| < draft-ietf-alto-reqs-04.txt | draft-ietf-alto-reqs-05.txt > | |||
|---|---|---|---|---|
| Network Working Group S. Kiesel, Ed. | Network Working Group S. Kiesel, Ed. | |||
| Internet-Draft University of Stuttgart | Internet-Draft University of Stuttgart | |||
| Intended status: Informational L. Popkin | Intended status: Informational S. Previdi | |||
| Expires: September 9, 2010 Pando Networks, Inc. | Expires: December 16, 2010 Cisco Systems, Inc. | |||
| S. Previdi | M. Stiemerling | |||
| Cisco Systems, Inc. | NEC Europe Ltd. | |||
| R. Woundy | R. Woundy | |||
| Comcast Corporation | Comcast Corporation | |||
| Y R. Yang | Y R. Yang | |||
| Yale University | Yale University | |||
| March 8, 2010 | June 14, 2010 | |||
| Application-Layer Traffic Optimization (ALTO) Requirements | Application-Layer Traffic Optimization (ALTO) Requirements | |||
| draft-ietf-alto-reqs-04.txt | draft-ietf-alto-reqs-05.txt | |||
| Abstract | Abstract | |||
| Many Internet applications are used to access resources, such as | Many Internet applications are used to access resources, such as | |||
| pieces of information or server processes, which are available in | pieces of information or server processes, which are available in | |||
| several equivalent replicas on different hosts. This includes, but | several equivalent replicas on different hosts. This includes, but | |||
| is not limited to, peer-to-peer file sharing applications. The goal | is not limited to, peer-to-peer file sharing applications. The goal | |||
| of Application-Layer Traffic Optimization (ALTO) is to provide | of Application-Layer Traffic Optimization (ALTO) is to provide | |||
| guidance to applications, which have to select one or several hosts | guidance to applications, which have to select one or several hosts | |||
| from a set of candidates, that are able to provide a desired | from a set of candidates, that are able to provide a desired | |||
| skipping to change at page 2, line 13 ¶ | skipping to change at page 2, line 13 ¶ | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||
| http://www.ietf.org/ietf/1id-abstracts.txt. | http://www.ietf.org/ietf/1id-abstracts.txt. | |||
| The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||
| http://www.ietf.org/shadow.html. | http://www.ietf.org/shadow.html. | |||
| This Internet-Draft will expire on September 9, 2010. | This Internet-Draft will expire on December 16, 2010. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2010 IETF Trust and the persons identified as the | Copyright (c) 2010 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the BSD License. | described in the BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 2. Terminology and architectural framework . . . . . . . . . . . 5 | 2. Terminology and Architectural Framework . . . . . . . . . . . 5 | |||
| 2.1. Requirements notation . . . . . . . . . . . . . . . . . . 5 | 2.1. Requirements Notation . . . . . . . . . . . . . . . . . . 5 | |||
| 2.2. ALTO terminology . . . . . . . . . . . . . . . . . . . . . 5 | 2.2. ALTO Terminology . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 2.3. Architectural framework for ALTO . . . . . . . . . . . . . 6 | 2.3. Architectural Framework for ALTO . . . . . . . . . . . . . 6 | |||
| 2.4. Sample use cases . . . . . . . . . . . . . . . . . . . . . 6 | 2.4. Sample Use Cases . . . . . . . . . . . . . . . . . . . . . 6 | |||
| 3. ALTO requirements . . . . . . . . . . . . . . . . . . . . . . 9 | 3. ALTO Requirements . . . . . . . . . . . . . . . . . . . . . . 9 | |||
| 3.1. ALTO client protocol . . . . . . . . . . . . . . . . . . . 9 | 3.1. ALTO Client Protocol . . . . . . . . . . . . . . . . . . . 9 | |||
| 3.1.1. General requirements . . . . . . . . . . . . . . . . . 9 | 3.1.1. General Requirements . . . . . . . . . . . . . . . . . 9 | |||
| 3.1.2. Host group descriptor support . . . . . . . . . . . . 9 | 3.1.2. Host Group Descriptor Support . . . . . . . . . . . . 9 | |||
| 3.1.3. Rating criteria support . . . . . . . . . . . . . . . 10 | 3.1.3. Rating Criteria Support . . . . . . . . . . . . . . . 10 | |||
| 3.1.4. Placement of entities and timing of transactions . . . 11 | 3.1.4. Placement of Entities and Timing of Transactions . . . 11 | |||
| 3.1.5. Protocol extensibility . . . . . . . . . . . . . . . . 12 | 3.1.5. Protocol Extensibility . . . . . . . . . . . . . . . . 13 | |||
| 3.1.6. Error handling and overload protection . . . . . . . . 13 | 3.1.6. Error Handling and Overload Protection . . . . . . . . 13 | |||
| 3.2. ALTO server discovery . . . . . . . . . . . . . . . . . . 13 | 3.2. ALTO Server Discovery . . . . . . . . . . . . . . . . . . 13 | |||
| 3.3. Security and privacy . . . . . . . . . . . . . . . . . . . 14 | 3.3. Security and Privacy . . . . . . . . . . . . . . . . . . . 15 | |||
| 4. Host group descriptors . . . . . . . . . . . . . . . . . . . . 16 | 4. Host Group Descriptors . . . . . . . . . . . . . . . . . . . . 16 | |||
| 5. Rating criteria . . . . . . . . . . . . . . . . . . . . . . . 17 | 5. Rating Criteria . . . . . . . . . . . . . . . . . . . . . . . 17 | |||
| 5.1. Distance-related rating criteria . . . . . . . . . . . . . 17 | 5.1. Distance-related Rating Criteria . . . . . . . . . . . . . 17 | |||
| 5.2. Charging-related rating criteria . . . . . . . . . . . . . 17 | 5.2. Charging-related Rating Criteria . . . . . . . . . . . . . 17 | |||
| 5.3. Performance-related rating criteria . . . . . . . . . . . 18 | 5.3. Performance-related Rating Criteria . . . . . . . . . . . 18 | |||
| 5.4. Inappropriate rating criteria . . . . . . . . . . . . . . 19 | 5.4. Inappropriate Rating Criteria . . . . . . . . . . . . . . 19 | |||
| 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 20 | 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 20 | |||
| 7. Security Considerations . . . . . . . . . . . . . . . . . . . 21 | 7. Security Considerations . . . . . . . . . . . . . . . . . . . 21 | |||
| 7.1. High-level security considerations . . . . . . . . . . . . 21 | 7.1. High-level security considerations . . . . . . . . . . . . 21 | |||
| 7.2. Classification of information disclosure scenarios . . . . 21 | 7.2. Classification of Information Disclosure Scenarios . . . . 21 | |||
| 7.3. Security requirements . . . . . . . . . . . . . . . . . . 23 | 7.3. Security Requirements . . . . . . . . . . . . . . . . . . 23 | |||
| 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 24 | 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 24 | |||
| 8.1. Normative References . . . . . . . . . . . . . . . . . . . 24 | 8.1. Normative References . . . . . . . . . . . . . . . . . . . 24 | |||
| 8.2. Informative References . . . . . . . . . . . . . . . . . . 24 | 8.2. Informative References . . . . . . . . . . . . . . . . . . 24 | |||
| Appendix A. Contributors . . . . . . . . . . . . . . . . . . . . 25 | Appendix A. Contributors . . . . . . . . . . . . . . . . . . . . 25 | |||
| Appendix B. Acknowledgments . . . . . . . . . . . . . . . . . . . 26 | Appendix B. Acknowledgments . . . . . . . . . . . . . . . . . . . 26 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 27 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 27 | |||
| 1. Introduction | 1. Introduction | |||
| The motivation for Application-Layer Traffic Optimization (ALTO) is | The motivation for Application-Layer Traffic Optimization (ALTO) is | |||
| skipping to change at page 5, line 5 ¶ | skipping to change at page 5, line 5 ¶ | |||
| network operational costs, or network policies, which the respective | network operational costs, or network policies, which the respective | |||
| network provider does not want to disclose in detail. | network provider does not want to disclose in detail. | |||
| The logical entities that provide the ALTO service do not take part | The logical entities that provide the ALTO service do not take part | |||
| in the actual user data transport, i.e., they do not implement | in the actual user data transport, i.e., they do not implement | |||
| functions for relaying user data. They may be placed on various | functions for relaying user data. They may be placed on various | |||
| kinds of physical nodes, e.g., on dedicated servers, as auxiliary | kinds of physical nodes, e.g., on dedicated servers, as auxiliary | |||
| processes in routers, on "trackers" or "super peers" of a P2P | processes in routers, on "trackers" or "super peers" of a P2P | |||
