[CDNi] review of draft-ietf-cdni-interfaces-https-delegation-11
Thomas Fossati <Thomas.Fossati@arm.com> Thu, 25 August 2022 21:04 UTC
Return-Path: <Thomas.Fossati@arm.com>
X-Original-To: cdni@ietfa.amsl.com
Delivered-To: cdni@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3366C14F72F; Thu, 25 Aug 2022 14:04:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=HXRF/JEg; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=HXRF/JEg
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xbYpcYHO5hI9; Thu, 25 Aug 2022 14:04:56 -0700 (PDT)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2073.outbound.protection.outlook.com [40.107.21.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 37544C14F75F; Thu, 25 Aug 2022 14:04:52 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass; b=cLb4IAK4eb5LeFZGSbwldQUfUZ6sOPqFU6rnaIrh9VnsDHJ4rP59aeLN/KL+042nz3WYXvgtD7l42SnUtynMtME0WLxNYtAeaANojhn5UqhRagwSjRpXEhdt7DUxd/LZWyKtQl0LDJEQxGPMiWIsBn/AytkdruLZPkemmUxXC36cpmVU5XJQVxFEoHOoEE8VpG4aFJN/f8JEiDX++AbY/cgE5BDEtHiLQEmBDpU7VgDNywbbCn4ZDgWbukQyH6E8CpErZ8za5uXkX9seLve4GkeRSeDHYOGh7Wnd08Y35vLXqhj1DFX3wCLYlNKf4roG1hwsTsmMMdvYqLEX4ZRFxw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=hiMPNt1oyoGBrLAgZiysZUXoXJnbAn5+7DKUFzpy2dw=; b=csHmZJ+Fp6sacRbsNdcO4wfGVSCkJu1qcI7MwJGsoKMD1Pl6zDsDTmqn2u1UwdkeDRn09ePzLj3OCe+cWpRwFfJmmJCwwKQcgTW6dNplgBXV4ViUnJXE7MZYFqb2a7kDAbPfwPbrLlu9ufQCJ7yPxQlRdnzU+1ZFb1mEAuFGtNXOe7YYj9dWNWGoQ4DSmymgXPGxVX+U4azTPAzKeDaOc/gWJRpFjb6FFGfpYHrgMpRCJX8BxhL4s2Rj7wnqo1YG+jryl7TflblRi+Brh04ZP1r5qGE1WNShV1MC43BlR+9XMSTtw14hg64UvUg8/vgH5DEIY34vZPDe7Lmp+8+kwg==
ARC-Authentication-Results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 63.35.35.123) smtp.rcpttodomain=ietf.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=arm.com] dkim=[1,1,header.d=arm.com] dmarc=[1,1,header.from=arm.com])
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hiMPNt1oyoGBrLAgZiysZUXoXJnbAn5+7DKUFzpy2dw=; b=HXRF/JEg6jOzOX1qcuDBHedBbQ7IRpIVF5XIo2nePKHyYlczaqMWQ7iAv27+OjE6bGl12I+tgszyriGkCElLdknWPE4dyDr/xU1yCa8xpL0HnILQVVClp4lEvygxatzHbtHnt/L61S63IqO4fGuNRaiHr10RmLC2YPmNN6rl+T4=
Received: from AM6P191CA0037.EURP191.PROD.OUTLOOK.COM (2603:10a6:209:7f::14) by DU2PR08MB7376.eurprd08.prod.outlook.com (2603:10a6:10:2f4::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5566.14; Thu, 25 Aug 2022 21:04:46 +0000
Received: from VE1EUR03FT054.eop-EUR03.prod.protection.outlook.com (2603:10a6:209:7f:cafe::58) by AM6P191CA0037.outlook.office365.com (2603:10a6:209:7f::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5566.15 via Frontend Transport; Thu, 25 Aug 2022 21:04:46 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by VE1EUR03FT054.mail.protection.outlook.com (10.152.19.64) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5566.15 via Frontend Transport; Thu, 25 Aug 2022 21:04:44 +0000
Received: ("Tessian outbound cc6a8ab50b6b:v123"); Thu, 25 Aug 2022 21:04:43 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: c1833937a38f2adf
X-CR-MTA-TID: 64aa7808
Received: from 2a5e684170da.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 5EA37611-9C05-4EFF-BB2D-3A64DB67DC71.1; Thu, 25 Aug 2022 21:04:36 +0000
