Liaison Statement on URI Signing for MPEG-DASH to IETF
Additional information about IETF liaison relationships is available on the IETF webpage and the Internet Architecture Board liaison webpage.
|From Contact||Shinji Watanabe|
|To Contacts||The IETF Chair <email@example.com>|
|Cc||The IESG <firstname.lastname@example.org>
Stephan Wenger <email@example.com>
|Attachments||Liaison Statement on URI Signing for MPEG-DASH to IETF|
MPEG would like to thank IETF for considering the MPEG-DASH use case in the context the URI Signing for CDN Interconnection (CDNI) specification. In addition, MPEG appreciates the communication on the rescheduled completion date of this specification. At the 112th MPEG meeting MPEG experts studied the new draft and analysed its integration in MPEG-DASH. The discussion led to several comments and observation that MPEG experts would like to share with the IETF CDNI working group. The comments are captured below. Behaviour of the User Agent According to the URI Signing specification, URI Signed Token may be transported with an HTTP response header. In that case, the User Agent is expected to extract the URI Signed Token from this specific HTTP header and reinsert it in the next HTTP request as a query string argument. MPEG experts would like to know whether the IETF CDNI working group intended to mandate this behaviour in the User Agent, or whether it is up to the application to handle this operation. Long-term tokens Some DASH services may use long-term tokens to request segments, where long-term typically means couple of hours to several days. In this scenario, additional tokens (not URI Signed Token) are sent along to enforce client authentication. As a result, refreshing the URI Signed Token every time the CDN receives a request may seem superfluous. MPEG experts would like to know the opinion of the IETF CDNI working group on this scenario and whether the validation mechanism could be adapted, e.g. by signalling when the CDN must regenerate a new URI Signed Token. Name collision MPEG experts understand that the name URISigningPackage, as a query string, as an HTTP header parameter or in a cookie, constitutes a normative aspect of the URI Signing specification. MPEG experts would like to know whether the IETF CDNI working group has decided the appropriate approach to prevent name collision. MPEG kindly asks the IETF CDNI working group to consider the above observations and welcome further collaboration on this topic. Our future meetings: - DASH Ad-hoc meetings, 17 August 2015, San Diego, and 18 October 2015, Geneva - The 113th MPEG meeting, 19 – 23 October 2014, Geneva