| application operated by the network provider, etc. | application operated by the network provider, etc. | |||
| 2. Terminology and architectural framework | 2. Terminology and Architectural Framework | |||
| 2.1. Requirements notation | 2.1. Requirements Notation | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | |||
| document are to be interpreted as described in [RFC2119]. | document are to be interpreted as described in [RFC2119]. | |||
| 2.2. ALTO terminology | 2.2. ALTO Terminology | |||
| This document uses the following ALTO-related terms, which are | This document uses the following ALTO-related terms, which are | |||
| defined in [RFC5693]: | defined in [RFC5693]: | |||
| Application, Overlay Network, Application protocol, Peer, P2P, | Application, Overlay Network, Application protocol, Peer, P2P, | |||
| Resource, Resource Identifier, Resource Provider, Resource Consumer, | Resource, Resource Identifier, Resource Provider, Resource Consumer, | |||
| Resource Directory, Transport Address, ALTO Service, ALTO Server, | Resource Directory, Transport Address, ALTO Service, ALTO Server, | |||
| ALTO Client, ALTO Client Protocol, ALTO Query, ALTO Reply, ALTO | ALTO Client, ALTO Client Protocol, ALTO Query, ALTO Reply, ALTO | |||
| Transaction, Provisioning protocol, Inter ALTO-Server Protocol, Local | Transaction, Provisioning protocol, Inter ALTO-Server Protocol, Local | |||
| Traffic, Peering Traffic, Transit Traffic. | Traffic, Peering Traffic, Transit Traffic. | |||
| Furthermore, the following additonal terms will be used: | Furthermore, the following additional terms will be used: | |||
| o Host Group Descriptor: Information used to describe the resouce | o Host Group Descriptor: Information used to describe the resource | |||
| consumer which seeks ALTO guidance, or one or several candidate | consumer which seeks ALTO guidance, or one or several candidate | |||
| resource providers. This can be, for example, a single IP | resource providers. This can be, for example, a single IP | |||
| address, an address prefix or address range that contains the | address, an address prefix or address range that contains the | |||
| host(s), or an autonomous system (AS) number. Different options | host(s), or an autonomous system (AS) number. Different options | |||
| may provide different levels of detail. Depending on the system | may provide different levels of detail. Depending on the system | |||
| architecture, this may have implications on the quality of the | architecture, this may have implications on the quality of the | |||
| guidance ALTO is able to provide, on whether recommendations can | guidance ALTO is able to provide, on whether recommendations can | |||
| be aggregated, and on how much privacy-sensitive information about | be aggregated, and on how much privacy-sensitive information about | |||
| users might be disclosed to additional parties. | users might be disclosed to additional parties. For a discussion, | |||
| see Section 4. | ||||
| o Host Characteristics Attribute: Properties of a host (other than | o Host Characteristics Attribute: Properties of a host (other than | |||
| the host group descriptor), in particular related to its | the host group descriptor), in particular related to its | |||
| attachment to the network. This information may be stored in the | attachment to the network. This information may be stored in the | |||
| ALTO server and transmitted in the ALTO protocol. It may be | ALTO server and transmitted in the ALTO protocol. It may be | |||
| evaluated according to the rating criteria. | evaluated according to the rating criteria. | |||
| o Rating Criterion: The condition or relation that defines the | o Rating Criterion: The condition or relation that defines the | |||
| "better" in "better-than-random peer selection", which is the | "better" in "better-than-random peer selection", which is the | |||
| ultimate goal of ALTO. Examples may include "host's Internet | ultimate goal of ALTO. Examples may include "host's Internet | |||
| access is not subject to volume based charging (flat rate)" or | access is not subject to volume based charging (flat rate)" or | |||
| "low topological distance". Some rating criteria, such as "low | "low topological distance". Some rating criteria, such as "low | |||
| topological distance", need to include a reference point, i. e., | topological distance", need to include a reference point, i. e., | |||
| "low topological distance from a given resource consumer", which | "low topological distance from a given resource consumer", which | |||
| can be described by means of a host group descriptor. | can be described by means of a host group descriptor. | |||
| 2.3. Architectural framework for ALTO | 2.3. Architectural Framework for ALTO | |||
| There are various architectural options how ALTO could be | There are various architectural options how ALTO could be | |||
| implemented, and specifying or mandating one specific architecture is | implemented, and specifying or mandating one specific architecture is | |||
| out of the scope of this document. | out of the scope of this document. | |||
| The ALTO Working Group Charter [ALTO-charter] itemizes several key | The ALTO Working Group Charter [ALTO-charter] itemizes several key | |||
| components, which shall be elaborated and specified by the ALTO | components, which shall be elaborated and specified by the ALTO | |||
| Working Group. The ALTO problem statement [RFC5693] defines a | Working Group. The ALTO problem statement [RFC5693] defines a | |||
| terminology (see Section 2.2) and presents a figure that gives a | terminology (see Section 2.2) and presents a figure that gives a | |||
| high-level overview of protocol interaction between ALTO elements. | high-level overview of protocol interaction between ALTO elements. | |||
| skipping to change at page 6, line 41 ¶ | skipping to change at page 6, line 41 ¶ | |||
| o Host group descriptors, which are used to describe the location of | o Host group descriptors, which are used to describe the location of | |||
| a host in the network topology. | a host in the network topology. | |||
| o Rating criteria, i. e., conditions that shall be evaluated in | o Rating criteria, i. e., conditions that shall be evaluated in | |||
| order to generate the ALTO guidance. | order to generate the ALTO guidance. | |||
| Requirements regarding other components are not considered in the | Requirements regarding other components are not considered in the | |||
| current version of this document, but may be added later. | current version of this document, but may be added later. | |||
| 2.4. Sample use cases | 2.4. Sample Use Cases | |||
| The ALTO problem statement [RFC5693] presents a figure that gives a | The ALTO problem statement [RFC5693] presents a figure that gives a | |||
| high-level overview of protocol interaction between ALTO elements. | high-level overview of protocol interaction between ALTO elements. | |||
| The following figures are somewhat more elaborated and extended | The following figures are somewhat more elaborated and extended | |||
| versions of it, in order to give some non-normative examples of ALTO | versions of it, in order to give some non-normative examples of ALTO | |||
| usage. It can also be seen that, in some use cases, some of the | usage. It can also be seen that, in some use cases, some of the | |||
| requirements presented in later sections are more relevant than in | requirements presented in later sections are more relevant than in | |||
| others. | others. | |||
| Figure 1 shows an ALTO use case with a DHT-based P2P application. | Figure 1 shows an ALTO use case with a DHT-based P2P application. | |||
| skipping to change at page 9, line 5 ¶ | skipping to change at page 9, line 5 ¶ | |||
| +-----+ | +-----+ | |||
| Peers | Peers | |||
| Legend: | Legend: | |||
| === ALTO client protocol | === ALTO client protocol | |||
| *** Application protocol | *** Application protocol | |||
| ... Provisioning protocol | ... Provisioning protocol | |||
| Figure 2: Overview of protocol interaction between ALTO elements, | Figure 2: Overview of protocol interaction between ALTO elements, | |||
| scenario with resource directory | scenario with resource directory | |||
