable using multiple addresses.
Furthermore, the particular network path followed when sending Furthermore, the particular network path followed when sending
packets to the host may differ based on the address that is used. packets to the host may differ based on the address that is used.
Network providers may perfer one path over another (e.g., one path my Network providers may perfer one path over another (e.g., one path my
have a NAT64 middlebox). An additional consideration may be how to have a NAT64 middlebox). An additional consideration may be how to
handle private address spaces (e.g., behind carrier-grade NATs). handle private address spaces (e.g., behind carrier-grade NATs).
Note that to support such behavior, Endpoints must be associated with Note that to support such behavior, Endpoints must be associated with
skipping to change at page 47, line 44 skipping to change at page 52, line 37
a more efficient/compact encoding is possible in some cases (e.g., a more efficient/compact encoding is possible in some cases (e.g.,
all addresses in the same PID are IPv6). all addresses in the same PID are IPv6).
There are limitations as to what information ALTO can provide in this There are limitations as to what information ALTO can provide in this
regard. In particular, a particular ALTO Service provider may not be regard. In particular, a particular ALTO Service provider may not be
able to determine if connectivity with a particular endhost will able to determine if connectivity with a particular endhost will
succeed over IPv4 or IPv6, as this may depend upon information succeed over IPv4 or IPv6, as this may depend upon information
unknown to the ISP such as particular application implementations. unknown to the ISP such as particular application implementations.
Exploration of these issues is being considered in a separate Exploration of these issues is being considered in a separate
Internet Draft [20]. Once a suitable solution emerges, it will be Internet Draft [23]. Once a suitable solution emerges, it will be
included in this document. included in this document.
9.3. Network Address Translation Considerations 10.3. Network Address Translation Considerations
At this day and age of NAT v4<->v4, v4<->v6 [21], and possibly At this day and age of NAT v4<->v4, v4<->v6 [24], and possibly
v6<->v6[22], a protocol should strive to be NAT friendly and minimize v6<->v6[25], a protocol should strive to be NAT friendly and minimize
carrying IP addresses in the payload, or provide a mode of operation carrying IP addresses in the payload, or provide a mode of operation
where the source IP address provide the information necessary to the where the source IP address provide the information necessary to the
server. server.
The protocol specified in this document provides a mode of operation The protocol specified in this document provides a mode of operation
where the source network location is computed by the ALTO Server (via where the source network location is computed by the ALTO Server (via
the Endpoint Property Lookup interface) from the source IP address the Endpoint Property Lookup interface) from the source IP address
found in the ALTO Client query packets. This is similar to how some found in the ALTO Client query packets. This is similar to how some
P2P Trackers (e.g., BitTorrent Trackers - see "Tracker HTTP/HTTPS P2P Trackers (e.g., BitTorrent Trackers - see "Tracker HTTP/HTTPS
Protocol" in [23]) operate. Protocol" in [26]) operate.
The ALTO client SHOULD use the Session Traversal Utilities for NAT The ALTO client SHOULD use the Session Traversal Utilities for NAT
(STUN) [7] to determine a public IP address to use as a source (STUN) [10] to determine a public IP address to use as a source
Endpoint address. If using this method, the host MUST use the Endpoint address. If using this method, the host MUST use the
"Binding Request" message and the resulting "XOR-MAPPED-ADDRESS" "Binding Request" message and the resulting "XOR-MAPPED-ADDRESS"
parameter that is returned in the response. Using STUN requires parameter that is returned in the response. Using STUN requires
cooperation from a publicly accessible STUN server. Thus, the ALTO cooperation from a publicly accessible STUN server. Thus, the ALTO
client also requires configuration information that identifies the client also requires configuration information that identifies the
STUN server, or a domain name that can be used for STUN server STUN server, or a domain name that can be used for STUN server
discovery. To be selected for this purpose, the STUN server needs to discovery. To be selected for this purpose, the STUN server needs to
provide the public reflexive transport address of the host. provide the public reflexive transport address of the host.
9.4. Mapping IPs to ASNs 10.4. Mapping IPs to ASNs
It may be desired for the ALTO Protocol to provide ALTO information It may be desired for the ALTO Protocol to provide ALTO information
including ASNs. Thus, ALTO Clients may need to identify the ASN for including ASNs. Thus, ALTO Clients may need to identify the ASN for
a Resource Provider to determine the cost to that Resource Provider. a Resource Provider to determine the cost to that Resource Provider.
Applications can already map IPs to ASNs using information from a BGP Applications can already map IPs to ASNs using information from a BGP
Looking Glass. To do so, they must download a file of about 1.5MB Looking Glass. To do so, they must download a file of about 1.5MB
when compressed (as of October 2008, with all information not needed when compressed (as of October 2008, with all information not needed
for IP to ASN mapping removed) and periodically (perhaps monthly) for IP to ASN mapping removed) and periodically (perhaps monthly)
refresh it. refresh it.
