- From: Michiel Leenaars <michiel.ml@nlnet.nl>
- Date: Fri, 15 May 2020 10:13:38 +0200
- To: <ietf-http-wg@w3.org>
Hi Paul, (@all: I moved this into a separate thread, as a newcomer to this particular list I do not know is appropriate, but I do not think it is useful to continue diluting the responses to the original thread which had an actual action to them. And I apologise for diverting your attention from more important discussions, and for the length of my response to follow. Feel free to ignore, or to contact me directly should you wish to discuss further) > i don't think your attempt to define CDN is relevant. the companies selling > things under that umbrella are either leading or following the > market, rather > than consulting a dictionary to find our what business they are > in. I certainly agree that market actors will gladly use and abuse any technical term as marketing terminology, no matter if it makes absolutely no sense or is even an outright lie. I have seen cable companies in our part of the planet deliver so called 'ADSL' services to consumers with a straight face, because 'their marketing department said that people associated that with fast internet'. The inability to make certificate providers see that a logo 'protected by SSL' is inadequate 'because people do not understand what TLS means' goes in the same direction. I agree of course also that all relevant use cases, such as container-orchestration systems, need to be taken into account. This belongs back in the original thread. That does not preclude us from having a working definition of different roles we see in the landscape. The word 'delivery' in CDN is rather key here, anything more than delivering is a fundamental change of role. I certainly do not claim the authoritity to write the ultimate definition of what a CDN actually is or is not, but having a temporary working definition helps to subsequently distinguish passive roles (i.e. a bit bucket for high volume assets one can fully replace even client side, as browser plugins like DecentralEyes prove) from actual active nodes at the edge which 'own' or 'originate' unique elements and processes present nowhere else (for which this is fundamentally not possible). The passive component is instantly exchangeable and thus tolerated inside a trusted computing base as long as that complies with the required level of security and privacy, but for sure it can also be easily removed or instantly swapped for use cases that are different - e.g. by a local or external proxy that caches the content before it reaches the CDN a second time. It is not fundamentally necessary to deploy CDNs either, and I personally avoid doing so. The active end point cannot be placed outside of the trusted computing base in any way, it does not have the mere role of delivery but is a data source or service component which is unique for the given situation. By virtue of that, use of such a service does leak information about the user base of a service to a another party. That is a meaningful and fundamental distinction, for which I am obviously happy to mentally link or retrofit into to any official definition you can point me to rather than me trying to crudely define it myself. Correct terminology matters a great deal, because it provides the linguistic surgery tools of our thinking. The abstract distinction between the two different roles is what matters to me. To illustrate, this is perhaps in part analogous to how traditional postal companies deliver mail which may or may not have a sealed envelope around it (*), versus fulfillment companies which actually do personalised mass mail merges and print and compile those sealed envelopes based on full access to their content as well. All postal companies offer fulfillment services, and all fulfillment services get your mail to some delivery company - which may be a traditional postal service or an alternative network of smaller delivery companies (or even a postal delivery robot as we saw recently). (*) envelopes are not always closed and postal service deliver unprotected postcards and print too, of course, and with enough equipment letters can be looked into without opening them. If you use such a combined service, the end result is the same whichever operator you use. Economically, on the outside when looking at all of them as 'one stop' service providers it is indeed a group of actors delivering a similar set of services. But of course, a significant part of regular mail is not done through fulfillment. If I (or the tax office) want to send you a confidential letter with say access credentials, we write or print a letter ourselves and carefully seal a scan-proof envelope, and just use the delivery channel. I have no need to use a third party fulfillment service, and it would be unwise in terms of operational security as it vastly increases the attack surface. Delivering traditional mail with a sealed envelope is the core service which is only available from the postal company and its competitors in the delivery realm. This does not require a full transfer of trust, the delivery company does not per se have the sender nor the contents of the mail delivered - as long as there are enough stamps and the envelope is adequately sealed. I can easily replace the delivery company with say a courier, or deliver it myself if I hire people. Fulfillment (like edge computing) is a different role from delivery, as the content or service delived by the edge node (like the postal piece) would just not exist. It is outsourcing core functionality. My reason to reply to the original thread was that the traditional CDN role can take place fully without authentication (even by pushing it to another subdomain), and therefore is not that relevant to consider. The edge compute case is indistinguishable from the cloud provider case, which is fully in scope - but I believe that has been taken into account and should not be an issue. As mentioned above, apologies for the lenghty reply. I am happy to continue this argument offline, since it sparked off a remark made by me. But we all have better and more urgent things to do. I wanted to clarify since asked, and hope there is nothing controversial in my reply that makes it necessary to continues this thread. Have a great day, Michiel
Received on Friday, 15 May 2020 08:13:54 UTC