| < draft-ietf-alto-reqs-10.txt | draft-ietf-alto-reqs-11.txt > | |||
|---|---|---|---|---|
| Network Working Group S. Kiesel, Ed. | Network Working Group S. Kiesel, Ed. | |||
| Internet-Draft University of Stuttgart | Internet-Draft University of Stuttgart | |||
| Intended status: Informational S. Previdi | Intended status: Informational S. Previdi | |||
| Expires: December 12, 2011 Cisco Systems, Inc. | Expires: January 12, 2012 Cisco Systems, Inc. | |||
| M. Stiemerling | M. Stiemerling | |||
| NEC Europe Ltd. | NEC Europe Ltd. | |||
| R. Woundy | R. Woundy | |||
| Comcast Corporation | Comcast Corporation | |||
| Y R. Yang | Y R. Yang | |||
| Yale University | Yale University | |||
| June 10, 2011 | July 11, 2011 | |||
| Application-Layer Traffic Optimization (ALTO) Requirements | Application-Layer Traffic Optimization (ALTO) Requirements | |||
| draft-ietf-alto-reqs-10.txt | draft-ietf-alto-reqs-11.txt | |||
| Abstract | Abstract | |||
| Many Internet applications are used to access resources, such as | Many Internet applications are used to access resources, such as | |||
| pieces of information or server processes, which are available in | pieces of information or server processes, which are available in | |||
| several equivalent replicas on different hosts. This includes, but | several equivalent replicas on different hosts. This includes, but | |||
| is not limited to, peer-to-peer file sharing applications. The goal | is not limited to, peer-to-peer file sharing applications. The goal | |||
| of Application-Layer Traffic Optimization (ALTO) is to provide | of Application-Layer Traffic Optimization (ALTO) is to provide | |||
| guidance to applications, which have to select one or several hosts | guidance to applications, which have to select one or several hosts | |||
| from a set of candidates, that are able to provide a desired | from a set of candidates, that are able to provide a desired | |||
| skipping to change at page 2, line 6 ¶ | skipping to change at page 2, line 6 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on December 12, 2011. | This Internet-Draft will expire on January 12, 2012. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2011 IETF Trust and the persons identified as the | Copyright (c) 2011 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 3, line 20 ¶ | skipping to change at page 3, line 20 ¶ | |||
| 2.2. ALTO Terminology . . . . . . . . . . . . . . . . . . . . . 5 | 2.2. ALTO Terminology . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 2.3. Architectural Framework for ALTO . . . . . . . . . . . . . 6 | 2.3. Architectural Framework for ALTO . . . . . . . . . . . . . 6 | |||
| 3. ALTO Requirements . . . . . . . . . . . . . . . . . . . . . . 7 | 3. ALTO Requirements . . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 3.1. ALTO Client Protocol . . . . . . . . . . . . . . . . . . . 7 | 3.1. ALTO Client Protocol . . . . . . . . . . . . . . . . . . . 7 | |||
| 3.1.1. General Requirements . . . . . . . . . . . . . . . . . 7 | 3.1.1. General Requirements . . . . . . . . . . . . . . . . . 7 | |||
| 3.1.2. Host Group Descriptor Support . . . . . . . . . . . . 7 | 3.1.2. Host Group Descriptor Support . . . . . . . . . . . . 7 | |||
| 3.1.3. Rating Criteria Support . . . . . . . . . . . . . . . 8 | 3.1.3. Rating Criteria Support . . . . . . . . . . . . . . . 8 | |||
| 3.1.4. Placement of Entities and Timing of Transactions . . . 9 | 3.1.4. Placement of Entities and Timing of Transactions . . . 9 | |||
| 3.1.5. Protocol Extensibility . . . . . . . . . . . . . . . . 12 | 3.1.5. Protocol Extensibility . . . . . . . . . . . . . . . . 12 | |||
| 3.1.6. Error Handling and Overload Protection . . . . . . . . 12 | 3.1.6. Error Handling and Overload Protection . . . . . . . . 12 | |||
| 3.2. ALTO Server Discovery . . . . . . . . . . . . . . . . . . 12 | 3.2. ALTO Server Discovery . . . . . . . . . . . . . . . . . . 13 | |||
| 3.3. Security and Privacy . . . . . . . . . . . . . . . . . . . 13 | 3.3. Security and Privacy . . . . . . . . . . . . . . . . . . . 14 | |||
| 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15 | 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16 | |||
| 5. Security Considerations . . . . . . . . . . . . . . . . . . . 16 | 5. Security Considerations . . . . . . . . . . . . . . . . . . . 17 | |||
| 5.1. High-level security considerations . . . . . . . . . . . . 16 | 5.1. High-level security considerations . . . . . . . . . . . . 17 | |||
| 5.2. Information Disclosure Scenarios . . . . . . . . . . . . . 16 | 5.2. Information Disclosure Scenarios . . . . . . . . . . . . . 17 | |||
| 5.2.1. Classification of Information Disclosure Scenarios . . 16 | 5.2.1. Classification of Information Disclosure Scenarios . . 17 | |||
| 5.2.2. Discussion of Information Disclosure Scenarios . . . . 17 | 5.2.2. Discussion of Information Disclosure Scenarios . . . . 18 | |||
| 5.3. Security Requirements . . . . . . . . . . . . . . . . . . 18 | 5.3. Security Requirements . . . . . . . . . . . . . . . . . . 19 | |||
| 6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 19 | 6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 20 | |||
| 6.1. Normative References . . . . . . . . . . . . . . . . . . . 19 | 6.1. Normative References . . . . . . . . . . . . . . . . . . . 20 | |||
| 6.2. Informative References . . . . . . . . . . . . . . . . . . 19 | 6.2. Informative References . . . . . . . . . . . . . . . . . . 20 | |||
