**Session Date/Time:** 23 Jul 2024 20:00 # cdni ## Summary The CDNI working group meeting at IETF 120 in Vancouver covered several drafts under IESG review and working group drafts. Key discussion points included the integrated credentials subsets draft, capacity insights and protected secrets drafts, as well as documents covering access control metadata, cache control metadata, and triggers. The group also discussed potential impacts of some documents on the scope of the charter and the use of third-party references. ## Key Discussion Points * **Integrated Credentials Subsets Draft:** Status update, addressing IESG review comments, and minor updates on references and security considerations. * **Capacity Insights Draft:** Addressing outstanding comments from Carsten Bormann regarding the telemetry source types registry. Decision made to create an IANA registry for telemetry source types. * **Protected Secrets Draft:** Need for more implementation feedback. Discussion on trademark issues related to HashiCorp Vault and obtaining necessary permissions. * **Generic Metadata Object Draft:** Clarification of the concept of "origin" in the context of CDNs and CORS protocol. Discussion on referencing the MI pattern match definition in RFC 8006. * **Cache Control Metadata Draft:** Addressing comments on open caching terminology, example formatting, and the use of the terms "origin" and "client." Issue of a normative reference to an SVTA document identified as a blocker for working group last call. * **Client Access Control Draft:** Review of comments on the draft's scope, specifically regarding TLS connection details and their placement in the edge control metadata draft. Update references to SVTA drafts to IETF drafts upon adoption. Discussion on making the client connection control mandatory. * **Source Access Control Metadata Draft:** Discussion on whether the document should be separated into two parts: one for connecting to a source/origin and another for authorization aspects. * **Control Interface and Triggers (RFC 8007bis):** Update on progress since Brisbane, including changes related to object lists, execution policy, private URLs, restful API, the removal of local time policy, and making the CDN identifier optional. * **CDNI Named Footprints:** Discussion on advertising footprints in non-ALTO implementations. * **Third-Party References:** General discussion on normative references to non-standard track documents (e.g., HashiCorp Vault, AWS), including the down-reference process and potential solutions. * **Charter Scope:** Concerns raised about the processing metadata draft and its alignment with the charter regarding the creation of synthetic responses. * **Shepherd's Write-ups:** Call for volunteers to write shepherd's documents for drafts nearing IESG submission. * **Private Features:** Discussion postponed to the mailing list due to time constraints and Arnon's absence. ## Decisions and Action Items * **Capacity Insights Draft:** Create an IANA registry for telemetry source types. * **Cache Control Metadata Draft:** Convert select SVTA docs into IETF draft room docs for the next IETF, addressing down reference issues. * **Client Access Control Draft:** Update draft with agreed upon solutions. * **Source Access Control Metadata Draft:** Respond back to the mailing list comments. * **Triggers Draft:** Review old language, and clarify trigger commands. * **Named Footprints Draft:** Evaluate if footprints should be included with capabilities in non-ALTO framework. * **Third-Party References:** Discuss further on the mailing list. * **Charter Scope:** Discuss on the mailing list whether synthetic responses are covered by the charter or not. * **Shepherd's Write-Ups:** Request volunteers on mailing list. ## Next Steps * Respond to comments on mailing lists for several drafts. * Discuss third-party references, charter scope and other open questions on the mailing list. * Potentially schedule an interim call to further discuss complex issues. * Wait for feedback from Francesca on HashiCorp and trademark issues.