| 3. ALTO requirements | 3. ALTO Requirements | |||
| 3.1. ALTO client protocol | 3.1. ALTO Client Protocol | |||
| 3.1.1. General requirements | 3.1.1. General Requirements | |||
| REQ. ARv04-1: The ALTO service is provided by one or more ALTO | REQ. ARv05-1: The ALTO service is provided by one or more ALTO | |||
| servers. ALTO servers MUST implement the ALTO client protocol, for | servers. ALTO servers MUST implement the ALTO client protocol, for | |||
| receiving ALTO queries from ALTO clients and for sending the | receiving ALTO queries from ALTO clients and for sending the | |||
| corresponding ALTO replies. | corresponding ALTO replies. | |||
| REQ. ARv04-2: ALTO clients MUST implement the ALTO client protocol, | REQ. ARv05-2: ALTO clients MUST implement the ALTO client protocol, | |||
| for sending ALTO queries to ALTO servers and for receiving the | for sending ALTO queries to ALTO servers and for receiving the | |||
| corresponding ALTO replies. | corresponding ALTO replies. | |||
| REQ. ARv04-3: The format of the ALTO query message MUST allow the | REQ. ARv05-3: The format of the ALTO query message MUST allow the | |||
| ALTO client to solicit guidance for selecting appropriate resource | ALTO client to solicit guidance for selecting appropriate resource | |||
| providers. | providers. | |||
| REQ. ARv04-4: The format of the ALTO reply message MUST allow the | REQ. ARv05-4: The format of the ALTO reply message MUST allow the | |||
| ALTO server to express its guidance for selecting appropriate | ALTO server to express its guidance for selecting appropriate | |||
| resource providers. | resource providers. | |||
| REQ. ARv04-5: The detailed specification of a protocol is out of the | REQ. ARv05-5: The detailed specification of a protocol is out of the | |||
| scope of this document. However, any protocol specification that | scope of this document. However, any protocol specification that | |||
| claims to implement the ALTO client protocol MUST be compliant to the | claims to implement the ALTO client protocol MUST be compliant to the | |||
| requirements itemized in this document. | requirements itemized in this document. | |||
| 3.1.2. Host group descriptor support | 3.1.2. Host Group Descriptor Support | |||
| The ALTO guidance is based on the evaluation of several resource | The ALTO guidance is based on the evaluation of several resource | |||
| providers or groups of resource providers, which are characterized by | providers or groups of resource providers, which are characterized by | |||
| means of host group descriptors, considering one or several rating | means of host group descriptors, considering one or several rating | |||
| criteria. | criteria. | |||
| REQ. ARv04-6: The ALTO client protocol MUST support the usage of | REQ. ARv05-6: The ALTO client protocol MUST support the usage of | |||
| several different host group descriptor types. | several different host group descriptor types. | |||
| REQ. ARv04-7: The ALTO client protocol specification MUST define a | REQ. ARv05-7: The ALTO client protocol specification MUST define a | |||
| basic set of host group descriptor types, which MUST be supported by | basic set of host group descriptor types, which MUST be supported by | |||
| all implementations of the ALTO client protocol. | all implementations of the ALTO client protocol. | |||
| REQ. ARv04-8: The ALTO client protocol MUST support the host group | REQ. ARv05-8: The ALTO client protocol MUST support the host group | |||
| descriptor types "IPv4 address prefix" and "IPv6 address prefix." | descriptor types "IPv4 address prefix" and "IPv6 address prefix." | |||
| They can be used to specify the IP address of one host, or an IP | They can be used to specify the IP address of one host, or an IP | |||
| address range (in CIDR notation), which contains all hosts in | address range (in CIDR notation), which contains all hosts in | |||
| question. It is also possible to specify a broader address range | question. It is also possible to specify a broader address range | |||
| (i.e., a shorter prefix length) than the intended group of hosts | (i.e., a shorter prefix length) than the intended group of hosts | |||
| actually uses, in order to conceal their exact identity. | actually uses, in order to conceal their exact identity. | |||
| REQ. ARv04-9: The ALTO client protocol specification MUST define an | REQ. ARv05-9: The ALTO client protocol specification MUST define an | |||
| appropriate procedure for adding new host group descriptor types, | appropriate procedure for adding new host group descriptor types, | |||
| e.g., by establishing an IANA registry. | e.g., by establishing an IANA registry. | |||
| See Section 4 for a discussion of possible other host group | See Section 4 for a discussion of possible other host group | |||
| descriptor types. | descriptor types. | |||
| REQ. ARv04-10: ALTO clients and ALTO servers MUST clearly identify | REQ. ARv05-10: ALTO clients and ALTO servers MUST clearly identify | |||
| the type of each host group descriptor sent in ALTO queries or | the type of each host group descriptor sent in ALTO queries or | |||
| replies. | replies. | |||
| REQ. ARv04-11: For host group descriptor types other than "IPv4 | REQ. ARv05-11: For host group descriptor types other than "IPv4 | |||
| address prefix" and "IPv6 address prefix", the host group descriptor | address prefix" and "IPv6 address prefix", the host group descriptor | |||
| type identification MUST be supplemented by a reference to a | type identification MUST be supplemented by a reference to a | |||
| facility, which can be used to translate host group descriptors of | facility, which can be used to translate host group descriptors of | |||
| that type to IPv4/IPv6 address prefixes, e.g., by means of a mapping | that type to IPv4/IPv6 address prefixes, e.g., by means of a mapping | |||
| table or an algorithm. | table or an algorithm. | |||
| REQ. ARv04-12: Protocol functions for mapping other host group | REQ. ARv05-12: Protocol functions for mapping other host group | |||
| descriptor types to IPv4/IPv6 address prefixes SHOULD be designed and | descriptor types to IPv4/IPv6 address prefixes SHOULD be designed and | |||
| specified as part of the ALTO client protocol, and the corresponding | specified as part of the ALTO client protocol, and the corresponding | |||
| address mapping information SHOULD be made available by the same | address mapping information SHOULD be made available by the same | |||
| entity that wants to use these host group descriptors within the ALTO | entity that wants to use these host group descriptors within the ALTO | |||
| client protocol. However, an ALTO server or an ALTO client MAY also | client protocol. However, an ALTO server or an ALTO client MAY also | |||
| send a reference to an external mapping facility, e.g., a translation | send a reference to an external mapping facility, e.g., a translation | |||
| table to be downloaded as file via HTTP. | table to be downloaded as file via HTTP. | |||
| REQ. ARv04-13: The ALTO client protocol specification MUST define | REQ. ARv05-13: The ALTO client protocol specification MUST define | |||
| mechanisms, which can be used by the ALTO client and the ALTO server | mechanisms, which can be used by the ALTO client and the ALTO server | |||
| to indicate that a host group descriptor used by the other party is | to indicate that a host group descriptor used by the other party is | |||
| of an unsupported type, or that the indicated mapping mechanism could | of an unsupported type, or that the indicated mapping mechanism could | |||
| not be used. | not be used. | |||
| 3.1.3. Rating criteria support | 3.1.3. Rating Criteria Support | |||
| REQ. ARv04-14: The ALTO client protocol MUST support the usage of | REQ. ARv05-14: The ALTO client protocol MUST support the usage of | |||
| several different rating criteria types. | several different rating criteria types. | |||
| REQ. ARv04-15: The ALTO client protocol specification MUST define a | REQ. ARv05-15: The ALTO client protocol specification MUST define a | |||
| basic set of rating criteria types, which MUST be supported by all | basic set of rating criteria types, which MUST be supported by all | |||
| implementations of the ALTO client protocol. | implementations of the ALTO client protocol. | |||