| Appendix A. Contributors List and Acknowledgments . . . . . . . . 20 | Appendix A. Contributors List and Acknowledgments . . . . . . . . 21 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 21 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 22 | |||
| 1. Introduction | 1. Introduction | |||
| The motivation for Application-Layer Traffic Optimization (ALTO) is | The motivation for Application-Layer Traffic Optimization (ALTO) is | |||
| described in the ALTO problem statement [RFC5693]. | described in the ALTO problem statement [RFC5693]. | |||
| The goal of ALTO is to provide information which can help peer-to- | The goal of ALTO is to provide information which can help peer-to- | |||
| peer (P2P) applications to make better decisions with respect to peer | peer (P2P) applications to make better decisions with respect to peer | |||
| selection. However, ALTO may be useful for non-P2P applications as | selection. However, ALTO may be useful for non-P2P applications as | |||
| well. For example, clients of client-server applications may use | well. For example, clients of client-server applications may use | |||
| skipping to change at page 7, line 9 ¶ | skipping to change at page 7, line 9 ¶ | |||
| o Host group descriptors, which are used to describe the location of | o Host group descriptors, which are used to describe the location of | |||
| a host in the network topology. | a host in the network topology. | |||
| o Rating criteria, i. e., conditions or relations that shall be | o Rating criteria, i. e., conditions or relations that shall be | |||
| evaluated in order to generate the ALTO guidance. | evaluated in order to generate the ALTO guidance. | |||
| 3. ALTO Requirements | 3. ALTO Requirements | |||
| [*** Note to the RFC editor: before publication as an RFC, please | [*** Note to the RFC editor: before publication as an RFC, please | |||
| remove the draft version number from the requirements numbering, | remove the draft version number from the requirements numbering, | |||
| i.e., change ARv10-1 to AR-1, and so on. Furthermore, remove this | i.e., change ARv11-1 to AR-1, and so on. Furthermore, remove this | |||
| note. ***] | note. ***] | |||
| 3.1. ALTO Client Protocol | 3.1. ALTO Client Protocol | |||
| 3.1.1. General Requirements | 3.1.1. General Requirements | |||
| REQ. ARv10-1: The ALTO service is provided by one or more ALTO | REQ. ARv11-1: The ALTO service is provided by one or more ALTO | |||
| servers. ALTO servers MUST implement an ALTO client protocol, for | servers. ALTO servers MUST implement an ALTO client protocol, for | |||
| receiving ALTO queries from ALTO clients and for sending the | receiving ALTO queries from ALTO clients and for sending the | |||
| corresponding ALTO responses. | corresponding ALTO responses. | |||
| REQ. ARv10-2: ALTO clients MUST implement an ALTO client protocol, | REQ. ARv11-2: ALTO clients MUST implement an ALTO client protocol, | |||
| for sending ALTO queries to ALTO servers and for receiving the | for sending ALTO queries to ALTO servers and for receiving the | |||
| corresponding ALTO responses. | corresponding ALTO responses. | |||
| REQ. ARv10-3: The format of the ALTO query message MUST allow the | REQ. ARv11-3: The format of the ALTO query message MUST allow the | |||
| ALTO client to solicit guidance for selecting appropriate resource | ALTO client to solicit guidance for selecting appropriate resource | |||
| providers. | providers. | |||
| REQ. ARv10-4: The format of the ALTO response message MUST allow the | REQ. ARv11-4: The format of the ALTO response message MUST allow the | |||
| ALTO server to express its guidance for selecting appropriate | ALTO server to express its guidance for selecting appropriate | |||
| resource providers. | resource providers. | |||
| REQ. ARv10-5: The detailed specification of a protocol is out of the | The detailed specification of an ALTO client protocol is out of the | |||
| scope of this document. However, any protocol specification that | scope of this document. However, this document enumerates | |||
| claims to implement an ALTO client protocol MUST be compliant to the | requirements for ALTO, to be considered when specifying, assessing, | |||
| requirements itemized in this document. | or comparing protocols and implementations. | |||
| 3.1.2. Host Group Descriptor Support | 3.1.2. Host Group Descriptor Support | |||
| The ALTO guidance is based on the evaluation of several resource | The ALTO guidance is based on the evaluation of several resource | |||
| providers or groups of resource providers, which are characterized by | providers or groups of resource providers, which are characterized by | |||
| means of host group descriptors, considering one or more rating | means of host group descriptors, considering one or more rating | |||
| criteria. | criteria. | |||
| REQ. ARv10-6: An ALTO client protocol MUST support the host group | REQ. ARv11-5: An ALTO client protocol MUST support the host group | |||
| descriptor types "IPv4 address prefix" and "IPv6 address prefix". | descriptor types "IPv4 address prefix" and "IPv6 address prefix". | |||
| They can be used to specify the IP address of one host, or an IP | They can be used to specify the IP address of one host, or an IP | |||
| address range (in CIDR notation), which contains all hosts in | address range (in CIDR notation), which contains all hosts in | |||
| question. | question. | |||