Alternatively, the Network Map query in the Map Filtering Service Alternatively, the Network Map query in the Map Filtering Service
defined in this document could be extended to map ASNs into a set of defined in this document could be extended to map ASNs into a set of
IP prefixes. The mappings provided by the ISP would be both smaller IP prefixes. The mappings provided by the ISP would be both smaller
and more authoritative. and more authoritative.
For simplicity of implementation, it's highly desirable that clients For simplicity of implementation, it's highly desirable that clients
only have to implement exactly one mechanism of mapping IPs to ASNs. only have to implement exactly one mechanism of mapping IPs to ASNs.
9.5. Endpoint and Path Properties 10.5. Endpoint and Path Properties
An ALTO Server could make available many properties about Endpoints An ALTO Server could make available many properties about Endpoints
beyond their network location or grouping. For example, connection beyond their network location or grouping. For example, connection
type, geographical location, and others may be useful to type, geographical location, and others may be useful to
applications. The current draft focuses on network location and applications. The current draft focuses on network location and
grouping, but the protocol may be extended to handle other Endpoint grouping, but the protocol may be extended to handle other Endpoint
properties. properties.
9.6. P2P Peer Selection 11. IANA Considerations
11.1. application/alto Media Type
This section discusses possible approaches to peer selection using This document requests the registration of a new media type:
ALTO information (Network Location Identifiers and associated Costs) "application/alto":
from an ALTO Server. Specifically, the application must select which
peers to use based on this and other sources of information. With
this in mind, the usage of ALTO Costs is intentionally flexible,
because:
Different applications may use the information differently. For Type name: application
example, an application that connects to just one address may have
a different algorithm for selecting it than an application that
connects to many.
Though initial experiments have been conducted [24], more Subtype name: alto
investigation is needed to identify other methods.
In addition, the application might account for robustness, perhaps Required parameters: n/a
using randomized exploration to determine if it performs better
without ALTO information.
9.6.1. Client-based Peer Selection Optional parameters: n/a
One possibility is for peer selection using ALTO costs to be done Encoding considerations: Encoding considerations are identical to
entirely by a P2P client. The following are some techniques have those specified for the 'application/json' media type. See [4].
been proposed and/or used:
o Prefer network locations with lower ordinal rankings (i.e., higher Security considerations: Security considerations relating to the
priority) [14] [11]. generation and consumption of ALTO protocol messages are discussed
in Section 12.
o Optimistically unchoking low-cost peers with higher probability Interoperability considerations: This document specifies format of
[11]. conforming messages and the interpretation thereof.
9.6.2. Server-based Peer Selection Published specification: This document.
Another possibility is for ALTO costs to be used by an Application Applications that use this media type: ALTO Servers and ALTO Clients
Tracker (e.g., BitTorrent Tracker) when returning peer lists. The either standalone or embedded within other applications.
following are techniques that have been proposed and/or used:
o Using bandwidth matching (e.g., at an Application Tracker) and Additional information:
choosing solution (within bound of optimal) with minimal network
cost [24].
9.6.3. Protocol Extension: 'Location-Only' Peer Selection Magic number(s): n/a
This section discusses a promising peer selection algorithm that was File extension(s): This document uses the mime type to refer to
recently used in experiments with a P2P live streaming application. protocol messages and thus does not require a file extension.
However, to support it, a small protocol extension would be required,
but the protocol extension is general and may be applicable in other
contexts as well. Feedback from the WG is greatly encouraged.
Experiments in the context of live streaming have shown significant Macintosh file type code(s): n/a
benefits of a simple "location-only" algorithm that primarily makes
use of the Network Map. A benefit of this algorithm is that it can
provide a simple integration path for applications wishing to utilize
ALTO.
In particular, the algorithm proceeds as follows to select an ordered Person & email address to contact for further information: See
list of peers for a particular incoming (or existing peer): "Authors' Addresses" section.
1. Insert into the result list a number (up to a threshold) of peers Intended usage: COMMON
from the same PID as the incoming peer.
2. Insert into the result list a number (up to a threshold) of peers Restrictions on usage: n/a
from the same ISP as the incoming peer.
3. Insert into the result list a number (up to a threshold) of peers Author: See "Authors' Addresses" section.
from different ISPs than the incoming peer.
In the experiments, this algorithm was implemented at a tracker and Change controller: See "Authors' Addresses" section.
executed for peer selection when peers initially join and when
requesting new peers.
This algorithm makes two assumptions about the preferences 11.2. ALTO Cost Type Registry
communicated by the Network Map:
o The ISP prefers peers within the same PID to peer with each other This document requests the creation of an ALTO Cost Type registry to
(see Section 4); and be maintained by IANA.
o The ALTO Server can indicate which PIDs describe network locations This registry serves two purposes. First, it ensures uniqueness of
within the same ISP. identifiers referring to ALTO Cost Types. Second, it provides
references to particular semantics of allocated Cost Types to be
applied by both ALTO Servers and applications utilizing ALTO Clients.
