Liaison statement
Liaison Statement on URI Signing for MPEG-DASH to IETF

State Posted
Posted Date 2015-07-07
From Group ISO-IEC-JTC1-SC29-WG11
From Contact Shinji Watanabe
To Group IETF
To Contacts The IETF Chair
CcThe IESG
Stephan Wenger
Purpose For information
Attachments Liaison Statement on URI Signing for MPEG-DASH to IETF
Body
MPEG would like to thank IETF for considering the MPEG-DASH use case in the context the URI Signing for CDN Interconnection (CDNI) specification. In addition, MPEG appreciates the communication on the rescheduled completion date of this specification.

At the 112th MPEG meeting MPEG experts studied the new draft and analysed its integration in MPEG-DASH. The discussion led to several comments and observation that MPEG experts would like to share with the IETF CDNI working group. The comments are captured below.

Behaviour of the User Agent
According to the URI Signing specification, URI Signed Token may be transported with an HTTP response header. In that case, the User Agent is expected to extract the URI Signed Token from this specific HTTP header and reinsert it in the next HTTP request as a query string argument. MPEG experts would like to know whether the IETF CDNI working group intended to mandate this behaviour in the User Agent, or whether it is up to the application to handle this operation.

Long-term tokens
Some DASH services may use long-term tokens to request segments, where long-term typically means couple of hours to several days. In this scenario, additional tokens (not URI Signed Token) are sent along to enforce client authentication. As a result, refreshing the URI Signed Token every time the CDN receives a request may seem superfluous. MPEG experts would like to know the opinion of the IETF CDNI working group on this scenario and whether the validation mechanism could be adapted, e.g. by signalling when the CDN must regenerate a new URI Signed Token.

Name collision
MPEG experts understand that the name URISigningPackage, as a query string, as an HTTP header parameter or in a cookie, constitutes a normative aspect of the URI Signing specification. MPEG experts would like to know whether the IETF CDNI working group has decided the appropriate approach to prevent name collision.

MPEG kindly asks the IETF CDNI working group to consider the above observations and welcome further collaboration on this topic.

Our future meetings:
-       DASH Ad-hoc meetings, 17 August 2015, San Diego, and 18 October 2015, Geneva
-       The 113th MPEG meeting, 19 – 23 October 2014, Geneva