| REQ. ARv04-16: The ALTO client protocol specification MUST support | REQ. ARv05-16: The ALTO client protocol specification MUST support | |||
| the rating criteria type "relative operator's preference." This is a | the rating criteria type "relative operator's preference." This is a | |||
| relative measure, i.e., it is not associtated with any unit of | relative measure, i.e., it is not associated with any unit of | |||
| measurement. A higher rating according to this criterion indicates | measurement. A higher rating according to this criterion indicates | |||
| that the application should prefer the respective candidate resource | that the application should prefer the respective candidate resource | |||
| provider over others with lower ratings (if no other reasons speak | provider over others with lower ratings (if no other reasons speak | |||
| against it, such as transmission attempts suggesting that the path is | against it, such as transmission attempts suggesting that the path is | |||
| currently congested). The operator of the ALTO server does not have | currently congested). The operator of the ALTO server does not have | |||
| to disclose how and based on which data the ratings are actually | to disclose how and based on which data the ratings are actually | |||
| computed. Examples could be: cost for peering or transit traffic, | computed. Examples could be: cost for peering or transit traffic, | |||
| traffic engineering inside the network, and other policies. | traffic engineering inside the network, and other policies. | |||
| REQ. ARv04-17: The ALTO client protocol specification MUST define an | REQ. ARv05-17: The ALTO client protocol specification MUST define an | |||
| appropriate procedure for adding new rating criteria types, e.g., by | appropriate procedure for adding new rating criteria types, e.g., by | |||
| establishing an IANA registry. | establishing an IANA registry. | |||
| See Section 5 for a discussion of possible other rating criteria. | See Section 5 for a discussion of possible other rating criteria. | |||
| REQ. ARv04-18:The ALTO query message SHOULD allow the ALTO client to | REQ. ARv05-18:The ALTO query message SHOULD allow the ALTO client to | |||
| express which rating criteria should be considered, as well as their | express which rating criteria should be considered, as well as their | |||
| relative relevance for the specific application that will eventually | relative relevance for the specific application that will eventually | |||
| make use of the guidance. | make use of the guidance. | |||
| REQ. ARv04-19:The ALTO reply message SHOULD allow the ALTO server to | REQ. ARv05-19:The ALTO reply message SHOULD allow the ALTO server to | |||
| express which rating criteria have been considered when generating | express which rating criteria have been considered when generating | |||
| the reply. | the reply. | |||
| REQ. ARv04-20: The ALTO client protocol specification MUST define | REQ. ARv05-20: The ALTO client protocol specification MUST define | |||
| mechanisms, which can be used by the ALTO client and the ALTO server | mechanisms, which can be used by the ALTO client and the ALTO server | |||
| to indicate that a rating criteria used by the other party is of an | to indicate that a rating criteria used by the other party is of an | |||
| unsupported type. | unsupported type. | |||
| 3.1.4. Placement of entities and timing of transactions | 3.1.4. Placement of Entities and Timing of Transactions | |||
| With respect to the placement of ALTO clients, several modes of | With respect to the placement of ALTO clients, several modes of | |||
| operation exist: | operation exist: | |||
| o One mode of ALTO operation is that ALTO clients may be embedded | o One mode of ALTO operation is that ALTO clients may be embedded | |||
| directly in the resource consumer (e.g., peer of a DHT-based P2P | directly in the resource consumer (e.g., peer of a DHT-based P2P | |||
| application), which wants to access a resource. | application), which wants to access a resource. | |||
| o Another mode of operation is to perform ALTO queries indirectly, | o Another mode of operation is to perform ALTO queries indirectly, | |||
| via resource directories (e.g., tracker of a P2P application), | via resource directories (e.g., tracker of a P2P application), | |||
| which may issue ALTO queries to solicit preference on potential | which may issue ALTO queries to solicit preference on potential | |||
| resource providers, considering the respective resource consumer. | resource providers, considering the respective resource consumer. | |||
| REQ. ARv04-21: The ALTO client protocol MUST support the mode of | REQ. ARv05-21: The ALTO client protocol MUST support the mode of | |||
| operation, in which the ALTO client is directly embedded in the | operation, in which the ALTO client is directly embedded in the | |||
| resource consumer. | resource consumer. | |||
| REQ. ARv04-22: The ALTO client protocol MUST support the mode of | REQ. ARv05-22: The ALTO client protocol MUST support the mode of | |||
| operation, in which the ALTO client is embedded in the resource | operation, in which the ALTO client is embedded in the resource | |||
| directory. | directory. | |||
| REQ. ARv04-23: The ALTO client protocol MUST be designed in a way | REQ. ARv05-23: The ALTO client protocol MUST be designed in a way | |||
| that the ALTO service can be provided by an operator which is not the | that the ALTO service can be provided by an entity which is not the | |||
| operator of the IP access network. | operator of the IP access network. | |||
| REQ. ARv04-24: The ALTO client protocol MUST be designed in a way | REQ. ARv05-24: The ALTO client protocol MUST be designed in a way | |||
| that different instances of the ALTO service operated by different | that different instances of the ALTO service operated by different | |||
| providers can coexist. | providers can coexist. | |||
| With respect to the timing of ALTO queries, several modes of | With respect to the timing of ALTO queries, several modes of | |||
| operation exist: | operation exist: | |||
| o In target-aware query mode, an ALTO client performs the ALTO query | o In target-aware query mode, an ALTO client performs the ALTO query | |||
| when the desired resource and a set of candidate resource | when the desired resource and a set of candidate resource | |||
| providers are already known, i. e., after DHT lookups, queries to | providers are already known, i. e., after DHT lookups, queries to | |||
| the resource directory, etc. | the resource directory, etc. | |||
| o In target-independent query mode, ALTO queries are performed in | o In target-independent query mode, ALTO queries are performed in | |||
| advance or periodically, in order to receive comprehensive, | advance or periodically, in order to receive comprehensive, | |||
| "target-independent" guidance, which will be cached locally and | "target-independent" guidance, which will be cached locally and | |||
| evaluated later, when a resource is to be accessed. | evaluated later, when a resource is to be accessed. | |||
| REQ. ARv04-25: The ALTO client protocol MUST support at least one of | REQ. ARv05-25: The ALTO client protocol MUST support at least one of | |||
| these two modes, either the target-aware or the target-independent | these two modes, either the target-aware or the target-independent | |||
| query mode. | query mode. | |||
| REQ. ARv04-26: The ALTO client protocol SHOULD support both the | REQ. ARv05-26: The ALTO client protocol SHOULD support both the | |||
| target-aware and the target-independent query mode. | target-aware and the target-independent query mode. | |||
| REQ. ARv04-27: The ALTO client protocol SHOULD support lifetime | REQ. ARv05-27: The ALTO client protocol SHOULD support lifetime | |||
| attributes, to enable caching of recommendations at ALTO clients. | attributes, to enable caching of recommendations at ALTO clients. | |||
| REQ. ARv04-28: The ALTO client protocol SHOULD specify an aging | REQ. ARv05-28: The ALTO client protocol SHOULD specify an aging | |||
| mechanism, which allows to give newer recommendations precedence over | mechanism, which allows to give newer recommendations precedence over | |||
| older ones. | older ones. | |||