The second assumption is currently not satisfied by the ALTO New ALTO Cost Types are assigned after Expert Review [7]. The Expert
protocol, but could be accomplished by including a PID attribute. Reviewer will generally consult the ALTO Working Group or its
For example, a boolean attribute name "Intra-Region" with value successor. Expert Review is used to ensure that proper documentation
'true' could be added to PIDs within the ALTO Server's Network regarding ALTO Cost Type semantics and security considerations has
Region. been provided. The provided documentation should be detailed enough
to provide guidance to both ALTO Service Providers and applications
utilizing ALTO Clients as to how values of the registered ALTO Cost
Type should be interpreted. Updates and deletions of ALTO Cost Types
follow the same procedure.
10. IANA Considerations Registered ALTO Cost Type identifiers MUST conform to the syntatical
requirements specified in Section 7.7.3. Identifiers are to be
recorded and displayed as ASCII strings.
This document request the registration of a new media type: Identifiers prefixed with 'priv:' are reserved for Private Use.
"application/alto" Identifiers prefixed with 'exp:' are reserved for Experimental use.
11. Security Considerations Requests to add a new value to the registry MUST include the
following information:
11.1. Privacy Considerations for ISPs o Identifier: The name of the desired ALTO Cost Type.
o Intended Semantics: ALTO Costs carry with them semantics to guide
their usage by ALTO Clients. For example, if a value refers to a
measurement, the measurement units must be documented. For proper
implementation of the ordinal Cost Mode (e.g., by a third-party
service), it should be documented whether higher or lower values
of the cost are more preferred.
o Security Considerations: ALTO Costs expose information to ALTO
Clients. As such, proper usage of a particular Cost Type may
require certain information to be exposed by an ALTO Service
Provider. Since network information is frequently regarded as
proprietary or confidential, ALTO Service Providers should be made
aware of the security ramifications related to usage of a Cost
Type.
This specification requests registration of the identifier
'routingcost'. Semantics for the this Cost Type are documented in
Section 5.1.1.1, and security considerations are documented in
Section 12.1.
12. Security Considerations
12.1. Privacy Considerations for ISPs
ISPs must be cognizant of the network topology and provisioning ISPs must be cognizant of the network topology and provisioning
information provided through ALTO Interfaces. ISPs should evaluate information provided through ALTO Interfaces. ISPs should evaluate
how much information is revealed and the associated risks. On the how much information is revealed and the associated risks. On the
one hand, providing overly fine-grained information may make it one hand, providing overly fine-grained information may make it
easier for attackers to infer network topology. In particular, easier for attackers to infer network topology. In particular,
attackers may try to infer details regarding ISPs' operational attackers may try to infer details regarding ISPs' operational
policies, inter-ISP business relationships, etc. by intentionally policies or inter-ISP business relationships by intentionally posting
posting a multitude of selective queries to an ALTO server (and a multitude of selective queries to an ALTO server and analyzing the
carefully analyzing the responses). Such sophisticated attacks may responses. Such sophisticated attacks may reveal more information
reveal more information than an ISP hosting an ALTO server intends to than an ISP hosting an ALTO server intends to disclose. On the other
disclose. On the other hand, revealing overly coarse-grained hand, revealing overly coarse-grained information may not provide
information may not provide benefits to network efficiency or benefits to network efficiency or performance improvements to ALTO
performance improvements to ALTO Clients. Clients.
11.2. ALTO Clients 12.2. ALTO Clients
Applications using the information must be cognizant of the Applications using the information must be cognizant of the
possibility that the information is malformed or incorrect. Even if possibility that the information is malformed or incorrect. Even if
an ALTO Server has been properly authenticated by the ALTO Client, an ALTO Server has been properly authenticated by the ALTO Client,
the information provided may be malicious because the ALTO Server and the information provided may be malicious because the ALTO Server and
its credentials have been compromised (e.g., through malware). Other its credentials have been compromised (e.g., through malware). Other
considerations (e.g., relating to application performance) can be considerations (e.g., relating to application performance) can be
found in Section 6 of [15]. found in Section 6 of [18].
ALTO Clients should also be cognizant of revealing Network Location ALTO Clients should also be cognizant of revealing Network Location
Identifiers (IP addresses or fine-grained PIDs) to the ALTO Server, Identifiers (IP addresses or fine-grained PIDs) to the ALTO Server,
as doing so may allow the ALTO Server to infer communication as doing so may allow the ALTO Server to infer communication
patterns. One possibility is for the ALTO Client to only rely on patterns. One possibility is for the ALTO Client to only rely on
Network Map for PIDs and Cost Map amongst PIDs to avoid passing IP Network Map for PIDs and Cost Map amongst PIDs to avoid passing IP
addresses of their peers to the ALTO Server. addresses of their peers to the ALTO Server.
