Liaison statement
Liaison Statement on URI Signing for MPEG-DASH to IETF

State Posted
Posted Date 2015-07-07
From Group ISO-IEC-JTC1-SC29-WG11
From Contact Shinji Watanabe
To Group IETF
To Contacts The IETF Chair
CcThe IESG
Stephan Wenger
Purpose For information
Attachments Liaison Statement on URI Signing for MPEG-DASH to IETF
Body
MPEG would like to thank IETF for considering the MPEG-DASH use case in the
context the URI Signing for CDN Interconnection (CDNI) specification. In
addition, MPEG appreciates the communication on the rescheduled completion
date of this specification. 

At the 112th MPEG meeting MPEG experts studied the new draft and analysed its
integration in MPEG-DASH. The discussion led to several comments and
observation that MPEG experts would like to share with the IETF CDNI working
group. The comments are captured below.

Behaviour of the User Agent
According to the URI Signing specification, URI Signed Token may be
transported with an HTTP response header. In that case, the User Agent is
expected to extract the URI Signed Token from this specific HTTP header and
reinsert it in the next HTTP request as a query string argument. MPEG experts
would like to know whether the IETF CDNI working group intended to mandate
this behaviour in the User Agent, or whether it is up to the application to
handle this operation.

Long-term tokens
Some DASH services may use long-term tokens to request segments, where
long-term typically means couple of hours to several days. In this scenario,
additional tokens (not URI Signed Token) are sent along to enforce client
authentication. As a result, refreshing the URI Signed Token every time the
CDN receives a request may seem superfluous. MPEG experts would like to know
the opinion of the IETF CDNI working group on this scenario and whether the
validation mechanism could be adapted, e.g. by signalling when the CDN must
regenerate a new URI Signed Token.

Name collision
MPEG experts understand that the name URISigningPackage, as a query string, as
an HTTP header parameter or in a cookie, constitutes a normative aspect of the
URI Signing specification. MPEG experts would like to know whether the IETF
CDNI working group has decided the appropriate approach to prevent name
collision.


MPEG kindly asks the IETF CDNI working group to consider the above
observations and welcome further collaboration on this topic.


Our future meetings:
-	DASH Ad-hoc meetings, 17 August 2015, San Diego, and 18 October 2015,
Geneva
-	The 113th MPEG meeting, 19 – 23 October 2014, Geneva