Re: User Profile Information Protocol

["Phil Rzewski" <philr@inktomi.com>]

Hi Reinaldo. I had read this and the companion draft a while back. It's 
probably a good time for me to float my comments. :)

I noticed you posted to multiple lists, and indeed, my first comment is 
that I'm not really sure where this belongs in the IETF landscape. It has a 
CDI flavor because it mentions surrogates and these surrogates are likely 
to be in a different administrative domain from the access device that 
sends the information about user profiles. However, since the "different 
administrative domains" isn't a requirement, it could also be a WEBI thing. 
Also, since these profiles are largely going to determine the nature of 
personalized services performed by the surrogates, that makes me think OPES.

My main technical question is regarding scalability. Imagine today's CDN 
landscape where CDNs have thousands of surrogates. Does each surrogate need 
to know about the profiles of all access users everywhere? Of course, we'd 
think it logical that they only need to know about the profiles of users 
that are "close" to those surrogates, but part of the benefit of CDNs in 
handling "flash crowds" and such is that a far-away surrogate may be chosen 
in lieu of a nearby, congested one. Our CDI model may imply that the 
profiles would be handed off to one "gateway" of each CDN and the CDN would 
distribute it to surrogates as necessary. However, I don't think it's fair 
to say "you handle it internally" to the CDNs if we know up front that it's 
a problem that's difficult/impossible to scale (each CDN conceivably having 
millions of profiles on every surrogate).

Nevertheless, I do agree that thinking in this area is necessary. I've 
often been skeptical of the applicability of ICAP/OPES in pure-CDN cases 
because CDNs do not "own" the user session. If I am an ISP and I provide 
the DSL/cable/dial "pipe", I'm going to do whatever is locally necessary to 
identify each user so I can bill them, and that same identification gives 
me the ability to affect the session: virus checking, filtering, ad 
targeting, etc. In the case of a surrogate where the universal lingo of 
identification is a cookie (right?), a lot of services simply don't seem 
possible. A richer type of universal lingo does seem like a missing puzzle 
piece.

--
Phil


At 01:10 AM 3/2/01 -0800, Reinaldo Penno wrote:
>Hi Folks,
>
>I welcome comments on the following draft.
>
>Thanks,
>
>Reinaldo
>
>-------
>
>http://search.ietf.org/internet-drafts/draft-penno-cdnp-nacct-userid-02.txt
>
>title: User Profile Information Protocol
>
>abstract:
>       We present here a protocol in which edge network equipments, also
>     known as IP Services devices, Broadband RASes, Edge Routers and
>     so forth, can inform surrogates or traffic interception devices
>     extended information about the user, such as geographic location,
>     QoS policy, fully qualified login (name@domain.name) and start and
>     stop times (or its equivalent for non-session based users).
>     The User Profile Information Protocol, herein called UPIF, allows
>     services providers, access providers and content delivery
>     networks to provide personalized or differentiated treatment to each
>     user individually, and also to enhance accounting considerably.
>
>author: Reinaldo Penno, Andre Gustavo de   Albuquerque
>
>date: 02/08/2001
>
>id: draft-penno-cdnp-nacct-userid-02.txt

--
Phil Rzewski - Senior Architect - Inktomi Corporation
650-653-2487 (office) - 650-303-3790 (cell) - 650-653-1848 (fax)