[Hls-interest] Token Auth support
"Law, Will" <wilaw@akamai.com> Wed, 24 March 2021 18:52 UTC
Return-Path: <wilaw@akamai.com>
X-Original-To: hls-interest@ietfa.amsl.com
Delivered-To: hls-interest@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 473563A3334 for <hls-interest@ietfa.amsl.com>; Wed, 24 Mar 2021 11:52:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.349
X-Spam-Level:
X-Spam-Status: No, score=-2.349 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.251, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zhunbrUmkVXg for <hls-interest@ietfa.amsl.com>; Wed, 24 Mar 2021 11:52:03 -0700 (PDT)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 156C23A3335 for <hls-interest@ietf.org>; Wed, 24 Mar 2021 11:52:02 -0700 (PDT)
Received: from pps.filterd (m0122333.ppops.net [127.0.0.1]) by mx0a-00190b01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 12OIiAij024824 for <hls-interest@ietf.org>; Wed, 24 Mar 2021 18:52:01 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : subject : date : message-id : content-type : mime-version; s=jan2016.eng; bh=nmhlQ0SHoTw9RbFHuzuxv2/zPi+p4mWm6+xLfjv2Sew=; b=XVXJjbvSLs7e2kxmKjk8b2Nhv8UvR53floNIQku3GXkmzEw2EEueX/eq+aFvL3FbB11Z QO18snhAyZMLoYR+mMYyez8uUQnFZfuTFRcErU4LEPlXlNxwNzjLqAmIsi0nBe2qtgZz JXPTmM7lWtIFixCONyVriktFczRO4r7JORnwl8Li8xh3535Y7FKj0gtjeDt1X/KlD/nC ZYR1tIAsKiq1nIDVMkFXklIbiybGlnnBL7bzk1kjjDuzc0UTx9RTw4lMQ+YQAXsfjKC5 cSo28zblNPXIilJNjDkkvNAcvUbUxjBtfctvl8hoMy9CKTUEPraZ0JCPJoXF4WRO4N/q 0Q==
Received: from prod-mail-ppoint3 (a72-247-45-31.deploy.static.akamaitechnologies.com [72.247.45.31] (may be forged)) by mx0a-00190b01.pphosted.com with ESMTP id 37d96n39v2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <hls-interest@ietf.org>; Wed, 24 Mar 2021 18:52:00 +0000
Received: from pps.filterd (prod-mail-ppoint3.akamai.com [127.0.0.1]) by prod-mail-ppoint3.akamai.com (8.16.0.43/8.16.0.43) with SMTP id 12OIp0g4024539 for <hls-interest@ietf.org>; Wed, 24 Mar 2021 14:52:00 -0400
Received: from email.msg.corp.akamai.com ([172.27.165.113]) by prod-mail-ppoint3.akamai.com with ESMTP id 37dccytfjt-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <hls-interest@ietf.org>; Wed, 24 Mar 2021 14:51:59 -0400
Received: from USTX2EX-DAG1MB2.msg.corp.akamai.com (172.27.165.120) by ustx2ex-dag1mb2.msg.corp.akamai.com (172.27.165.120) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 24 Mar 2021 13:51:59 -0500
Received: from USTX2EX-DAG1MB2.msg.corp.akamai.com ([172.27.165.120]) by ustx2ex-dag1mb2.msg.corp.akamai.com ([172.27.165.120]) with mapi id 15.00.1497.012; Wed, 24 Mar 2021 13:51:59 -0500
From: "Law, Will" <wilaw@akamai.com>
To: "hls-interest@ietf.org" <hls-interest@ietf.org>
Thread-Topic: Token Auth support
Thread-Index: AQHXIN7Edm9IiPt/dkyvJgaQV5Vcug==
Date: Wed, 24 Mar 2021 18:51:58 +0000
Message-ID: <E2E3E5DC-B456-446D-B6B4-2B756463A982@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.45.21011103
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.27.164.43]
Content-Type: multipart/alternative; boundary="_000_E2E3E5DCB456446DB6B42B756463A982akamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.369, 18.0.761 definitions=2021-03-24_13:2021-03-24, 2021-03-24 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 adultscore=0 bulkscore=0 mlxscore=0 phishscore=0 suspectscore=0 malwarescore=0 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2103240134
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.369, 18.0.761 definitions=2021-03-24_13:2021-03-24, 2021-03-24 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 lowpriorityscore=0 spamscore=0 phishscore=0 malwarescore=0 mlxlogscore=999 clxscore=1015 adultscore=0 impostorscore=0 suspectscore=0 bulkscore=0 mlxscore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2103240134
X-Agari-Authentication-Results: mx.akamai.com; spf=${SPFResult} (sender IP is 72.247.45.31) smtp.mailfrom=wilaw@akamai.com smtp.helo=prod-mail-ppoint3
Archived-At: <https://mailarchive.ietf.org/arch/msg/hls-interest/uRsGgoFC9J5zE3mWQyD8Re8P-_c>
Subject: [Hls-interest] Token Auth support
X-BeenThere: hls-interest@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussions about HTTP Live Streaming \(HLS\)." <hls-interest.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hls-interest>, <mailto:hls-interest-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hls-interest/>
List-Post: <mailto:hls-interest@ietf.org>
List-Help: <mailto:hls-interest-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hls-interest>, <mailto:hls-interest-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 18:52:07 -0000
A number of CDN & workflow operators are concerned that the current design of HLS Content Steering (even with the QUERY-PARAMS object just unveiled this morning) is incompatible with the wide variety of token auth implementations used in practice today in multi-CDN implementations. We had an ad-hoc meeting last week and the notes are publicly available<https://docs.google.com/document/d/1Umhr7ioyZ0Svjp93UDajYJRb88MKvTCabNsAQuHnXGA>. Rather than simply reporting the problem, we also attempted to propose a solution. This we term ‘Redundant Stream Steering” and it is documented here<https://docs.google.com/document/d/1f4_9hU_4DXPiKusF1QMUX3OY2DRbYnEWimGcj7T1-ZE/>. Discussion is ongoing. We wanted to surface this to Apple sooner rather than later, as we appreciate that the window for design changes in HLS Content Steering is growing smaller. As part of a larger concern, questions on the robustness of content steering across Server-Side Ad Insertion were also raised. The SVA are looking in to these issues under the guidance of Glenn and will report separately. Will, on behalf of David Brown - Amazon CloudFront Peter Chave - Akamai Phil Cluff - Mux Andrew Crowe - Limelight Networks Glenn Goldstein - Lumen Trevor Hunsaker - Verizon Media Jessica Obermark - Verizon Media Rob Roskin - Lumen Zac Shenker – Fastly PJ Speelmans - Theoplayer Nicolas Weil - AWS Elemental
- [Hls-interest] Token Auth support Law, Will
- Re: [Hls-interest] Token Auth support Ray van Brandenburg
- Re: [Hls-interest] Token Auth support Goldstein, Glenn
- Re: [Hls-interest] Token Auth support Roger Pantos