| REQ. ARv04-29: The ALTO client protocol MUST support scenarios with | REQ. ARv05-29: The ALTO client protocol SHOULD allow the ALTO server | |||
| to specify a "target audience" in an ALTO reply. This is a set of | ||||
| resource consumers (expressed, e.g., as a list of host group | ||||
| descriptors). The guidance provided in the respective ALTO reply can | ||||
| be used and possibly re-used during the specified lifetime by or for | ||||
| the resource consumers in the "target audience". Re-using may | ||||
| include redistributing the ALTO reply to other parties in the | ||||
| specified set, as well as using the same ALTO information in a | ||||
| resource directory to improve the replies to different resource | ||||
| consumers. | ||||
| REQ. ARv05-30: The ALTO client protocol MUST support scenarios with | ||||
| the ALTO client located in the private address realm behind a network | the ALTO client located in the private address realm behind a network | |||
| address translator (NAT). There are different types of NAT, see | address translator (NAT). There are different types of NAT, see | |||
| [RFC4787] and [RFC5382]. | [RFC4787] and [RFC5382]. | |||
| 3.1.5. Protocol extensibility | 3.1.5. Protocol Extensibility | |||
| REQ. ARv04-30: The ALTO client protocol MUST include support for | REQ. ARv05-31: The ALTO client protocol MUST include support for | |||
| adding protocol extensions in a non-disruptive, backward-compatible | adding protocol extensions in a non-disruptive, backward-compatible | |||
| way. | way. | |||
| REQ. ARv04-31: The ALTO client protocol MUST include protocol | REQ. ARv05-32: The ALTO client protocol MUST include protocol | |||
| versioning support, in order to clearly distinguish between | versioning support, in order to clearly distinguish between | |||
| incompatible major versions of the protocol. | incompatible versions of the protocol. | |||
| 3.1.6. Error handling and overload protection | 3.1.6. Error Handling and Overload Protection | |||
| REQ. ARv04-32: Any application designed to use ALTO MUST also work | REQ. ARv05-33: Any application designed to use ALTO MUST also work | |||
| if no ALTO servers can be found or if no responses to ALTO queries | if no ALTO servers can be found or if no responses to ALTO queries | |||
| are received, e.g., due to connectivity problems or overload | are received, e.g., due to connectivity problems or overload | |||
| situation. | situation. | |||
| REQ. ARv04-33: The ALTO client protocol MUST use TCP based | REQ. ARv05-34: The ALTO client protocol MUST use TCP based | |||
| transport. | transport. | |||
| REQ. ARv04-34: An ALTO server, which is operating close to its | REQ. ARv05-35: An ALTO server, which is operating close to its | |||
| capacity limit, MUST be able to inform clients about its impending | capacity limit, MUST be able to inform clients about its impending | |||
| overload situation, and require them to throttle their query rate. | overload situation, and require them to throttle their query rate. | |||
| REQ. ARv04-35: An ALTO server, which is operating close to its | REQ. ARv05-36: An ALTO server, which is operating close to its | |||
| capacity limit, MUST be able to inform clients about its impending | capacity limit, MUST be able to inform clients about its impending | |||
| overload situation, and redirect them to another ALTO server. | overload situation, and redirect them to another ALTO server. | |||
| REQ. ARv04-36: An ALTO server, which is operating close to its | REQ. ARv05-37: An ALTO server, which is operating close to its | |||
| capacity limit, MUST be able to inform clients about its impending | capacity limit, MUST be able to inform clients about its impending | |||
| overload situation, and terminate the conversation with the ALTO | overload situation, and terminate the conversation with the ALTO | |||
| client. | client. | |||
| REQ. ARv04-37: An ALTO server, which is operating close to its | REQ. ARv05-38: An ALTO server, which is operating close to its | |||
| capacity limit, MUST be able to inform clients about its impending | capacity limit, MUST be able to inform clients about its impending | |||
| overload situation, and reject new conversation attempts. | overload situation, and reject new conversation attempts. | |||
| 3.2. ALTO server discovery | 3.2. ALTO Server Discovery | |||
| The ALTO client protocol is supported by one or several ALTO server | The ALTO client protocol is supported by one or several ALTO server | |||
| discovery mechanisms, which will be used by ALTO clients in order to | discovery mechanisms, which will be used by ALTO clients in order to | |||
| find out where to send ALTO requests. | find out where to send ALTO requests. | |||
| REQ. ARv04-38: ALTO clients which are embedded in the resource | REQ. ARv05-39: ALTO clients which are embedded in the resource | |||
| consumer MUST be able to use the ALTO server discovery mechanism, in | consumer MUST be able to use the ALTO server discovery mechanism, in | |||
| order to find one or several ALTO servers that can provide ALTO | order to find one or several ALTO servers that can provide ALTO | |||
| guidance suitable for the resource consumer. This mode of operation | guidance suitable for the resource consumer. This mode of operation | |||
| is called "resource consumer initiated ALTO server discovery". | is called "resource consumer initiated ALTO server discovery". | |||
| REQ. ARv04-39: ALTO clients which are embedded in a resource | REQ. ARv05-40: ALTO clients which are embedded in a resource | |||
| directory and perform third-party ALTO queries on behalf of a remote | directory and perform third-party ALTO queries on behalf of a remote | |||
| resource consumer MUST be able to use the ALTO server discovery | resource consumer MUST be able to use the ALTO server discovery | |||
| mechanism, in order to find one or several ALTO servers that can | mechanism, in order to find one or several ALTO servers that can | |||
| provide ALTO guidance suitable for the respective resource consumer. | provide ALTO guidance suitable for the respective resource consumer. | |||
| This mode of operation is called "third-party ALTO server discovery". | This mode of operation is called "third-party ALTO server discovery". | |||
| A classification and evaluation of architectural options for third- | A classification and evaluation of architectural options for third- | |||
| party ALTO server discovery can be found in [I-D.kiesel-alto-3pdisc]. | party ALTO server discovery can be found in [I-D.kiesel-alto-3pdisc]. | |||
| REQ. ARv04-40: ALTO clients MUST be able to perform resource | REQ. ARv05-41: ALTO clients MUST be able to perform resource | |||
| consumer initiated ALTO server discovery, even if they are located | consumer initiated ALTO server discovery, even if they are located | |||
| behind a network address translator (NAT). | behind a network address translator (NAT). | |||
| REQ. ARv04-41: ALTO clients MUST be able to perform third-party ALTO | REQ. ARv05-42: ALTO clients MUST be able to perform third-party ALTO | |||
| server discovery, even if they are located behind a network address | server discovery, even if they are located behind a network address | |||
| translator (NAT). | translator (NAT). | |||
| REQ. ARv04-42: ALTO clients MUST be able to perform third-party ALTO | REQ. ARv05-43: ALTO clients MUST be able to perform third-party ALTO | |||
| server discovery, even if the resource consumer, on behalf of which | server discovery, even if the resource consumer, on behalf of which | |||
| the ALTO query will be sent, is located behind a network address | the ALTO query will be sent, is located behind a network address | |||
| translator (NAT). | translator (NAT). | |||
| REQ. ARv04-43: The ALTO server discovery mechanism may be specified | REQ. ARv05-44: The ALTO server discovery mechanism may be specified | |||
| and provided using an existing protocol or mechanism, such as DNS, | and provided using an existing protocol or mechanism, such as DNS, | |||
| DHCP, or PPP based automatic configuration, etc. These candidate | DHCP, or PPP based automatic configuration, etc. These candidate | |||
| "base protocols" differ with respect to their availability in various | "base protocols" differ with respect to their availability in various | |||
