Comcast's Web Notification System Design
RFC 6108

Document Type RFC - Informational (February 2011; No errata)
Last updated 2015-10-14
Stream ISE
Formats plain text pdf html bibtex
Stream ISE state (None)
Consensus Boilerplate Unknown
Document shepherd No shepherd assigned
IESG IESG state RFC 6108 (Informational)
Telechat date
Responsible AD Peter Saint-Andre
Send notices to (None)
Independent Submission                                          C. Chung
Request for Comments: 6108                                   A. Kasyanov
Category: Informational                                     J. Livingood
ISSN: 2070-1721                                                  N. Mody
                                                                 Comcast
                                                             B. Van Lieu
                                                            Unaffiliated
                                                           February 2011

                Comcast's Web Notification System Design

Abstract

   The objective of this document is to describe a method of providing
   critical end-user notifications to web browsers, which has been
   deployed by Comcast, an Internet Service Provider (ISP).  Such a
   notification system is being used to provide near-immediate
   notifications to customers, such as to warn them that their traffic
   exhibits patterns that are indicative of malware or virus infection.
   There are other proprietary systems that can perform such
   notifications, but those systems utilize Deep Packet Inspection (DPI)
   technology.  In contrast to DPI, this document describes a system
   that does not rely upon DPI, and is instead based in open IETF
   standards and open source applications.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This is a contribution to the RFC Series, independently of any other
   RFC stream.  The RFC Editor has chosen to publish this document at
   its discretion and makes no statement about its value for
   implementation or deployment.  Documents approved for publication by
   the RFC Editor are not a candidate for any level of Internet
   Standard; see Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc6108.

Chung, et al.                 Informational                     [Page 1]
RFC 6108            Comcast's Web Notification System      February 2011

Copyright Notice

   Copyright (c) 2011 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.

Table of Contents

   1. Introduction ....................................................3
   2. High-Level Design of the System .................................3
   3. Design Requirements .............................................3
      3.1. General Requirements .......................................4
      3.2. Web Proxy Requirements .....................................6
      3.3. ICAP Server Requirements ...................................7
      3.4. Messaging Service Requirements .............................8
   4. Implementation Details ..........................................8
      4.1. Functional Components Described, as Implemented ............9
      4.2. Functional Diagram, as Implemented ........................10
   5. High-Level Communication Flow, as Implemented ..................11
   6. Communication between Web Proxy and ICAP Server, as
      Implemented ....................................................12
   7. End-to-End Web Notification Flow, as Implemented ...............13
      7.1. Step-by-Step Description of the End-to-End Web
           Notification Flow .........................................14
      7.2. Diagram of the End-to-End Web Notification Flow ...........15
   8. Example HTTP Headers and JavaScript for a Web Notification .....16
   9. Deployment Considerations ......................................18
   10. Security Considerations .......................................19
   11. Debating the Necessity of Such a Critical Notification
       System ........................................................19
   12. Suggesting a Walled Garden as an Alternative ..................20
   13. Intended Next Steps ...........................................21
   14. Acknowledgements ..............................................21
   15. References ....................................................21
      15.1. Normative References .....................................21
      15.2. Informative References ...................................23

Chung, et al.                 Informational                     [Page 2]
RFC 6108            Comcast's Web Notification System      February 2011
Show full document text