In addition, ALTO clients should be cautious not to unintentionally In addition, ALTO clients should be cautious not to unintentionally
or indirectly disclose the resource identifier (of which they try to or indirectly disclose the resource identifier (of which they try to
improve the retrieval through ALTO-guidance), e.g., the name/ improve the retrieval through ALTO-guidance), e.g., the name/
identifier of a certain video stream in P2P live streaming, to the identifier of a certain video stream in P2P live streaming, to the
ALTO server. Note that the ALTO Protocol specified in this document ALTO server. Note that the ALTO Protocol specified in this document
does not explicitly reveal any resource identifier to the ALTO does not explicitly reveal any resource identifier to the ALTO
Server. However, for instance, depending on the popularity or other Server. However, for instance, depending on the popularity or other
specifics (such as language) of the resource, an ALTO server could specifics (such as language) of the resource, an ALTO server could
potentially deduce information about the desired resource from potentially deduce information about the desired resource from
information such as the Network Locations the client sends as part of information such as the Network Locations the client sends as part of
its request to the server. its request to the server.
11.3. Authentication, Integrity Protection, and Encryption 12.3. Authentication, Integrity Protection, and Encryption
SSL/TLS can provide encryption of transmitted messages as well as SSL/TLS can provide encryption of transmitted messages as well as
authentication of the ALTO Client and Server. HTTP Basic or Digest authentication of the ALTO Client and Server. HTTP Basic or Digest
authentication can provide authentication of the client (combined authentication can provide authentication of the client (combined
with SSL/TLS, it can additionally provide encryption and with SSL/TLS, it can additionally provide encryption and
authentication of the server). authentication of the server).
An ALTO Server may optionally use authentication (and potentially An ALTO Server may optionally use authentication (and potentially
encryption) to protect ALTO information it provides. This can be encryption) to protect ALTO information it provides. This can be
achieved by digitally signing a hash of the ALTO information itself achieved by digitally signing a hash of the ALTO information itself
and attaching the signature to the ALTO information. There may be and attaching the signature to the ALTO information. There may be
special use cases where encryption of ALTO information is desirable. special use cases where encryption of ALTO information is desirable.
In most cases, however, information sent out by an ALTO Server is In many cases, however, information sent out by an ALTO Server may be
most likely to be regarded as non-confidential information. regarded as non-confidential information.
ISPs should be cognizant that encryption only protects ALTO ISPs should be cognizant that encryption only protects ALTO
information until it is decrypted by the intended ALTO Client. information until it is decrypted by the intended ALTO Client.
Digital Rights Management (DRM) techniques and legal agreements Digital Rights Management (DRM) techniques and legal agreements
protecting ALTO information are outside of the scope of this protecting ALTO information are outside of the scope of this
document. document.
11.4. ALTO Information Redistribution 12.4. ALTO Information Redistribution
It is possible for applications to redistribute ALTO information to It is possible for applications to redistribute ALTO information to
improve scalability. Even with such a distribution scheme, ALTO improve scalability. Even with such a distribution scheme, ALTO
Clients obtaining ALTO information must be able to validate the Clients obtaining ALTO information must be able to validate the
received ALTO information to ensure that it was actually generated by received ALTO information to ensure that it was generated by an
the correct ALTO Server. Further, to prevent the ALTO Server from appropriate ALTO Server. Further, to prevent the ALTO Server from
being a target of attack, the verification scheme must not require being a target of attack, the verification scheme must not require
ALTO Clients to contact the ALTO Server to validate every set of ALTO Clients to contact the ALTO Server to validate every set of
information. Note that in any case, contacting the originating ALTO information. Contacting an ALTO server for information validation
server for information validation would undermine the intended effect would also undermine the intended effect of redistribution and is
of redistribution and is therefore not desirable. therefore not desirable.
Note that the redistribution scheme must additionally handle details Note that the redistribution scheme must additionally handle details
such as ensuring ALTO Clients retrieve ALTO information from the such as ensuring ALTO Clients retrieve ALTO information from the
correct ALTO Server. See [18] for further discussion. Details of a correct ALTO Server. See [21] for further discussion. Details of a
particular redistribution scheme are outside the scope of this particular redistribution scheme are outside the scope of this
document. document.
To fulfill these requirements, ALTO Information meant to be To fulfill these requirements, ALTO Information meant to be
redistributable contains a digital signature which includes a hash of redistributable contains a digital signature which includes a hash of
the ALTO information signed by the ALTO Server with its private key. the ALTO information signed by the ALTO Server with its private key.
The corresponding public key should either be part of the ALTO The corresponding public key is included in the Server Capability
information itself, or it could be included in the server capability response Section 7.8.1.2, along with the certificate chain to a Root
response. The public key SHOULD include the hostname of the ALTO Certificate generated by the ALTO Service Provider. To prevent man-
Server and it SHOULD be signed by a trusted authority (i.e., in a in-the-middle attacks, an ALTO Client SHOULD perform the Server
certificate). This enables an ALTO client retrieving redistributed Capability Query over SSL/TLS and verify the server identity
ALTO information to verify the correctness of the ALTO Server's according to [6].
signature, given that it trusts the authority which signed the ALTO
Server's certificate. Note that in some cases this requires that the
retrieving ALTO Client must be able to derive a transitive
certificate chain (including a Root-CA) to the trusted authority
which signed the ALTO Server's certificate. This requirement may not
be possible to fulfill between every ALTO Client / ALTO Server
combination on the Internet due to the lack of a world-wide public
key infrastructure.