| REQ. ARv10-7: An ALTO client protocol MUST be extensible to enable | REQ. ARv11-6: An ALTO client protocol MUST be extensible to enable | |||
| support of other host group descriptor types in future. An ALTO | support of other host group descriptor types in future. An ALTO | |||
| client protocol specification MUST define an appropriate procedure | client protocol specification MUST define an appropriate procedure | |||
| for adding new host group descriptor types, e.g., by establishing an | for adding new host group descriptor types, e.g., by establishing an | |||
| IANA registry. | IANA registry. | |||
| REQ. ARv10-8: ALTO clients and ALTO servers MUST clearly identify | REQ. ARv11-7: ALTO clients and ALTO servers MUST clearly identify | |||
| the type of each host group descriptor sent in ALTO queries or | the type of each host group descriptor sent in ALTO queries or | |||
| responses. | responses. | |||
| REQ. ARv10-9: For host group descriptor types other than "IPv4 | REQ. ARv11-8: For host group descriptor types other than "IPv4 | |||
| address prefix" and "IPv6 address prefix", the host group descriptor | address prefix" and "IPv6 address prefix", the host group descriptor | |||
| type identification MUST be supplemented by a reference to a | type identification MUST be supplemented by a reference to a | |||
| facility, which can be used to translate host group descriptors of | facility, which can be used to translate host group descriptors of | |||
| that type to IPv4/IPv6 address prefixes, e.g., by means of a mapping | that type to IPv4/IPv6 address prefixes, e.g., by means of a mapping | |||
| table or an algorithm. | table or an algorithm. | |||
| REQ. ARv10-10: Protocol functions for mapping other host group | REQ. ARv11-9: Protocol functions for mapping other host group | |||
| descriptor types to IPv4/IPv6 address prefixes SHOULD be designed and | descriptor types to IPv4/IPv6 address prefixes SHOULD be designed and | |||
| specified as part of an ALTO client protocol, and the corresponding | specified as part of an ALTO client protocol, and the corresponding | |||
| address mapping information SHOULD be made available by the same | address mapping information SHOULD be made available by the same | |||
| entity that wants to use these host group descriptors within an ALTO | entity that wants to use these host group descriptors within an ALTO | |||
| client protocol. However, an ALTO server or an ALTO client MAY also | client protocol. However, an ALTO server or an ALTO client MAY also | |||
| send a reference to an external mapping facility, e.g., a translation | send a reference to an external mapping facility, e.g., a translation | |||
| table to be obtained via an alternative mechanism. | table to be obtained via an alternative mechanism. | |||
| REQ. ARv10-11: An ALTO client protocol specification MUST define | REQ. ARv11-10: An ALTO client protocol specification MUST define | |||
| mechanisms, which can be used by the ALTO server to indicate that a | mechanisms, which can be used by the ALTO server to indicate that a | |||
| host group descriptor used by the ALTO client is of an unsupported | host group descriptor used by the ALTO client is of an unsupported | |||
| type, or that the indicated mapping mechanism could not be used. | type, or that the indicated mapping mechanism could not be used. | |||
| REQ. ARv10-12: An ALTO client protocol specification MUST define | REQ. ARv11-11: An ALTO client protocol specification MUST define | |||
| mechanisms, which can be used by the ALTO client to indicate that a | mechanisms, which can be used by the ALTO client to indicate that a | |||
| host group descriptor used by the ALTO server is of an unsupported | host group descriptor used by the ALTO server is of an unsupported | |||
| type, or that the indicated mapping mechanism could not be used. | type, or that the indicated mapping mechanism could not be used. | |||
| 3.1.3. Rating Criteria Support | 3.1.3. Rating Criteria Support | |||
| REQ. ARv10-13: An ALTO client protocol specification MUST define a | REQ. ARv11-12: An ALTO client protocol specification MUST define a | |||
| rating criterion that can be used to express and evaluate the | rating criterion that can be used to express and evaluate the | |||
| "relative operator's preference." This is a relative measure, i.e., | "relative operator's preference." This is a relative measure, i.e., | |||
| it is not associated with any unit of measurement. A more-preferred | it is not associated with any unit of measurement. A more-preferred | |||
| rating according to this criterion indicates that the application | rating according to this criterion indicates that the application | |||
| should prefer the respective candidate resource provider over others | should prefer the respective candidate resource provider over others | |||
| with less-preferred ratings (unless information from non-ALTO sources | with less-preferred ratings (unless information from non-ALTO sources | |||
| suggests a different choice, such as transmission attempts suggesting | suggests a different choice, such as transmission attempts suggesting | |||
| that the path is currently congested). The operator of the ALTO | that the path is currently congested). The operator of the ALTO | |||
| server does not have to disclose how and based on which data the | server does not have to disclose how and based on which data the | |||