| access network archtitectures and their suitability for third-party | access network architectures and their suitability for third-party | |||
| queries. When evaluating different options this should be taken into | queries. When evaluating different options this should be taken into | |||
| account, in order to limit the total number of ALTO server discovery | account, in order to limit the total number of ALTO server discovery | |||
| mechanisms that have to be specified for supporting a reasonably wide | mechanisms that have to be specified for supporting a reasonably wide | |||
| range of deployment scenarios. | range of deployment scenarios. | |||
| REQ. ARv04-44: The ALTO server discovery mechanism SHOULD be able to | REQ. ARv05-45: The ALTO server discovery mechanism SHOULD be able to | |||
| return the respective contact information for several ALTO servers. | return the respective contact information for several ALTO servers. | |||
| REQ. ARv04-45: The ALTO server discovery mechanism SHOULD be able to | REQ. ARv05-46: The ALTO server discovery mechanism SHOULD be able to | |||
| indicate preferences for each returned ALTO server contact | indicate preferences for each returned ALTO server contact | |||
| information. | information. | |||
| 3.3. Security and privacy | 3.3. Security and Privacy | |||
| REQ. ARv04-46: The ALTO client protocol MUST support mechanisms for | REQ. ARv05-47: The ALTO client protocol MUST support mechanisms for | |||
| the authentication of ALTO servers. | the authentication of ALTO servers. | |||
| REQ. ARv04-47: The ALTO client protocol MUST support mechanisms for | REQ. ARv05-48: The ALTO client protocol MUST support mechanisms for | |||
| the authentication of ALTO clients. | the authentication of ALTO clients. | |||
| REQ. ARv04-48: The ALTO client protocol MUST support different | REQ. ARv05-49: The ALTO client protocol MUST support different | |||
| levels of detail in queries and responses, in order for the operator | levels of detail in queries and responses, in order for the operator | |||
| of an ALTO service to be able to control how much information (e.g., | of an ALTO service to be able to control how much information (e.g., | |||
| about the network topology) is disclosed. | about the network topology) is disclosed. | |||
| REQ. ARv04-49: The operator of an ALTO server MUST NOT assume that | REQ. ARv05-50: The operator of an ALTO server MUST NOT assume that | |||
| an ALTO client will implement mechanisms or comply with rules that | an ALTO client will implement mechanisms or comply with rules that | |||
| limit the ALTO client's ability to redistribute information retrieved | limit the ALTO client's ability to redistribute information retrieved | |||
| from the ALTO server to third parties. | from the ALTO server to third parties. | |||
| REQ. ARv04-50: The ALTO client protocol MUST support different | REQ. ARv05-51: The ALTO client protocol MUST support different | |||
| levels of detail in queries and responses, in order to protect the | levels of detail in queries and responses, in order to protect the | |||
| privacy of users, to ensure that the operators of ALTO servers and | privacy of users, to ensure that the operators of ALTO servers and | |||
| other users of the same application cannot derive sensitive | other users of the same application cannot derive sensitive | |||
| information. | information. | |||
| REQ. ARv04-51: The ALTO client protocol SHOULD be defined in a way, | REQ. ARv05-52: The ALTO client protocol SHOULD be defined in a way, | |||
| that the operator of one ALTO server cannot easily deduce the | that the operator of one ALTO server cannot easily deduce the | |||
| resource identifier (e.g., file name in P2P file sharing) which the | resource identifier (e.g., file name in P2P file sharing) which the | |||
| resource consumer seeking ALTO guidance wants to access. | resource consumer seeking ALTO guidance wants to access. | |||
| REQ. ARv04-52: The ALTO client protocol MUST include appropriate | REQ. ARv05-53: The ALTO client protocol MUST include appropriate | |||
| mechanisms to protect the ALTO service against DoS attacks. | mechanisms to protect the ALTO service against DoS attacks. | |||
| 4. Host group descriptors | 4. Host Group Descriptors | |||
| Host group descriptors are used in the ALTO client protocol to | Host group descriptors are used in the ALTO client protocol to | |||
| describe the location of a host in the network topology. The ALTO | describe the location of a host in the network topology. The ALTO | |||
| client protocol specification defines a basic set of host group | client protocol specification defines a basic set of host group | |||
| descriptor types, which have to be suported by all implementations, | descriptor types, which have to be supported by all implementations, | |||
| and an extension procedure for adding new descriptor types (see | and an extension procedure for adding new descriptor types (see | |||
| Section 3.1.2). The following list gives an overview on further host | Section 3.1.2). The following list gives an overview on further host | |||
| group descriptor types that have been proposed in the past, or which | group descriptor types that have been proposed in the past, or which | |||
| are in use by by ALTO-related prototype implementations. This list | are in use by ALTO-related prototype implementations. This list is | |||
| is not intended as normative text. Instead, the only purpose of the | not intended as normative text. Instead, the only purpose of the | |||
| following list is to document the descriptor types that have been | following list is to document the descriptor types that have been | |||
| proposed so far, and to solicit further feedback and discussion: | proposed so far, and to solicit further feedback and discussion: | |||
| o Autonomous System (AS) number | o Autonomous System (AS) number | |||
| o Protocol-specific group identifiers, which expand to a set of IP | o Protocol-specific group identifiers, which expand to a set of IP | |||
| address ranges (CIDR) and/or AS numbers. In one specific solution | address ranges (CIDR) and/or AS numbers. In one specific solution | |||
| proposal, these are called Partition ID (PID). | proposal, these are called Partition ID (PID). | |||
| 5. Rating criteria | 5. Rating Criteria | |||
| Rating criteria are used in the ALTO client protocol to express | Rating criteria are used in the ALTO client protocol to express | |||
| topology- or connectivity-related properties, which are evaluated in | topology- or connectivity-related properties, which are evaluated in | |||
| order to generate the ALTO guidance. The ALTO client protocol | order to generate the ALTO guidance. The ALTO client protocol | |||
| specification defines a basic set of rating criteria, which have to | specification defines a basic set of rating criteria, which have to | |||
| be suported by all implementations, and an extension procedure for | be supported by all implementations, and an extension procedure for | |||
| adding new criteria (see Section 3.1.3). The following list gives an | adding new criteria (see Section 3.1.3). The following list gives an | |||
| overview on further rating criteria that have been proposed in the | overview on further rating criteria that have been proposed in the | |||
| past, or which are in use by by ALTO-related prototype | past, or which are in use by ALTO-related prototype implementations. | |||
| implementations. This list is not intended as normative text. | This list is not intended as normative text. Instead, the only | |||
| Instead, the only purpose of the following list is to document the | purpose of the following list is to document the rating criteria that | |||
| rating criteria that have been proposed so far, and to solicit | have been proposed so far, and to solicit further feedback and | |||
| further feedback and discussion: | discussion: | |||
| 5.1. Distance-related rating criteria | 5.1. Distance-related Rating Criteria | |||
| o Relative topological distance: relative means that a larger | o Relative topological distance: relative means that a larger | |||
| numerical value means greater distance, but it is up to the ALTO | numerical value means greater distance, but it is up to the ALTO | |||