Received: from EUR05-AM6-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 2a5e684170da.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Thu, 25 Aug 2022 21:04:36 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iiuSqtN261tTWU6gGDAS1ucnLr9M27d15sbfn68bYV7m8+KSA/mZundw65kZ3vQGYRkSk3FmPWRdRaLa82Nrb5ka32U42U1x9qHFZ0SlvLXIaoFWKPxqP6raGcLR6iId/vVsHcaxUcWFfkUlxN//ARC+9kqv3aYTm6rNbXKReT97OlKzzZ7H3aIIwmMCLGirbnUm6pJkZPvv6IkzRnvw8QKtMmuqjm7ThW2CSE46+JmiHHV7HuPke0WtFFkOPRW36wo5g9ZxI6JDmYRGrpZejvYbXMSi4o0ZR4Wa/YTowHQ0X6/JIPtpfh/3H13sQGZNFb5PTUWmJChVQP+R1q1jqw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=hiMPNt1oyoGBrLAgZiysZUXoXJnbAn5+7DKUFzpy2dw=; b=FxuJ88YTFPgzgUaMvlWqmOKSyQ7d5SE0Q8b60NJ3LvrtN56aGqqVxLvjM8Z7FfYiWg0XQEmegOoHXaEqcM80N/GGV7ZiK9z/nDj1JCGHdpA7cqHTgkJwhrtUSTTDIyYLMp+a/KCNwfTVe+J0tLaXomSgmd7dW3JPD8/yStfvhetj+QqAbgT8tTFRxNBBfkDIaYbHkz7ElZDu75iHH2hc2uqVfYJuEy8JrZ6TY+W6LdlqVqMu8UwIoHYA9ksl8GxeuiJraLkJomJiNcc5Pguuuy5vVnuG3jwJW1w72vdtauU0rEIoB9EYd7MinvMwNV0TUn0F2WF9hg4RMeCa0Fa6lA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hiMPNt1oyoGBrLAgZiysZUXoXJnbAn5+7DKUFzpy2dw=; b=HXRF/JEg6jOzOX1qcuDBHedBbQ7IRpIVF5XIo2nePKHyYlczaqMWQ7iAv27+OjE6bGl12I+tgszyriGkCElLdknWPE4dyDr/xU1yCa8xpL0HnILQVVClp4lEvygxatzHbtHnt/L61S63IqO4fGuNRaiHr10RmLC2YPmNN6rl+T4=
Received: from DB9PR08MB6524.eurprd08.prod.outlook.com (2603:10a6:10:251::8) by AM0PR08MB3377.eurprd08.prod.outlook.com (2603:10a6:208:d4::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5566.15; Thu, 25 Aug 2022 21:04:34 +0000
Received: from DB9PR08MB6524.eurprd08.prod.outlook.com ([fe80::c562:123f:fdc0:632a]) by DB9PR08MB6524.eurprd08.prod.outlook.com ([fe80::c562:123f:fdc0:632a%7]) with mapi id 15.20.5566.015; Thu, 25 Aug 2022 21:04:34 +0000
From: Thomas Fossati <Thomas.Fossati@arm.com>
To: "draft-ietf-cdni-interfaces-https-delegation@ietf.org" <draft-ietf-cdni-interfaces-https-delegation@ietf.org>
CC: "cdni@ietf.org" <cdni@ietf.org>, "yaronf.ietf@gmail.com" <yaronf.ietf@gmail.com>, "diego.r.lopez@telefonica.com" <diego.r.lopez@telefonica.com>, "antonio.pastorperales@telefonica.com" <antonio.pastorperales@telefonica.com>
Thread-Topic: review of draft-ietf-cdni-interfaces-https-delegation-11
Thread-Index: AQHYuMWp28KZFJHg402yfw+pKp04qg==
Date: Thu, 25 Aug 2022 21:04:33 +0000
Message-ID: <DB9PR08MB652450D660029E7FD0B65BE59C729@DB9PR08MB6524.eurprd08.prod.outlook.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
X-MS-Office365-Filtering-Correlation-Id: 07fae951-1c1f-46b6-415d-08da86dd6fa1
x-ms-traffictypediagnostic: AM0PR08MB3377:EE_|VE1EUR03FT054:EE_|DU2PR08MB7376:EE_
x-checkrecipientrouted: true
nodisclaimer: true
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: rRvrUnM4ahsOaqCY6OvFKMCmVFrTWSVQmngiaMCYskaRbgl8oVXLKNmJZkt6/BVja7mAJl48Oofh8wfPkWWCPD9xh+bDmLpLsHfhtB4D130kTBW+MAyV8e82CVzQH6NiTtqGQpJ+WMcVb+nXQTYEHwHLY3YR9HtILprDBUjmPVU0Oucq0lxLvK9zObUbde6LL1MCfrlUa31RXwKKsSpkF6viRFt40lRqLtZV3Gxl0QUgeVu3GQ7qXuqV0rIFpSRRZsi5cJFBvFJfL+L0cI6ij/L8AsRpbYjNyfdlOUXwau1zohHT2i92MaRIeNR3dD7oLAxaQwqnRlBGi/bk6y1A1QAJUO2qGKaMEXY/fCaUj2izzePk4XqkcxB59ccbn1YK7JLN3LeFpE7Zv2WXN+E69jRXaHUy+UFbnC31dHNze/OQIL4gsis/ZWh9YCcCPv6v1wcoqByQrGEJrV6+yTPT21B6//kf1+78RSiw3SdUebPm3fn8nnTC0+tZdUUVjJRN+KIRQuU2wcjdOl4r8bChSEF2k7dbtxdp6GD41+9uhRgIX6j7SuohfI3/ybNZYVjxwxqzdxIoXtcYd2To9YkQBz5biYyWMFGA3gy8jC894Ik0F2Qiu2qMmzMw7asv8Cd9AAdnkivPf9Au7/EKxV/b2EAlq3ENN9yIdwiJcF2+0XTRFaLd2hv6lt6oUQHlQbkTptzaOW1sYfjiG+bRYv0FuDCBw5dQNrsKgGrhHl7JzzM5ybKGMtaTyKAX6XAJIVptAAY0gzG28D4I6pnzArSTxhTbVQubfnT05zqaQgs5gK6X7nhj4YREYRjAlgbiVsI4pKbAJliC6v5B0VVBm5Z9Cg==
