Markdown Version | Session Recording
Session Date/Time: 16 May 2023 14:00
ALTO
Summary
This ALTO interim meeting, the fourth focused on OM and Transport drafts, reviewed the progress and open issues for draft-ietf-alto-om-json and draft-ietf-alto-transport. Key discussions revolved around specific YANG model constraints, security considerations, and outstanding reviews. The working group aims to resolve all open issues, publish new revisions of both drafts by the end of the week, and launch a second working group last call early next week, targeting publication readiness by the first week of June. Plans for a future interim meeting on security and privacy were also discussed.
Key Discussion Points
ALTO OM JSON Draft (draft-ietf-alto-om-json)
- Review Status: The authors presented updates addressing previous working group last call reviews.
- PSVR (Peter van der Stok) and Ops Director (Benoit Claise) comments have been addressed.
- YANG Doctor (Andy Bierman) comments mostly responded to, with some requiring further discussion on GitHub.
- Two non-blocking open issues and three pending enhancement issues remain from chair reviews.
- Open Issue 1: Character Patterns for
SourceIDandRuleName:- Discussion centered on the lack of explicit justification for
patternconstraints onSourceIDandRuleNamein the YANG model, as noted by the YANG Doctor review. - There was a sense that over-specification without clear semantic linkage to the base ALTO specifications should be avoided.
- A suggestion was made to remove the
patternconstraint while maintaining thetypedefinition (e.g., string with length 1 to Max), consistent with IETF YANG best practices for basic identifiers. - Consistency with max string lengths defined for other ALTO types across existing specifications was highlighted as important.
- Discussion centered on the lack of explicit justification for
- Open Issue 2: Security Considerations:
- The proposed revisions to the security section included two distinct areas:
- Setting
status currenttoread-onlyfor authentication-related data nodes, with a note for extension modules that might introduce new authentication-related elements. - Considering negative impacts of improperly constrained writable data nodes (e.g.,
feed-interval,poll-interval) on system performance, possibly suggesting configurable thresholds.
- Setting
- It was noted that these represent two distinct categories: security (authentication/authorization) and operational issues (data integrity, system stability). The discussion highlighted the need to align with the standard YANG data model security template, focusing on identifying sensitive nodes and providing specific descriptions.
- The proposed revisions to the security section included two distinct areas:
- Open Issue 3: Notifications:
- The issue raised the need for notification mechanisms, potentially for resource threshold exceeding.
- The discussion explored whether to leverage existing ALTO alert modules for generic notifications or define new mechanisms, considering notifications for broader events beyond just resource limits (e.g., server crashes, abnormal polling intervals, connection status changes).
ALTO Transport Draft (draft-ietf-alto-transport)
- Review Status: The authors provided an update on the document's status.
- Ops Director and TSB ART reviews have been addressed, though public confirmation from the TSB ART reviewer is requested.
- The HPDR (Martin Thompson) review remains the primary outstanding roadblock.
- HPDR Review Remaining Issues:
- Editorial changes have been made to address specification clarity (e.g., using "must have the format of" instead of "should be like") and term consistency.
- A new design was introduced to remove the need for an initial query round to fetch data.
- Two critical points from the HPDR review still require resolution:
- Confirmation with Martin Thompson on the proposed solution using HTTP/2 server push.
- Justification and additional text explaining the rationale for binding a session to a single processing connection.
Decisions and Action Items
- OM YANG Draft Reviewers:
- Richard Li volunteered to review
draft-ietf-alto-om-jsonfor the second working group last call, specifically focusing on consistency ofMaxstring lengths. - Ching Wu volunteered to review
draft-ietf-alto-om-json. - ACTION: Matt Wählisch to find two additional reviewers for
draft-ietf-alto-om-json.
- Richard Li volunteered to review
- OM YANG Draft Security Section:
- ACTION: Richard Li to review the security considerations section of
draft-ietf-alto-om-jsonagainst the standard YANG data model security template.
- ACTION: Richard Li to review the security considerations section of
- OM YANG Draft Notifications:
- ACTION: Jensen (authors) to raise the discussion about generic notification mechanisms (beyond just resource limits) on the ALTO mailing list, ensuring it's linked to the relevant GitHub issue.
- Transport Draft Reviewers:
- Ching Wu volunteered to review
draft-ietf-alto-transport. - Richard Li volunteered to seek 1-2 external HTTP experts to review
draft-ietf-alto-transport. - ACTION: Matt Wählisch to coordinate with Richard Li to secure additional reviewers for
draft-ietf-alto-transport.
- Ching Wu volunteered to review
- Transport Draft Justification:
- ACTION: Authors of
draft-ietf-alto-transportto add text justifying the design decision to bind a session to a single processing connection.
- ACTION: Authors of
Next Steps
- Authors of
draft-ietf-alto-om-jsonanddraft-ietf-alto-transportare requested to submit new revised versions incorporating the discussed changes and addressed issues by the end of the current week. - The chairs plan to launch the second working group last call for both drafts at the beginning of next week.
- A future ALTO interim meeting will be scheduled to focus specifically on security and privacy considerations for ALTO, with initial proposals from Luis (Telefonica CDN integration concerns), Ayob (three tentative ideas), Richard Li (multi-domain security/privacy analysis), and Judy (gradient boosting for privacy-preserving maps). Participants are encouraged to share further ideas on the mailing list.