| ratings are actually computed. Examples could be: cost for peering | ratings are actually computed. Examples could be: cost for peering | |||
| or transit traffic, traffic engineering inside the network, and other | or transit traffic, traffic engineering inside the network, and other | |||
| policies. | policies. | |||
| REQ. ARv10-14: An ALTO client protocol MUST be extensible to enable | REQ. ARv11-13: An ALTO client protocol MUST be extensible to enable | |||
| support of other rating criteria types in future. An ALTO client | support of other rating criteria types in future. An ALTO client | |||
| protocol specification MUST define an appropriate procedure for | protocol specification MUST define an appropriate procedure for | |||
| adding new rating criteria types, e.g., by establishing an IANA | adding new rating criteria types, e.g., by establishing an IANA | |||
| registry. | registry. | |||
| REQ. ARv10-15: ALTO client protocol specifications MUST NOT define | REQ. ARv11-14: ALTO client protocol specifications MUST NOT define | |||
| rating criteria closely related to the instantaneous network | rating criteria closely related to the instantaneous network | |||
| congestion state, whose primary aim is to serve an alternative to | congestion state, whose primary aim is to serve an alternative to | |||
| established congestion control strategies, such as using TCP-based | established congestion control strategies, such as using TCP-based | |||
| transport. | transport. | |||
| One design assumption for ALTO is that it is acceptable that the | One design assumption for ALTO is that it is acceptable that the | |||
| host characteristics attributes, which are stored and processed in | host characteristics attributes, which are stored and processed in | |||
| the ALTO servers for giving the guidance, are updated rather | the ALTO servers for giving the guidance, are updated rather | |||
| infrequently. Typical update intervals may be several orders of | infrequently. Typical update intervals may be several orders of | |||
| magnitude longer than the typical network-layer packet round-trip | magnitude longer than the typical network-layer packet round-trip | |||
| time (RTT). Therefore, ALTO cannot be a replacement for TCP-like | time (RTT). Therefore, ALTO cannot be a replacement for TCP-like | |||
| congestion control mechanisms. The definition of alternate | congestion control mechanisms. The definition of alternate | |||
| approaches for congestion control is explicitly a non-goal for the | approaches for congestion control is explicitly a non-goal for the | |||
| ALTO working group [ALTO-charter]. | ALTO working group [ALTO-charter]. | |||
| REQ. ARv10-16: Applications using ALTO guidance MUST NOT rely on the | REQ. ARv11-15: Applications using ALTO guidance MUST NOT rely on the | |||
| ALTO guidance to avoid causing network congestion. Instead, | ALTO guidance to avoid causing network congestion. Instead, | |||
| applications MUST use other appropriate means, such as TCP based | applications MUST use other appropriate means, such as TCP based | |||
| transport, to avoid causing excessive congestion. | transport, to avoid causing excessive congestion. | |||
| REQ. ARv10-17: The ALTO query message SHOULD allow the ALTO client | REQ. ARv11-16: The ALTO query message SHOULD allow the ALTO client | |||
| to express which rating criteria should be considered, as well as | to express which rating criteria should be considered, as well as | |||
| their relative relevance for the specific application that will | their relative relevance for the specific application that will | |||
| eventually make use of the guidance. | eventually make use of the guidance. | |||
| REQ. ARv10-18: The ALTO response message SHOULD allow the ALTO | REQ. ARv11-17: The ALTO response message SHOULD allow the ALTO | |||
| server to express which rating criteria have been considered when | server to express which rating criteria have been considered when | |||
| generating the response. | generating the response. | |||
| REQ. ARv10-19: An ALTO client protocol specification MUST define | REQ. ARv11-18: An ALTO client protocol specification MUST define | |||
| mechanisms, which can be used by the ALTO client and the ALTO server | mechanisms, which can be used by the ALTO client and the ALTO server | |||
| to indicate that a rating criteria used by the other party is of an | to indicate that a rating criteria used by the other party is of an | |||
| unsupported type. | unsupported type. | |||
| 3.1.4. Placement of Entities and Timing of Transactions | 3.1.4. Placement of Entities and Timing of Transactions | |||
| With respect to the placement of ALTO clients, several modes of | With respect to the placement of ALTO clients, several modes of | |||
| operation exist: | operation exist: | |||
| o One mode of ALTO operation is that an ALTO client may be embedded | o One mode of ALTO operation is that an ALTO client may be embedded | |||
| skipping to change at page 10, line 21 ¶ | skipping to change at page 10, line 21 ¶ | |||
| such as "query flooding" for resource discovery. | such as "query flooding" for resource discovery. | |||
| o Another mode of operation is to integrate the ALTO client into a | o Another mode of operation is to integrate the ALTO client into a | |||
| third party such as a resource directory, which may issue ALTO | third party such as a resource directory, which may issue ALTO | |||
