Liaison statement
Liaison Statement on URI Signing for MPEG-DASH to IETF

State Posted
Posted Date 2015-07-07
From Group ISO-IEC-JTC1-SC29-WG11
From Contact Shinji Watanabe
To Group IETF
To Contacts The IETF Chair
CcThe IESG
Stephan Wenger
Purpose For information
Attachments Liaison Statement on URI Signing for MPEG-DASH to IETF
Body
MPEG would like to thank IETF for considering the MPEG-DASH use case in the
context the URI Signing for CDN Interconnection (CDNI) specification. In
addition, MPEG appreciates the communication on the rescheduled completion date
of this specification.

At the 112th MPEG meeting MPEG experts studied the new draft and analysed its
integration in MPEG-DASH. The discussion led to several comments and
observation that MPEG experts would like to share with the IETF CDNI working
group. The comments are captured below.

Behaviour of the User Agent
According to the URI Signing specification, URI Signed Token may be transported
with an HTTP response header. In that case, the User Agent is expected to
extract the URI Signed Token from this specific HTTP header and reinsert it in
the next HTTP request as a query string argument. MPEG experts would like to
know whether the IETF CDNI working group intended to mandate this behaviour in
the User Agent, or whether it is up to the application to handle this operation.

Long-term tokens
Some DASH services may use long-term tokens to request segments, where
long-term typically means couple of hours to several days. In this scenario,
additional tokens (not URI Signed Token) are sent along to enforce client
authentication. As a result, refreshing the URI Signed Token every time the CDN
receives a request may seem superfluous. MPEG experts would like to know the
opinion of the IETF CDNI working group on this scenario and whether the
validation mechanism could be adapted, e.g. by signalling when the CDN must
regenerate a new URI Signed Token.

Name collision
MPEG experts understand that the name URISigningPackage, as a query string, as
an HTTP header parameter or in a cookie, constitutes a normative aspect of the
URI Signing specification. MPEG experts would like to know whether the IETF
CDNI working group has decided the appropriate approach to prevent name
collision.

MPEG kindly asks the IETF CDNI working group to consider the above observations
and welcome further collaboration on this topic.

Our future meetings:
-       DASH Ad-hoc meetings, 17 August 2015, San Diego, and 18 October 2015,
Geneva -       The 113th MPEG meeting, 19 – 23 October 2014, Geneva