11.5. Denial of Service The signature verification algorithm is detailed in Section 8.1.3.3.
12.5. Denial of Service
ISPs should be cognizant of the workload at the ALTO Server generated ISPs should be cognizant of the workload at the ALTO Server generated
by certain ALTO Queries, such as certain queries to the Map Filtering by certain ALTO Queries, such as certain queries to the Map Filtering
Service and Ranking Service. In particular, queries which can be Service and Ranking Service. In particular, queries which can be
generated with low effort but result in expensive workloads at the generated with low effort but result in expensive workloads at the
ALTO Server could be exploited for Denial-of-Service attacks. For ALTO Server could be exploited for Denial-of-Service attacks. For
instance, a simple ALTO query with n Source Network Locations and m instance, a simple ALTO query with n Source Network Locations and m
Destination Network Locations can be generated fairly easily but Destination Network Locations can be generated fairly easily but
results in the computation of n*m Path Costs between pairs by the results in the computation of n*m Path Costs between pairs by the
ALTO Server (see Section 5.2). One way to limit Denial-of-Service ALTO Server (see Section 5.2). One way to limit Denial-of-Service
attacks is to employ access control to the ALTO server. Another attacks is to employ access control to the ALTO server. Another
possible mechanism for an ALTO Server to protect itself against a possible mechanism for an ALTO Server to protect itself against a
multitude of computationally expensive bogus requests is to demand multitude of computationally expensive bogus requests is to demand
that each ALTO Client to solve a computational puzzle first before that each ALTO Client to solve a computational puzzle first before
allocating resources for answering a request (see, e.g., [25]). The allocating resources for answering a request (see, e.g., [27]). The
current specification does not use such computational puzzles, and current specification does not use such computational puzzles, and
discussion regarding tradeoffs of such an approach would be needed discussion regarding tradeoffs of such an approach would be needed
before including such a technique in the ALTO Protocol. before including such a technique in the ALTO Protocol.
ISPs should also leverage the fact that the the Map Service allows ISPs should also leverage the fact that the the Map Service allows
ALTO Servers to pre-generate maps that can be useful to many ALTO ALTO Servers to pre-generate maps that can be useful to many ALTO
Clients. Clients.
11.6. ALTO Server Access Control 12.6. ALTO Server Access Control
In order to limit access to an ALTO server (e.g., for an ISP to only In order to limit access to an ALTO server (e.g., for an ISP to only
allow its users to access its ALTO server, or to prevent Denial-of- allow its users to access its ALTO server, or to prevent Denial-of-
Service attacks by arbitrary hosts from the Internet), an ALTO server Service attacks by arbitrary hosts from the Internet), an ALTO server
may employ access control policies. Depending on the use-case and may employ access control policies. Depending on the use-case and
scenario, an ALTO server may restrict access to its services more scenario, an ALTO server may restrict access to its services more
strictly or rather openly (see [26] for a more detailed discussion on strictly or rather openly (see [28] for a more detailed discussion on
this issue). this issue).
12. References 13. References
13.1. Normative References
12.1. Normative References
[1] Bradner, S., "Key words for use in RFCs to Indicate Requirement [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997. Levels", BCP 14, RFC 2119, March 1997.
[2] Berners-Lee, T., Fielding, R., and H. Nielsen, "Hypertext [2] Berners-Lee, T., Fielding, R., and H. Nielsen, "Hypertext
Transfer Protocol -- HTTP/1.0", RFC 1945, May 1996. Transfer Protocol -- HTTP/1.0", RFC 1945, May 1996.
[3] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., [3] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L.,
Leach, P., and T. Berners-Lee, "Hypertext Transfer Protocol -- Leach, P., and T. Berners-Lee, "Hypertext Transfer Protocol --
HTTP/1.1", RFC 2616, June 1999. HTTP/1.1", RFC 2616, June 1999.
[4] Crockford, D., "The application/json Media Type for JavaScript [4] Crockford, D., "The application/json Media Type for JavaScript
Object Notation (JSON)", RFC 4627, July 2006. Object Notation (JSON)", RFC 4627, July 2006.
[5] Leach, P., Mealling, M., and R. Salz, "A Universally Unique [5] Blake-Wilson, S., Nystrom, M., Hopwood, D., Mikkelsen, J., and
T. Wright, "Transport Layer Security (TLS) Extensions",
RFC 4366, April 2006.
[6] Saint-Andre, P. and J. Hodges, "Representation and Verification
of Domain-Based Application Service Identity within Internet
Public Key Infrastructure Using X.509 (PKIX) Certificates in
the Context of Transport Layer Security (TLS)",
draft-saintandre-tls-server-id-check-10 (work in progress),
October 2010.