| queries to solicit preference on potential resource providers, | queries to solicit preference on potential resource providers, | |||
| considering the respective resource consumer. For example, an | considering the respective resource consumer. For example, an | |||
| ALTO client could be integrated into the tracker of a tracker- | ALTO client could be integrated into the tracker of a tracker- | |||
| based P2P application, in order to request ALTO guidance on behalf | based P2P application, in order to request ALTO guidance on behalf | |||
| of the peers contacting the tracker. | of the peers contacting the tracker. | |||
| REQ. ARv10-20: An ALTO client protocol MUST support the mode of | REQ. ARv11-19: An ALTO client protocol MUST support the mode of | |||
| operation in which the ALTO client is directly embedded in the | operation in which the ALTO client is directly embedded in the | |||
| resource consumer. | resource consumer. | |||
| REQ. ARv10-21: An ALTO client protocol MUST support the mode of | REQ. ARv11-20: An ALTO client protocol MUST support the mode of | |||
| operation in which the ALTO client is embedded in a third party, | operation in which the ALTO client is embedded in a third party, | |||
| which performs queries on behalf of resource consumers. | which performs queries on behalf of resource consumers. | |||
| REQ. ARv10-22: An ALTO client protocol MUST be designed in a way | REQ. ARv11-21: An ALTO client protocol MUST be designed in a way | |||
| that the ALTO service can be provided by an entity which is not the | that the ALTO service can be provided by an entity which is not the | |||
| operator of the underlying IP network. | operator of the underlying IP network. | |||
| REQ. ARv10-23: An ALTO client protocol MUST be designed in a way | REQ. ARv11-22: An ALTO client protocol MUST be designed in a way | |||
| that different instances of the ALTO service operated by different | that different instances of the ALTO service operated by different | |||
| providers can coexist. | providers can coexist. | |||
| With respect to the timing of ALTO queries, several modes of | With respect to the timing of ALTO queries, several modes of | |||
| operation exist: | operation exist: | |||
| o In target-aware query mode, an ALTO client performs the ALTO query | o In target-aware query mode, an ALTO client performs the ALTO query | |||
| when the desired resource and a set of candidate resource | when the desired resource and a set of candidate resource | |||
| providers are already known, i. e., after DHT lookups, queries to | providers are already known, i. e., after DHT lookups, queries to | |||
| the resource directory, etc. | the resource directory, etc. | |||
| o In target-independent query mode, ALTO queries are performed in | o In target-independent query mode, ALTO queries are performed in | |||
| advance or periodically, in order to receive comprehensive, | advance or periodically, in order to receive comprehensive, | |||
| "target-independent" guidance, which will be cached locally and | "target-independent" guidance, which will be cached locally and | |||
| evaluated later, when a resource is to be accessed. | evaluated later, when a resource is to be accessed. | |||
| REQ. ARv10-24: An ALTO client protocol MUST support at least one of | REQ. ARv11-23: An ALTO client protocol MUST support at least one of | |||
| these two modes, either the target-aware or the target-independent | these two modes, either the target-aware or the target-independent | |||
| query mode. | query mode. | |||
| REQ. ARv10-25: An ALTO client protocol SHOULD support both the | REQ. ARv11-24: An ALTO client protocol SHOULD support both the | |||
| target-aware and the target-independent query mode. | target-aware and the target-independent query mode. | |||
| REQ. ARv10-26: An ALTO client protocol SHOULD support version | REQ. ARv11-25: An ALTO client protocol SHOULD support version | |||
| numbering, TTL (time-to-live) attributes, and/or similar mechanisms | numbering, TTL (time-to-live) attributes, and/or similar mechanisms | |||
| in ALTO transactions, in order to enable time validity checking for | in ALTO transactions, in order to enable time validity checking for | |||
| caching, and to enable comparisons of multiple recommendations | caching, and to enable comparisons of multiple recommendations | |||
| obtained through redistribution. | obtained through redistribution. | |||
| REQ. ARv10-27: An ALTO client protocol SHOULD allow the ALTO server | REQ. ARv11-26: An ALTO client protocol SHOULD allow the ALTO server | |||
| to add information about appropriate modes of re-use to its ALTO | to add information about appropriate modes of re-use to its ALTO | |||
| responses. Re-use may include redistributing an ALTO response to | responses. Re-use may include redistributing an ALTO response to | |||
| other parties, as well as using the same ALTO information in a | other parties, as well as using the same ALTO information in a | |||
| resource directory to improve the responses to different resource | resource directory to improve the responses to different resource | |||
| consumers, within the specified lifetime of the ALTO response. The | consumers, within the specified lifetime of the ALTO response. The | |||
| ALTO server SHOULD be able to express that | ALTO server SHOULD be able to express that | |||
| o no re-use should occur | o no re-use should occur | |||
| o re-use is appropriate for a specific "target audience", i.e., a | o re-use is appropriate for a specific "target audience", i.e., a | |||