| service how to compute the values, and the ALTO client will not be | service how to compute the values, and the ALTO client will not be | |||
| informed about the nature of the information. One way of | informed about the nature of the information. One way of | |||
| generating this kind of information MAY be counting AS hops, but | generating this kind of information MAY be counting AS hops, but | |||
| when querying this parameter, the ALTO client MUST NOT assume that | when querying this parameter, the ALTO client MUST NOT assume that | |||
| the numbers actually are AS hops. | the numbers actually are AS hops. | |||
| o Absolute topological distance, expressed in the number of | o Absolute topological distance, expressed in the number of | |||
| traversed autonomous systems (AS). | traversed autonomous systems (AS). | |||
| o Absolute topological distance, expressed in the number of router | o Absolute topological distance, expressed in the number of router | |||
| hops (i.e., how much the TTL value of an IP packet will be | hops (i.e., how much the TTL value of an IP packet will be | |||
| decreased during transit). | decreased during transit). | |||
| o Absolute physical distance, based on knowledge of the approximate | o Absolute physical distance, based on knowledge of the approximate | |||
| geolocation (continent, country) of an IP address. | geolocation (continent, country) of an IP address. | |||
| 5.2. Charging-related rating criteria | 5.2. Charging-related Rating Criteria | |||
| o Traffic volume caps, in case the Internet access of the resource | o Traffic volume caps, in case the Internet access of the resource | |||
| consumer is not charged by "flat rate". For each candidate | consumer is not charged by "flat rate". For each candidate | |||
| resource provider, the ALTO service could indicate the amount of | resource provider, the ALTO service could indicate the amount of | |||
| data that may be transferred from/to this resource provider until | data that may be transferred from/to this resource provider until | |||
| a given point in time, and how much of this amount has already | a given point in time, and how much of this amount has already | |||
| been consumed. Furthermore, it would have to be indicated how | been consumed. Furthermore, it would have to be indicated how | |||
| excess traffic would be handled (e.g., blocked, throttled, or | excess traffic would be handled (e.g., blocked, throttled, or | |||
| charged separately at an indicated price). The interaction of | charged separately at an indicated price). The interaction of | |||
| several applications running on a host, out of which some use this | several applications running on a host, out of which some use this | |||
| criterion while others don't, as well as the evaluation of this | criterion while others don't, as well as the evaluation of this | |||
| criterion in resource directories, which issue ALTO queries on | criterion in resource directories, which issue ALTO queries on | |||
| behalf of other peers, are for further study. | behalf of other peers, are for further study. | |||
| 5.3. Performance-related rating criteria | 5.3. Performance-related Rating Criteria | |||
| The following rating criteria are subject to the remarks below. | The following rating criteria are subject to the remarks below. | |||
| o The minimum achievable throughput between the resource consumer | o The minimum achievable throughput between the resource consumer | |||
| and the candidate resource provider, which is considered useful by | and the candidate resource provider, which is considered useful by | |||
| the application (only in ALTO queries), or | the application (only in ALTO queries), or | |||
| o An arbitrary upper bound for the throughput from/to the candidate | o An arbitrary upper bound for the throughput from/to the candidate | |||
| resource provider (only in ALTO replies). This may be, but is not | resource provider (only in ALTO replies). This may be, but is not | |||
| necessarily the provisioned access bandwidth of the candidate | necessarily the provisioned access bandwidth of the candidate | |||
| skipping to change at page 19, line 20 ¶ | skipping to change at page 19, line 20 ¶ | |||
| state information, which are inherent to the ALTO service, the | state information, which are inherent to the ALTO service, the | |||
| application must use other mechanisms (such as passive measurements | application must use other mechanisms (such as passive measurements | |||
| on actual data transmissions) to assess the currently achievable | on actual data transmissions) to assess the currently achievable | |||
| throughput, and it MUST use appropriate congestion control mechanisms | throughput, and it MUST use appropriate congestion control mechanisms | |||
| in order to avoid a congestion collapse. Nevertheless, these rating | in order to avoid a congestion collapse. Nevertheless, these rating | |||
| criteria may provide a useful shortcut for quickly excluding | criteria may provide a useful shortcut for quickly excluding | |||
| candidate resource providers from such probing, if it is known in | candidate resource providers from such probing, if it is known in | |||
| advance that connectivity is in any case worse than what is | advance that connectivity is in any case worse than what is | |||
| considered the minimum useful value by the respective application. | considered the minimum useful value by the respective application. | |||
| 5.4. Inappropriate rating criteria | 5.4. Inappropriate Rating Criteria | |||
| Rating criteria that SHOULD NOT be defined for and used by the ALTO | Rating criteria that SHOULD NOT be defined for and used by the ALTO | |||
| service include: | service include: | |||
| o Performance metrics that are closely related to the instantaneous | o Performance metrics that are closely related to the instantaneous | |||
| congestion status. The definition of alternate approaches for | congestion status. The definition of alternate approaches for | |||
| congestion control is explicitly out of the scope of ALTO. | congestion control is explicitly out of the scope of ALTO. | |||
| Instead, other appropriate means, such as using TCP based | Instead, other appropriate means, such as using TCP based | |||
| transport, have to be used to avoid congestion. | transport, have to be used to avoid congestion. | |||
| skipping to change at page 21, line 13 ¶ | skipping to change at page 21, line 13 ¶ | |||
| here. | here. | |||
| 7. Security Considerations | 7. Security Considerations | |||
| 7.1. High-level security considerations | 7.1. High-level security considerations | |||
| High-level security considerations for the ALTO service can be found | High-level security considerations for the ALTO service can be found | |||
| in the "Security Considerations" section of the ALTO problem | in the "Security Considerations" section of the ALTO problem | |||
| statement document [RFC5693]. | statement document [RFC5693]. | |||
| 7.2. Classification of information disclosure scenarios | 7.2. Classification of Information Disclosure Scenarios | |||
| The unwanted disclosure of information is one key concern related to | The unwanted disclosure of information is one key concern related to | |||
| ALTO. The following list gives a classification of information | ALTO. The following list gives a classification of information | |||
| disclosure scenarios, which may be considered more or less critical | disclosure scenarios, which may be considered more or less critical | |||
| by different parties: | by different parties: | |||
| o (1) Excess disclosure of ALTO server operator's data to an | o (1) Excess disclosure of ALTO server operator's data to an | |||
| authorized ALTO client. The operator of an ALTO server has to | authorized ALTO client. The operator of an ALTO server has to | |||
| feed information, such as tables mapping host group descriptors to | feed information, such as tables mapping host group descriptors to | |||
| host characteristics attributes, into the server, thereby enabling | host characteristics attributes, into the server, thereby enabling | |||
| skipping to change at page 22, line 17 ¶ | skipping to change at page 22, line 17 ¶ | |||
| o (5) Excess retrieval of ALTO server operator's data by | o (5) Excess retrieval of ALTO server operator's data by | |||