[7] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA
Considerations Section in RFCs", BCP 26, RFC 5226, May 2008.
[8] Leach, P., Mealling, M., and R. Salz, "A Universally Unique
IDentifier (UUID) URN Namespace", RFC 4122, July 2005. IDentifier (UUID) URN Namespace", RFC 4122, July 2005.
[6] Klyne, G., Ed. and C. Newman, "Date and Time on the Internet: [9] Klyne, G., Ed. and C. Newman, "Date and Time on the Internet:
Timestamps", RFC 3339, July 2002. Timestamps", RFC 3339, July 2002.
[7] Rosenberg, J., Mahy, R., Matthews, P., and D. Wing, "Session [10] Rosenberg, J., Mahy, R., Matthews, P., and D. Wing, "Session
Traversal Utilities for (NAT) (STUN)", Traversal Utilities for (NAT) (STUN)",
draft-ietf-behave-rfc3489bis-18 (work in progress), July 2008. draft-ietf-behave-rfc3489bis-18 (work in progress), July 2008.
12.2. Informative References 13.2. Informative References
[8] Kiesel, S., Popkin, L., Previdi, S., Woundy, R., and Y. Yang, [11] Kiesel, S., Popkin, L., Previdi, S., Woundy, R., and Y. Yang,
"Application-Layer Traffic Optimization (ALTO) Requirements", "Application-Layer Traffic Optimization (ALTO) Requirements",
draft-kiesel-alto-reqs-01 (work in progress), November 2008. draft-kiesel-alto-reqs-01 (work in progress), November 2008.
[9] Alimi, R., Pasko, D., Popkin, L., Wang, Y., and Y. Yang, "P4P: [12] Alimi, R., Pasko, D., Popkin, L., Wang, Y., and Y. Yang, "P4P:
Provider Portal for P2P Applications", draft-p4p-framework-00 Provider Portal for P2P Applications", draft-p4p-framework-00
(work in progress), November 2008. (work in progress), November 2008.
[10] Wang, Y., Alimi, R., Pasko, D., Popkin, L., and Y. Yang, "P4P [13] Wang, Y., Alimi, R., Pasko, D., Popkin, L., and Y. Yang, "P4P
Protocol Specification", draft-wang-alto-p4p-specification-00 Protocol Specification", draft-wang-alto-p4p-specification-00
(work in progress), March 2009. (work in progress), March 2009.
[11] Shalunov, S., Penno, R., and R. Woundy, "ALTO Information [14] Shalunov, S., Penno, R., and R. Woundy, "ALTO Information
Export Service", draft-shalunov-alto-infoexport-00 (work in Export Service", draft-shalunov-alto-infoexport-00 (work in
progress), October 2008. progress), October 2008.
[12] Das, S. and V. Narayanan, "A Client to Service Query Response [15] Das, S. and V. Narayanan, "A Client to Service Query Response
Protocol for ALTO", draft-saumitra-alto-queryresponse-00 (work Protocol for ALTO", draft-saumitra-alto-queryresponse-00 (work
in progress), March 2009. in progress), March 2009.
[13] Das, S., Narayanan, V., and L. Dondeti, "ALTO: A Multi [16] Das, S., Narayanan, V., and L. Dondeti, "ALTO: A Multi
Dimensional Peer Selection Problem", Dimensional Peer Selection Problem",
draft-saumitra-alto-multi-ps-00 (work in progress), draft-saumitra-alto-multi-ps-00 (work in progress),
October 2008. October 2008.
[14] Akonjang, O., Feldmann, A., Previdi, S., Davie, B., and D. [17] Akonjang, O., Feldmann, A., Previdi, S., Davie, B., and D.
Saucez, "The PROXIDOR Service", draft-akonjang-alto-proxidor-00 Saucez, "The PROXIDOR Service", draft-akonjang-alto-proxidor-00
(work in progress), March 2009. (work in progress), March 2009.
[15] Seedorf, J. and E. Burger, "Application-Layer Traffic [18] Seedorf, J. and E. Burger, "Application-Layer Traffic
Optimization (ALTO) Problem Statement", RFC 5693, October 2009. Optimization (ALTO) Problem Statement", RFC 5693, October 2009.
[16] Yang, Y., Popkin, L., Penno, R., and S. Shalunov, "An [19] Yang, Y., Popkin, L., Penno, R., and S. Shalunov, "An
Architecture of ALTO for P2P Applications", Architecture of ALTO for P2P Applications",
draft-yang-alto-architecture-00 (work in progress), March 2009. draft-yang-alto-architecture-00 (work in progress), March 2009.
[17] Zyp, K., "A JSON Media Type for Describing the Structure and [20] Zyp, K., "A JSON Media Type for Describing the Structure and
Meaning of JSON Documents", draft-zyp-json-schema-02 (work in Meaning of JSON Documents", draft-zyp-json-schema-02 (work in
progress), March 2010. progress), March 2010.