| skipping to change at page 11, line 49 ¶ | skipping to change at page 11, line 49 ¶ | |||
| resource consumer ID, if applicable) to any other ALTO server, | resource consumer ID, if applicable) to any other ALTO server, | |||
| which was discovered (using an ALTO discovery mechanism) together | which was discovered (using an ALTO discovery mechanism) together | |||
| with this ALTO server | with this ALTO server | |||
| o re-use is appropriate for any resource consumer that would send | o re-use is appropriate for any resource consumer that would send | |||
| (or cause a third party sending on behalf of it) the same ALTO | (or cause a third party sending on behalf of it) the same ALTO | |||
| query (i.e., with the same query parameters, except for the | query (i.e., with the same query parameters, except for the | |||
| resource consumer ID, if applicable) to any ALTO server in the | resource consumer ID, if applicable) to any ALTO server in the | |||
| whole network | whole network | |||
| REQ. ARv10-28: An ALTO client protocol MUST support the exchange of | REQ. ARv11-27: An ALTO client protocol MUST support the exchange of | |||
| ALTO transactions even if the ALTO client is located in the private | ALTO transactions even if the ALTO client is located in the private | |||
| address realm behind a network address translator (NAT). There are | address realm behind a network address translator (NAT). There are | |||
| different types of NAT, see [RFC4787] and [RFC5382]. | different types of NAT, see [RFC4787] and [RFC5382]. | |||
| 3.1.5. Protocol Extensibility | 3.1.5. Protocol Extensibility | |||
| REQ. ARv10-29: An ALTO client protocol MUST include support for | REQ. ARv11-28: An ALTO client protocol MUST include support for | |||
| adding protocol extensions in a non-disruptive, backward-compatible | adding protocol extensions in a non-disruptive, backward-compatible | |||
| way. | way. | |||
| REQ. ARv10-30: An ALTO client protocol MUST include protocol | REQ. ARv11-29: An ALTO client protocol MUST include protocol | |||
| versioning support, in order to clearly distinguish between | versioning support, in order to clearly distinguish between | |||
| incompatible versions of the protocol. | incompatible versions of the protocol. | |||
| 3.1.6. Error Handling and Overload Protection | 3.1.6. Error Handling and Overload Protection | |||
| REQ. ARv10-31: An ALTO client protocol MUST use TCP based transport. | REQ. ARv11-30: An ALTO client protocol MUST use TCP based transport. | |||
| REQ. ARv10-32: An ALTO client protocol specification MUST specify | REQ. ARv11-31: An ALTO client protocol specification MUST specify | |||
| mechanisms, or detail how to leverage appropriate mechanisms provided | mechanisms, or detail how to leverage appropriate mechanisms provided | |||
| by underlying protocol layers, which can be used by an ALTO server | by underlying protocol layers, which can be used by an ALTO server to | |||
| operating close to its capacity limit, to inform clients about its | inform clients about an impending or occurring overload situation, | |||
| impending overload situation, and require them to throttle their | and require them to throttle their query rate. | |||
| query rate. | ||||
| REQ. ARv10-33: An ALTO client protocol specification MUST specify | In particular, as a simple way of achieving some basic form of | |||
| throttling, an ALTO server MAY answer ALTO queries with a "Retry | ||||
| After: {point in time | time delta}" message. This "Retry After" MAY | ||||
| be sent as part of the ALTO reply together with the requested guiding | ||||
| information, or as a standalone (error) message not giving the | ||||
| requested guidance. | ||||
| REQ. ARv11-32: An ALTO client protocol specification MUST specify | ||||
| mechanisms, or detail how to leverage appropriate mechanisms provided | mechanisms, or detail how to leverage appropriate mechanisms provided | |||
| by underlying protocol layers, which can be used by an ALTO server | by underlying protocol layers, which can be used by an ALTO server to | |||
| operating close to its capacity limit, to inform clients about its | inform clients about an impending or occurring overload situation, | |||
| impending overload situation, and redirect them to another ALTO | and redirect them to another ALTO server. | |||
| REQ. ARv11-33: An ALTO client protocol specification MUST specify | ||||
| mechanisms, or detail how to leverage appropriate mechanisms provided | ||||
| by underlying protocol layers, which can be used by an ALTO server to | ||||
| inform clients about an impending or occurring overload situation, | ||||
| and terminate the conversation with the ALTO client. | ||||
| REQ. ARv11-34: An ALTO client protocol specification MUST specify | ||||
| mechanisms, or detail how to leverage appropriate mechanisms provided | ||||
| by underlying protocol layers, which can be used by an ALTO server to | ||||
| inform clients about its inability to answer queries due to technical | ||||
| problems or system maintenance, and advise them to retry after an | ||||
| indicated point in time or after an indicated period of time has | ||||
| elapsed. | ||||
| REQ. ARv11-35: An ALTO client protocol specification MUST specify | ||||
| mechanisms, or detail how to leverage appropriate mechanisms provided | ||||
| by underlying protocol layers, which can be used by an ALTO server to | ||||