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB9PR08MB6524.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(346002)(396003)(136003)(39860400002)(366004)(376002)(41300700001)(83380400001)(38070700005)(8936002)(76116006)(966005)(64756008)(66946007)(66476007)(66556008)(66446008)(91956017)(2906002)(55016003)(186003)(6916009)(7696005)(6506007)(86362001)(54906003)(5660300002)(33656002)(71200400001)(316002)(122000001)(9686003)(8676002)(4326008)(52536014)(38100700002)(26005)(478600001); DIR:OUT; SFP:1101;
Content-Type: multipart/alternative; boundary="_000_DB9PR08MB652450D660029E7FD0B65BE59C729DB9PR08MB6524eurp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB3377
Original-Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT054.eop-EUR03.prod.protection.outlook.com
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id-Prvs: af43c361-35b3-49fb-8fb0-08da86dd6960
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: e2PhzN3EhoEr7CFiBNq65Fd91vTGkGFuhjo17LFWH+oIvEUPLCsjj3/GdkUCj7SPnc/10Knr7nKRlb1mPPtdbhe+ms1NL09zPVdiyQJOfzzTzrDKs+WO4zgMiyPtar0KRDykOGebL1urQ7QFMITXCkkuYzUr6r+7/J87HrzatY7r4lhyoNx5k/ctKOckcxUUJ4lKp5y8lnE5EC5t9vm5amGVvSPJNMvdoJbpoO6yGlw/8oSvM0iMZBLH0T1hQNRNv9b7uemLqWd0Vx5rX/kgU+9ODgqyR/E6CLST1JIEtMVbQaB2M2QaInxCG8KNmAn27RTs9kEOBkwiDn0R22CNNpAIW5XTMFO78aUa4q9iAS+8W+Bz59oDCobsAuOpW6jpM5MCIy/qw8k00/lRY7caRtstKFHkZvG6WizZwKRNjkbYVi40ualQBMDb1mRgC81pwoj+6VaB/LFFM/VmowJxK9/HMU2fupb4veQKWDyRq+fqNiv4O+pKU4M+6lebo5LZnZHurmIGah4+r3z9cpePBIo9cFWIoPtfKs3hjXMrzdo1BVykz5rsQaGTYGIRDbI59OIXk0MpWWri+nSXqUD7p23WSBlo+j5+Ap4Kl3GtgBaZsWwgVQgIYmAixIQm2cc5GatHHF8cQxqBmMqxRwj3OB8rNNmFySEt5xc9KX4ZFM2l9HdPOlD/cWX0IfOk2in4fUkMcoq7NvEiqFBFZ2KgQuMNAuOHiqcqhCG/vzBEzseKo+LO0lcaj/MWHvFrOnrFD4PlZZXz0sEzm5Q4wUeD6/CZYwYo+j0vaxPWCj1/HXBEnXgUJx78KiGqLptR93+7XOB2ABANfwYxY0pDBrYcBw==
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFS:(13230016)(4636009)(136003)(376002)(39860400002)(396003)(346002)(40470700004)(36840700001)(46966006)(41300700001)(6506007)(26005)(83380400001)(336012)(47076005)(81166007)(7696005)(9686003)(186003)(107886003)(356005)(86362001)(55016003)(2906002)(36860700001)(40480700001)(40460700003)(82740400003)(82310400005)(8936002)(478600001)(52536014)(316002)(33656002)(54906003)(5660300002)(6916009)(8676002)(4326008)(450100002)(70206006)(966005)(70586007); DIR:OUT; SFP:1101;
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Aug 2022 21:04:44.3205 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 07fae951-1c1f-46b6-415d-08da86dd6fa1
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-AuthSource: VE1EUR03FT054.eop-EUR03.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU2PR08MB7376
Archived-At: <https://mailarchive.ietf.org/arch/msg/cdni/Lx3QtmxKRKQhWtvFq6N13AS563U>
Subject: [CDNi] review of draft-ietf-cdni-interfaces-https-delegation-11
X-BeenThere: cdni@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This list is to discuss issues associated with the Interconnection of Content Delivery Networks \(CDNs\)" <cdni.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cdni>, <mailto:cdni-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cdni/>
List-Post: <mailto:cdni@ietf.org>
List-Help: <mailto:cdni-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cdni>, <mailto:cdni-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Aug 2022 21:04:59 -0000
