IETF Logo Mail Archive

Re: [alto] Reprise of REST comments

"Thomson, Martin" <Martin.Thomson@andrew.com> Wed, 05 January 2011 00:37 UTC

Return-Path: <Martin.Thomson@andrew.com>
X-Original-To: alto@core3.amsl.com
Delivered-To: alto@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 19ADD3A6DD4 for <alto@core3.amsl.com>; Tue, 4 Jan 2011 16:37:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.247
X-Spam-Level:
X-Spam-Status: No, score=-2.247 tagged_above=-999 required=5 tests=[AWL=-0.248, BAYES_00=-2.599, J_CHICKENPOX_46=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ek+A0q0u+xn0 for <alto@core3.amsl.com>; Tue, 4 Jan 2011 16:37:52 -0800 (PST)
Received: from csmailgw2.commscope.com (csmailgw2.commscope.com [198.135.207.242]) by core3.amsl.com (Postfix) with ESMTP id 082143A6DAC for <alto@ietf.org>; Tue, 4 Jan 2011 16:37:52 -0800 (PST)
Received: from [10.86.20.103] ([10.86.20.103]:8571 "EHLO ACDCE7HC2.commscope.com") by csmailgw2.commscope.com with ESMTP id S510761Ab1AEAj6 (ORCPT <rfc822; alto@ietf.org>); Tue, 4 Jan 2011 18:39:58 -0600
Received: from SISPE7HC1.commscope.com (10.97.4.12) by ACDCE7HC2.commscope.com (10.86.20.103) with Microsoft SMTP Server (TLS) id 8.3.137.0; Tue, 4 Jan 2011 18:39:58 -0600
Received: from SISPE7MB1.commscope.com ([fe80::9d82:a492:85e3:a293]) by SISPE7HC1.commscope.com ([fe80::8a9:4724:f6bb:3cdf%10]) with mapi; Wed, 5 Jan 2011 08:39:54 +0800
From: "Thomson, Martin" <Martin.Thomson@andrew.com>
To: Richard Alimi <rich@velvetsea.net>
Date: Wed, 05 Jan 2011 08:39:52 +0800
Thread-Topic: [alto] Reprise of REST comments
Thread-Index: Acurc7osmsV7YhnRS/KHznWfWBl2bQA9Ap3w
Message-ID: <8B0A9FCBB9832F43971E38010638454F03F50ED506@SISPE7MB1.commscope.com>
References: <8B0A9FCBB9832F43971E38010638454F03F336538D@SISPE7MB1.commscope.com> <AANLkTi=MzkpVSw5Nvet2GLdaEGFYCKo++eKbZbG5QCj3@mail.gmail.com>
In-Reply-To: <AANLkTi=MzkpVSw5Nvet2GLdaEGFYCKo++eKbZbG5QCj3@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-BCN: Meridius 1000 Version 3.4 on csmailgw2.commscope.com
X-BCN-Sender: Martin.Thomson@andrew.com
Cc: "alto@ietf.org" <alto@ietf.org>
Subject: Re: [alto] Reprise of REST comments
X-BeenThere: alto@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Application-Layer Traffic Optimization \(alto\) WG mailing list" <alto.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/alto>, <mailto:alto-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/alto>
List-Post: <mailto:alto@ietf.org>
List-Help: <mailto:alto-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/alto>, <mailto:alto-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Jan 2011 00:37:53 -0000

Hi Rich,

Regarding complexity, there are some things that are unavoidable.  Essential complexity exists for describing formats, as well as the filtering service (that arises because you are optimizing - one of the most common sources of complexity :)

By re-using existing work, you also gain experience in dealing with known problems rather than having to tackle them for yourself.  The linking work is a good example of that.  As is MIME+conneg for versioning.

> I'm not sure the proposed solution will handle the redistribution case
> discussed in Section 8.1.1.1 of draft-ietf-alto-protocol-06 (perhaps
> you can convince me otherwise).  The use case is about retrieving ALTO
> information from another ALTO Client (not via HTTP).  Since it comes
> from another, perhaps un-trusted, ALTO Client, the information itself
> is digitally signed by the original ALTO Service.  The Service ID is
> simply an identifier for the Service which might be implemented by
> multiple physical servers without relying on each service being behind
> a single DNS name.  Perhaps I am missing it, but perhaps you could
> suggest how making the ALTO Protocol REST-ful might handle this use
> case as well?

I'm not sure if I'm just not understanding the problem, so let me describe what I think that you are trying to achieve.

The problem is where information travels from Server A to Client A to Client B.  Client B finds that they don't trust Client A to pass the information on faithfully.  You wish to have a way for Client B to validate that the information is correct.  Right?

Let's do away with the idea that Server A and Server B have different identities.  Logically, to the clients, there is a single authority that is providing this information.  The resource has a single identity (a URI).

Load sharing and content distribution don't need to play into this.  Any server that is reached by following a URI MUST be authoritative for that resource, whether it be load balanced through DNS, anycast or reverse proxy.  That server can choose to redirect as it chooses without compromising the integrity of the result.

The task then is in determining if a particular representation is faithful for that resource.  You are talking of an optimization that doesn't result in downloading the entire representation all over.

Digital signatures are one way of checking, but there are other options:

  - MD5 is pretty weak by modern standards, but a HEAD request to the URI could produce a Content-MD5 header.
  - Use a link header (and a HEAD request) to include a link to a digest if MD5 is no good.
  - Wait for someone else to invent some better HTTP integrity mechanism.  Mark Nottingham is interested in designing something for more general caching applications.

I'm going to advise that the latter is the course you want to follow, perhaps leaving other options open in the meantime.  No point in inheriting more complexity than absolutely necessary.

--Martin

v2.23.0 | Report a Bug | By Email