| inform clients about its inability to answer queries due to technical | ||||
| problems or system maintenance, and redirect them to another ALTO | ||||
| server. | server. | |||
| REQ. ARv10-34: An ALTO client protocol specification MUST specify | REQ. ARv11-36: An ALTO client protocol specification MUST specify | |||
| mechanisms, or detail how to leverage appropriate mechanisms provided | mechanisms, or detail how to leverage appropriate mechanisms provided | |||
| by underlying protocol layers, which can be used by an ALTO server | by underlying protocol layers, which can be used by an ALTO server to | |||
| operating close to its capacity limit, to inform clients about its | inform clients about its inability to answer queries due to technical | |||
| impending overload situation, and terminate the conversation with the | problems or system maintenance, and terminate the conversation with | |||
| ALTO client. | the ALTO client. | |||
| Note: The existence of the above-mentioned protocol mechanisms does | ||||
| not imply that an ALTO server must use them when facing an overload, | ||||
| technical problem, or maintenance situation, respectively. Some | ||||
| servers may be unable to use them in that situation, or they may | ||||
| prefer to simply refuse the connection or not to send any answer at | ||||
| all. | ||||
| 3.2. ALTO Server Discovery | 3.2. ALTO Server Discovery | |||
| An ALTO client protocol is supported by one or more ALTO server | An ALTO client protocol is supported by one or more ALTO server | |||
| discovery mechanisms, which may be used by ALTO clients in order to | discovery mechanisms, which may be used by ALTO clients in order to | |||
| determine one or more ALTO servers, to which ALTO requests can be | determine one or more ALTO servers, to which ALTO requests can be | |||
| sent. This section enumerates requirements for an ALTO client | sent. This section enumerates requirements for an ALTO client, as | |||
| protocol, as well as general requirements to be fulfilled by the ALTO | well as general requirements to be fulfilled by the ALTO server | |||
| server discovery mechanisms. | discovery mechanisms. | |||
| REQ. ARv10-35: ALTO clients which are embedded in the resource | REQ. ARv11-37: ALTO clients which are embedded in the resource | |||
| consumer MUST be able to use an ALTO server discovery mechanism, in | consumer MUST be able to use an ALTO server discovery mechanism, in | |||
| order to find one or several ALTO servers that can provide ALTO | order to find one or several ALTO servers that can provide ALTO | |||
| guidance suitable for the resource consumer. This mode of operation | guidance suitable for the resource consumer. This mode of operation | |||
| is called "resource consumer initiated ALTO server discovery". | is called "resource consumer initiated ALTO server discovery". | |||
| REQ. ARv10-36: ALTO clients which are embedded in a resource | REQ. ARv11-38: ALTO clients which are embedded in a resource | |||
| directory and perform third-party ALTO queries on behalf of a remote | directory and perform third-party ALTO queries on behalf of a remote | |||
| resource consumer MUST be able to use an ALTO server discovery | resource consumer MUST be able to use an ALTO server discovery | |||
| mechanism, in order to find one or several ALTO servers that can | mechanism, in order to find one or several ALTO servers that can | |||
| provide ALTO guidance suitable for the respective resource consumer. | provide ALTO guidance suitable for the respective resource consumer. | |||
| This mode of operation is called "third-party ALTO server discovery". | This mode of operation is called "third-party ALTO server discovery". | |||
| REQ. ARv10-37: ALTO clients MUST be able to perform resource | REQ. ARv11-39: ALTO clients MUST be able to perform resource | |||
| consumer initiated ALTO server discovery, even if they are located | consumer initiated ALTO server discovery, even if they are located | |||
| behind a network address translator (NAT). | behind a network address translator (NAT). | |||
| REQ. ARv10-38: ALTO clients MUST be able to perform third-party ALTO | REQ. ARv11-40: ALTO clients MUST be able to perform third-party ALTO | |||
| server discovery, even if they are located behind a network address | server discovery, even if they are located behind a network address | |||
| translator (NAT). | translator (NAT). | |||
| REQ. ARv10-39: ALTO clients MUST be able to perform third-party ALTO | REQ. ARv11-41: ALTO clients MUST be able to perform third-party ALTO | |||
| server discovery, even if the resource consumer, on behalf of which | server discovery, even if the resource consumer, on behalf of which | |||
| the ALTO query will be sent, is located behind a network address | the ALTO query will be sent, is located behind a network address | |||
| translator (NAT). | translator (NAT). | |||
| REQ. ARv10-40: ALTO server discovery mechanisms SHOULD leverage an | REQ. ARv11-42: ALTO server discovery mechanisms SHOULD leverage an | |||
| existing protocol or mechanism, such as DNS, DHCP, or PPP based | existing protocol or mechanism, such as DNS, DHCP, or PPP based | |||
| automatic configuration, etc. A single mechanism with a broad | automatic configuration, etc. A single mechanism with a broad | |||
| spectrum of applicability SHOULD be preferred over several different | spectrum of applicability SHOULD be preferred over several different | |||