[18] Yingjie, G., Alimi, R., and R. Even, "ALTO Information [21] Yingjie, G., Alimi, R., and R. Even, "ALTO Information
Redistribution", draft-gu-alto-redistribution-03 (work in Redistribution", draft-gu-alto-redistribution-03 (work in
progress), July 2010. progress), July 2010.
[19] Song, H., Even, R., Pascual, V., and Y. Zhang, "Application- [22] 3rd, D., "Transport Layer Security (TLS) Extensions: Extension
Layer Traffic Optimization (ALTO): Discover ALTO Servers", Definitions", draft-ietf-tls-rfc4366-bis-12 (work in progress),
draft-song-alto-server-discovery-00 (work in progress), September 2010.
March 2009.
[20] Penno, R. and J. Medved, "ALTO and IPv4/IPv6 Co-existence and [23] Penno, R. and J. Medved, "ALTO and IPv4/IPv6 Co-existence and
Transition", draft-penno-alto-ipv4v6-00 (work in progress), Transition", draft-penno-alto-ipv4v6-00 (work in progress),
June 2010. June 2010.
[21] Baker, F., Li, X., and C. Bao, "Framework for IPv4/IPv6 [24] Baker, F., Li, X., and C. Bao, "Framework for IPv4/IPv6
Translation", draft-baker-behave-v4v6-framework-02 (work in Translation", draft-baker-behave-v4v6-framework-02 (work in
progress), February 2009. progress), February 2009.
[22] Wasserman, M. and F. Baker, "IPv6-to-IPv6 Network Address [25] Wasserman, M. and F. Baker, "IPv6-to-IPv6 Network Address
Translation (NAT66)", draft-mrw-behave-nat66-02 (work in Translation (NAT66)", draft-mrw-behave-nat66-02 (work in
progress), March 2009. progress), March 2009.
[23] "Bittorrent Protocol Specification v1.0", [26] "Bittorrent Protocol Specification v1.0",
http://wiki.theory.org/BitTorrentSpecification, 2009. http://wiki.theory.org/BitTorrentSpecification, 2009.
[24] H. Xie, YR. Yang, A. Krishnamurthy, Y. Liu, and A. [27] Jennings, C., "Computational Puzzles for SPAM Reduction in
SIP", draft-jennings-sip-hashcash-06 (work in progress),
July 2007.
[28] Stiemerling, M. and S. Kiesel, "ALTO Deployment
Considerations", draft-stiemerling-alto-deployments-05 (work in
progress), October 2010.
[29] H. Xie, YR. Yang, A. Krishnamurthy, Y. Liu, and A.
Silberschatz., "P4P: Provider Portal for (P2P) Applications", Silberschatz., "P4P: Provider Portal for (P2P) Applications",
In SIGCOMM 2008. In SIGCOMM 2008.
[25] Jennings, C., "Computational Puzzles for SPAM Reduction in Appendix A. TO BE MOVED
SIP", draft-jennings-sip-hashcash-06 (work in progress),
July 2007.
[26] Stiemerling, M. and S. Kiesel, "ALTO Deployment The text in this section is intended to be moved to a more
Considerations", draft-stiemerling-alto-deployments-04 (work in appropriate document.
progress), July 2010.
Appendix A. Acknowledgments A.1. Discovery
Some ISPs have proposed the possibility of delegation, in which an
ISP provides information for customer networks which do not wish to
run ALTO Servers themselves. A consideration for delegation is that
customer networks may wish to explicitly configure such delegation.
A.2. P2P Peer Selection
This section discusses possible approaches to peer selection using
ALTO information (Network Location Identifiers and associated Costs)
from an ALTO Server. Specifically, the application must select which
peers to use based on this and other sources of information. With
this in mind, the usage of ALTO Costs is intentionally flexible,
because:
Different applications may use the information differently. For
example, an application that connects to just one address may have
a different algorithm for selecting it than an application that
connects to many.
Though initial experiments have been conducted [29], more
investigation is needed to identify other methods.
In addition, the application might account for robustness, perhaps
using randomized exploration to determine if it performs better
without ALTO information.
A.2.1. Client-based Peer Selection
One possibility is for peer selection using ALTO costs to be done
entirely by a P2P client. The following are some techniques have
been proposed and/or used:
o Prefer network locations with lower ordinal rankings (i.e., higher
priority) [17] [14].
o Optimistically unchoking low-cost peers with higher probability
[14].
A.2.2. Server-based Peer Selection
Another possibility is for ALTO costs to be used by an Application
Tracker (e.g., BitTorrent Tracker) when returning peer lists. The
following are techniques that have been proposed and/or used:
o Using bandwidth matching (e.g., at an Application Tracker) and
choosing solution (within bound of optimal) with minimal network
cost [29].
A.2.3. Location-Only Peer Selection
This section discusses a promising peer selection algorithm that was
recently used in experiments with a P2P live streaming application.