| collaborating ALTO clients. Several authorized ALTO clients could | collaborating ALTO clients. Several authorized ALTO clients could | |||
| ask an ALTO server for guidance, and redistribute the replies | ask an ALTO server for guidance, and redistribute the replies | |||
| among each other (see also case 3c). By correlating the ALTO | among each other (see also case 3c). By correlating the ALTO | |||
| replies they could find out more information than intended to be | replies they could find out more information than intended to be | |||
| disclosed by the ALTO server operator. | disclosed by the ALTO server operator. | |||
| (1) may be addressed by the ALTO server operator choosing the level | (1) may be addressed by the ALTO server operator choosing the level | |||
| of detail of the information to be populated into the ALTO server. | of detail of the information to be populated into the ALTO server. | |||
| Furhermore, access control mechanisms for filtering ALTO replies | Furthermore, access control mechanisms for filtering ALTO replies | |||
| according to the authenticated ALTO client identity might be | according to the authenticated ALTO client identity might be | |||
| installed in the ALTO server, although this might not be effective | installed in the ALTO server, although this might not be effective | |||
| given the lack of efficient mechanisms for addressing (3c) and (5), | given the lack of efficient mechanisms for addressing (3c) and (5), | |||
| see below. | see below. | |||
| (2) is addressed by allowing ALTO clients to use the target- | (2) is addressed by allowing ALTO clients to use the target- | |||
| independent query mode. In this mode of operation, guiding | independent query mode. In this mode of operation, guiding | |||
| information (e.g., "maps") is retrieved from the ALTO server and used | information (e.g., "maps") is retrieved from the ALTO server and used | |||
| entirely locally by the ALTO client, i.e., without sending host | entirely locally by the ALTO client, i.e., without sending host | |||
| location attributes of candidate resource providers to the ALTO | location attributes of candidate resource providers to the ALTO | |||
| skipping to change at page 23, line 5 ¶ | skipping to change at page 23, line 5 ¶ | |||
| digital rights management (DRM), might easily outweigh the benefits | digital rights management (DRM), might easily outweigh the benefits | |||
| of the whole ALTO solution, and therefore they are not considered as | of the whole ALTO solution, and therefore they are not considered as | |||
| a viable solution. That is, ALTO server operators must be aware that | a viable solution. That is, ALTO server operators must be aware that | |||
| (3c) and (5) cannot be prevented from happening, and therefore they | (3c) and (5) cannot be prevented from happening, and therefore they | |||
| should feed only such data into an ALTO server, which they do not | should feed only such data into an ALTO server, which they do not | |||
| consider sensitive with respect to (3c) and (5). | consider sensitive with respect to (3c) and (5). | |||
| These insights are reflected by the requirements presented in this | These insights are reflected by the requirements presented in this | |||
| document. | document. | |||
| 7.3. Security requirements | 7.3. Security Requirements | |||
| For a set of specific security requirements please refer to | For a set of specific security requirements please refer to | |||
| Section 3.3 of this document. | Section 3.3 of this document. | |||
| 8. References | 8. References | |||
| 8.1. Normative References | 8.1. Normative References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, March 1997. | Requirement Levels", BCP 14, RFC 2119, March 1997. | |||
| skipping to change at page 25, line 20 ¶ | skipping to change at page 25, line 20 ¶ | |||
| o Richard Alimi <richard.alimi@yale.edu> | o Richard Alimi <richard.alimi@yale.edu> | |||
| o Zoran Despotovic <despotovic@docomolab-euro.com> | o Zoran Despotovic <despotovic@docomolab-euro.com> | |||
| o Jason Livingood <Jason_Livingood@cable.comcast.com> | o Jason Livingood <Jason_Livingood@cable.comcast.com> | |||
| o Saverio Niccolini <saverio.niccolini@nw.neclab.eu> | o Saverio Niccolini <saverio.niccolini@nw.neclab.eu> | |||
| o Jan Seedorf <jan.seedorf@nw.neclab.eu> | o Jan Seedorf <jan.seedorf@nw.neclab.eu> | |||
| o Martin Stiemerling <martin.stiemerling@nw.neclab.eu> | ||||
| The authors would like to thank the members of the P2PI and ALTO | The authors would like to thank the members of the P2PI and ALTO | |||
| mailing lists for their feedback. | mailing lists for their feedback. | |||
| Appendix B. Acknowledgments | Appendix B. Acknowledgments | |||
| The initial version of this document was co-authored by Laird Popkin. | ||||
| The authors would like to thank | The authors would like to thank | |||
| o Vijay K. Gurbani <vkg@alcatel-lucent.com> | o Vijay K. Gurbani <vkg@alcatel-lucent.com> | |||
| o Enrico Marocco <enrico.marocco@telecomitalia.it> | o Enrico Marocco <enrico.marocco@telecomitalia.it> | |||
| for fostering discussions that lead to the creation of this document, | for fostering discussions that lead to the creation of this document, | |||
| and for giving valuable comments on it. | and for giving valuable comments on it. | |||
| Laird Popkin and Y. Richard Yang are grateful to the many | Laird Popkin and Y. Richard Yang are grateful to the many | |||
| contributions made by the members of the P4P working group and Yale | contributions made by the members of the P4P working group and Yale | |||
| Laboratory of Networked Systems. The P4P working group is hosted by | Laboratory of Networked Systems. The P4P working group is hosted by | |||
| DCIA. | DCIA. | |||
| Saverio Niccolini, Jan Seedorf, and Martin Stiemerling were partially | Saverio Niccolini, Jan Seedorf, and Martin Stiemerling are partially | |||
| supported by the NAPA-WINE project (Network-Aware P2P-TV Application | supported by the NAPA-WINE project (Network-Aware P2P-TV Application | |||
| over Wise Networks, http://www.napa-wine.org), a research project | over Wise Networks, http://www.napa-wine.org), a research project | |||
| supported by the European Commission under its 7th Framework Program | supported by the European Commission under its 7th Framework Program | |||
| (contract no. 214412). The views and conclusions contained herein | (contract no. 214412). The views and conclusions contained herein | |||
| are those of the authors and should not be interpreted as necessarily | are those of the authors and should not be interpreted as necessarily | |||
| representing the official policies or endorsements, either expressed | representing the official policies or endorsements, either expressed | |||
| or implied, of the NAPA-WINE project or the European Commission. | or implied, of the NAPA-WINE project or the European Commission. | |||
| Authors' Addresses | Authors' Addresses | |||
| Sebastian Kiesel (editor) | Sebastian Kiesel (editor) | |||
| University of Stuttgart Computing Center | University of Stuttgart Computing Center | |||
| Allmandring 30 | Allmandring 30 | |||
| Stuttgart 70550 | Stuttgart 70550 | |||
| Germany | Germany | |||
| Email: ietf-alto@skiesel.de | Email: ietf-alto@skiesel.de | |||
| URI: http://www.rus.uni-stuttgart.de/nks/ | URI: http://www.rus.uni-stuttgart.de/nks/ | |||
| Laird Popkin | ||||
| Pando Networks, Inc. | ||||
| Email: laird@pando.com | ||||
| Stefano Previdi | Stefano Previdi | |||
| Cisco Systems, Inc. | Cisco Systems, Inc. | |||
| Email: sprevidi@cisco.com | Email: sprevidi@cisco.com | |||
| Martin Stiemerling | ||||
| NEC Laboratories Europe/University of Goettingen | ||||
| Email: martin.stiemerling@neclab.eu | ||||
| URI: http://ietf.stiemerling.org | ||||
| Richard Woundy | Richard Woundy | |||
| Comcast Corporation | Comcast Corporation | |||
| Email: Richard_Woundy@cable.comcast.com | Email: Richard_Woundy@cable.comcast.com | |||
| Yang Richard Yang | Yang Richard Yang | |||
| Yale University | Yale University | |||
| Email: yry@cs.yale.edu | Email: yry@cs.yale.edu | |||
| End of changes. 98 change blocks. | ||||
| 131 lines changed or deleted | 143 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||