| mechanisms with narrower scopes. | mechanisms with narrower scopes. | |||
| REQ. ARv10-41: Every ALTO server discovery mechanism SHOULD be able | REQ. ARv11-43: Every ALTO server discovery mechanism SHOULD be able | |||
| to return the respective contact information for multiple ALTO | to return the respective contact information for multiple ALTO | |||
| servers. | servers. | |||
| REQ. ARv10-42: Every ALTO server discovery mechanism SHOULD be able | REQ. ARv11-44: Every ALTO server discovery mechanism SHOULD be able | |||
| to indicate preferences for each returned ALTO server contact | to indicate preferences for each returned ALTO server contact | |||
| information. | information. | |||
| 3.3. Security and Privacy | 3.3. Security and Privacy | |||
| REQ. ARv10-43: An ALTO client protocol specification MUST specify | REQ. ARv11-45: An ALTO client protocol specification MUST specify | |||
| mechanisms for the authentication of ALTO servers, or how to leverage | mechanisms for the authentication of ALTO servers, or how to leverage | |||
| appropriate mechanisms provided by underlying protocol layers. | appropriate mechanisms provided by underlying protocol layers. | |||
| REQ. ARv10-44: An ALTO client protocol specification MUST specify | REQ. ARv11-46: An ALTO client protocol specification MUST specify | |||
| mechanisms for the authentication of ALTO clients, or how to leverage | mechanisms for the authentication of ALTO clients, or how to leverage | |||
| appropriate mechanisms provided by underlying protocol layers. | appropriate mechanisms provided by underlying protocol layers. | |||
| REQ. ARv10-45: An ALTO client protocol specification MUST specify | REQ. ARv11-47: An ALTO client protocol specification MUST specify | |||
| mechanisms for the encryption of messages, or how to leverage | mechanisms for the encryption of messages, or how to leverage | |||
| appropriate mechanisms provided by underlying protocol layers. | appropriate mechanisms provided by underlying protocol layers. | |||
| REQ. ARv10-46: The operator of an ALTO server MUST NOT assume that | REQ. ARv11-48: The operator of an ALTO server MUST NOT assume that | |||
| an ALTO client will implement mechanisms or comply with rules that | an ALTO client will implement mechanisms or comply with rules that | |||
| limit the ALTO client's ability to redistribute information retrieved | limit the ALTO client's ability to redistribute information retrieved | |||
| from the ALTO server to third parties. | from the ALTO server to third parties. | |||
| REQ. ARv10-47: An ALTO client protocol MUST support different levels | REQ. ARv11-49: An ALTO client protocol MUST support different levels | |||
| of detail in queries and responses, in order to protect the privacy | of detail in queries and responses, in order to protect the privacy | |||
| of users, to ensure that the operators of ALTO servers and other | of users, to ensure that the operators of ALTO servers and other | |||
| users of the same application cannot derive sensitive information. | users of the same application cannot derive sensitive information. | |||
| REQ. ARv10-48: An ALTO client protocol MAY include mechanisms that | REQ. ARv11-50: An ALTO client protocol MAY include mechanisms that | |||
| can be used by the ALTO client when requesting guidance to specify | can be used by the ALTO client when requesting guidance to specify | |||
| the resource (e.g., content identifiers) it wants to access. An ALTO | the resource (e.g., content identifiers) it wants to access. An ALTO | |||
| server MUST provide adequate guidance even if the ALTO client prefers | server MUST provide adequate guidance even if the ALTO client prefers | |||
| not to specify the desired resource (e.g., keeps the data field | not to specify the desired resource (e.g., keeps the data field | |||
| empty). The mechanism MUST be designed in a way that the operator of | empty). The mechanism MUST be designed in a way that the operator of | |||
| the ALTO server cannot easily deduce the resource identifier (e.g., | the ALTO server cannot easily deduce the resource identifier (e.g., | |||
| file name in P2P file sharing) if the ALTO client prefers not to | file name in P2P file sharing) if the ALTO client prefers not to | |||
| specify it. | specify it. | |||
| REQ. ARv10-49: An ALTO client protocol specification MUST specify | REQ. ARv11-51: An ALTO client protocol specification MUST specify | |||
| appropriate mechanisms for protecting the ALTO service against DoS | appropriate mechanisms for protecting the ALTO service against DoS | |||
| attacks, or how to leverage appropriate mechanisms provided by | attacks, or how to leverage appropriate mechanisms provided by | |||
| underlying protocol layers. | underlying protocol layers. | |||
| 4. IANA Considerations | 4. IANA Considerations | |||
| This requirements document does not mandate any immediate IANA | This requirements document does not mandate any immediate IANA | |||
| actions. However, such IANA considerations may arise from future | actions. However, such IANA considerations may arise from future | |||
| ALTO specification documents which try to meet the requirements given | ALTO specification documents which try to meet the requirements given | |||
| here. | here. | |||
| End of changes. 59 change blocks. | ||||
| 85 lines changed or deleted | 118 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||