Experiments in the context of live streaming have shown significant
benefits of a simple "location-only" algorithm that primarily makes
use of the Network Map. A benefit of this algorithm is that it can
provide a simple integration path for applications wishing to utilize
ALTO.
In particular, the algorithm proceeds as follows to select an ordered
list of peers for a particular incoming (or existing peer):
1. Insert into the result list a number (up to a threshold) of peers
from the same PID as the incoming peer.
2. Insert into the result list a number (up to a threshold) of peers
from the same ISP as the incoming peer.
3. Insert into the result list a number (up to a threshold) of peers
from different ISPs than the incoming peer.
In the experiments, this algorithm was implemented at a tracker and
executed for peer selection when peers initially join and when
requesting new peers.
This algorithm makes two assumptions about the preferences
communicated by the Network Map:
o The ISP prefers peers within the same PID to peer with each other
(see Section 4); and
o The ALTO Client can distinguish between peers within the same ISP
and peers outside of the ISP. In implementation at the ALTO
Client, it may may estimate a threshold based on costs read from
the Cost Map.
Appendix B. Acknowledgments
Thank you to Jan Seedorf for contributions to the Security Thank you to Jan Seedorf for contributions to the Security
Considerations section. We would like to thank Yingjie Gu and Roni Considerations section. We would like to thank Yingjie Gu and Roni
Even for helpful input and design concerning ALTO Information Even for helpful input and design concerning ALTO Information
redistribution. redistribution.
We would like to thank the following people whose input and We would like to thank the following people whose input and
involvement was indispensable in achieving this merged proposal: involvement was indispensable in achieving this merged proposal:
Obi Akonjang (DT Labs/TU Berlin), Obi Akonjang (DT Labs/TU Berlin),
skipping to change at page 57, line 13 skipping to change at page 64, line 17
Lafferty (DCIA), Erran Li (Bell Labs), Jin Li (Microsoft), Y. Grace Lafferty (DCIA), Erran Li (Bell Labs), Jin Li (Microsoft), Y. Grace
Liu (IBM Watson), Jason Livingood (Comcast), Michael Merritt (AT&T), Liu (IBM Watson), Jason Livingood (Comcast), Michael Merritt (AT&T),
Ingmar Poese (DT Labs/TU Berlin), James Royalty (Pando Networks), Ingmar Poese (DT Labs/TU Berlin), James Royalty (Pando Networks),
Damien Saucez (UCL) Thomas Scholl (AT&T), Emilio Sepulveda Damien Saucez (UCL) Thomas Scholl (AT&T), Emilio Sepulveda
(Telefonica), Avi Silberschatz (Yale University), Hassan Sipra (Bell (Telefonica), Avi Silberschatz (Yale University), Hassan Sipra (Bell
Canada), Georgios Smaragdakis (DT Labs/TU Berlin), Haibin Song Canada), Georgios Smaragdakis (DT Labs/TU Berlin), Haibin Song
(Huawei), Oliver Spatscheck (AT&T), See-Mong Tang (Microsoft), Jia (Huawei), Oliver Spatscheck (AT&T), See-Mong Tang (Microsoft), Jia
Wang (AT&T), Hao Wang (Yale University), Ye Wang (Yale University), Wang (AT&T), Hao Wang (Yale University), Ye Wang (Yale University),
Haiyong Xie (Yale University). Haiyong Xie (Yale University).
Appendix B. Authors Appendix C. Authors
[[Comment.2: RFC Editor: Please move information in this section to [[Comment.1: RFC Editor: Please move information in this section to
the Authors' Addresses section at publication time.]] the Authors' Addresses section at publication time.]]
Stefano Previdi Stefano Previdi
Cisco Cisco
Email: sprevidi@cisco.com Email: sprevidi@cisco.com
Stanislav Shalunov Stanislav Shalunov
BitTorrent BitTorrent
Email: shalunov@bittorrent.com Email: shalunov@bittorrent.com
Richard Woundy Richard Woundy
Comcast Comcast
Richard_Woundy@cable.comcast.com Richard_Woundy@cable.comcast.com
Authors' Addresses Authors' Addresses
Richard Alimi (editor) Richard Alimi (editor)
Yale University Google
1600 Amphitheatre Parkway
Mountain View CA
USA
Email: richard.alimi@yale.edu Email: ralimi@google.com
Reinaldo Penno (editor) Reinaldo Penno (editor)
Juniper Networks Juniper Networks
1194 N Mathilda Avenue 1194 N Mathilda Avenue
Sunnyvale, CA Sunnyvale CA
USA USA
Email: rpenno@juniper.net Email: rpenno@juniper.net
Y. Richard Yang (editor) Y. Richard Yang (editor)
Yale University Yale University
51 Prospect St
New Haven CT
USA
Email: yry@cs.yale.edu Email: yry@cs.yale.edu
 End of changes. 273 change blocks. 
603 lines changed or deleted 866 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/