Hi Fred, Sanjay, Emil, I have reviewed draft-ietf-cdni-interfaces-https-delegation-11. I think the document is on the right track although there are still a few things that need to be ironed out before it's fully usable. I am happy to work with you on each of the points I've made below. BTW, I wanted to provide some of my comments as PRs but it doesn't look like the latest version is on GitHub [1]? [1] https://github.com/FredericFi/cdni-wg # Abstract Plural/singular mismatch: OLD a new Footprint and Capabilities metadata objects NEW new Footprint and Capabilities metadata objects --- You need to explain what you mean by "HTTPS delegation", e.g.: OLD to support HTTPS delegation between two or more interconnected CDNs. NEW to support delegating the delivery of HTTPS traffic between two or more interconnected CDNs. --- Maybe explain the advantages of using ACME Delegation over private key sharing, e.g.: OLD Specifically, this document outlines CDNI Metadata interface objects for delegation method as published in the ACME-STAR document [RFC9115]. NEW Specifically, this document outlines CDNI Metadata interface objects for HTTPS delegation based on the interfaces for obtaining delegated certificates defined by RFC9115. Using RFC9115-profiled ACME avoids the need to share private cryptographic key material between the involved entities, while also allowing the delegating CDN to remain in full control of the delegation and revoke it at any time. # §1. Introduction First para: You could be more explicit about the fact that the credential delegation is needed when DNS-based redirection is used. In fact, HTTP-based redirection has no special requirements in terms of credential management -- though it has higher TTFB. Second, third and fourth para may be condensed taking RFC9115 by reference and using pointers to its §1, §2.4, §5.1.2, §5.1.2.1. # §2. Terminology I think it's also worth pointing to §1.1 of 9115 and §1.2 of 8739 for ACME Delegation / STAR specific lingo. # §3. Advertising delegation metadata for CDNI through FCI OLD The FCI.Metadata object shall allow a dCDN to advertise the NEW The FCI.Metadata object is used by the dCDN to advertise the One thing that it's not fully clear to me is whether you want to only use STAR or you also allow non-STAR delegation? 9115 defines both flows (see §2.3.2 and §2.3.3, and also §2.3.6.1 and §2.3.6.2), whilst you only define a AcmeStarDelegationMethod. I think you need to be more explicit regarding which subset of 9115 you mean to leverage. (typo: AcmeStarDelegationDelegationMethod) # §4. ACME Delegation metadata for CDNI I am wondering what is the best way to reuse the material from §5.1.2.1 of 9115 (esp. Figure 11). Maybe you could just copy it over? In case you can find the source for the pics here [2], [3]. [2] https://raw.githubusercontent.com/yaronf/I-D/main/STAR-Delegation/art/cdni-dns-redirection.ascii-art [3] https://raw.githubusercontent.com/yaronf/I-D/main/STAR-Delegation/art/cdni-delegation.ascii-art I reckon Figure 1 provides a good overview of the overall process, but lacks a bit of detail to be really useful to an implementer / deployer. In general ISTM that there is some missing link-up to do with the relevant sections in 9115 here. I'd be more than happy to help closing the gap. Cheers, t --- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
- [CDNi] review of draft-ietf-cdni-interfaces-https… Thomas Fossati
- Re: [CDNi] [E] review of draft-ietf-cdni-interfac… Mishra, Sanjay