RELOAD Node Operations Proposal

The base RELOAD protocol defines Fetch, Store, and Remove operations that operate on resources identified by Resource-ID. However, there are a number of other operations, including diagnostic usages proposed in the base RELOAD draft and that require the ability to query for information particular to a specific peer, rather than for information stored indexed by Resource-ID. Such queries may be sent to either a previously-known Node-ID or to the peer responsible for a particular Resource-ID. The NodeFetch, NodeStore, and NodeRemove operations described here are intended to support these operations.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.

A variety of scenarios motivate the need for node-specific operations: Diagnostics have been proposed in and . The breadth of diagnostics proposed, and the needs of the wide variety of deployment scenarios envisioned for P2PSIP seems to imply that there will be multiple diagnostic usages described in different drafts. Therefore, it seems desireable to propose a common set of methods in the base draft that all diagnostic usages can reference. There is a spectrum of operations that range from diagnostic to administrative control over nodes. While some application scenarios imply little central control, others assume the existence of an authorized administrator to control nodes in the overlay . Providing these methods will allow future usages to rely on the same fundamental methods already required for diagnostic purposes. P2P applications frequently require some form of service discovery. Equally important as service discovery is service placement. While some algorithms for performing such operations store location data indexed by Resource-ID , others rely on the ability to send Fetch or Store operations to a peer responsible for a particular Resource-ID (an operation not supported by the current Store and Fetch) .

One possibility is to extend the existing Fetch/Store/Remove operations to support per-node behavior. A variety of possibilities exist: allowing usages to specify whether each kind refers to node-specific or Resource-ID indexed objects, adding a flag to the request structures indicating that the request is node-specific, or reserving a portion of the kind-space to identify node-specific operations. Unfortunately, each of these proposals adds complexity to the existing protocol encoding or assumes a particular architecture where the storage component does not make decisions without interaction with a usage module. A particular challenge in providing node-specific operations is routing a node-specific request to the peer responsible for a particular Resource-ID. While some node-specific requests are routed to a known Node-ID, others will be routed simply to a Resource-ID and will therefore have no encoding of the Node-ID of the node being queried in the message. Therefore, a node cannot examind the FetchReq, for example, to see if the queried resource matches its Node-ID, and thus deduce the request is for node-specific information. One possibility for providing operations that refer to node-specific data on a peer responsible for a given Resource-ID is to perform two separate operations, a Probe followed by a node-specific Fetch to a particular Node-ID. However, this two-phase approach may fail in diagnostic situations where the overlay is unstable---if these methods are being used to determine the reasons for the instability, it is likely to be far more useful to have an atomic NodeFetch that returns the diagnostic information on the node that is reached by the first query rather than assuming that consecutive queries will reach the same node. Therefore, to reduce the complexity of supporting node-specific operations, a new set of methods are proposed that are exclusively for node-specific operations. A node receiving such a method will always know to process it in the appropriate manner, regardless of its particular implementation. Furthermore, although the methods are different, most of the message structure is shared with the base Fetch/Store/Remove operations, thus minimizing additional implementation complexity.

NodeFetch is required for all proposed usage scenarios. NodeStore and NodeRemove are required for the administrative and discovery/placement usage scenarios. The bodies of each of the messages are essentially identical to their Resource-ID counterparts, except for the lack of encoded ResourceId's in the objects.

; } NodeFetchReq; ]]>

; } NodeFetchAns; ]]>

; } NodeStoreReq; ]]>

; } StoreAns; ]]>

; } NodeRemoveReq; ]]>

; } RemoveAns; ]]>

There are inherent security risks in disclosing operational data through a Diagnostic fetch, and additional risks in allowing remote administration of a node. Usages relying on these methods will need to identify the risks involve and specify appropriate authorization mechanisms (presumably based on the certificate model used for identification and authorization in RELOAD) for ensuring that such operations are performed only by authorized entities.

This section contains the new code points registered by this document. [NOTE TO IANA/RFC-EDITOR: Please replace RFC-AAAA with the RFC number for this specification in the following list.]

IANA SHALL add the follwoing to the a"RELOAD Message Code" Registry: Message Code Name Code Value RFC node_store_req 29 RFC-AAAA node_store_ans 30 RFC-AAAA node_fetch_req 31 RFC-AAAA node_fetch_ans 32 RFC-AAAA node_remove_req 33 RFC-AAAA node_remove_ans 34 RFC-AAAA

This proposal has evolved from discussions with Cullen Jennings, Eric Rescorla, Song Haibin, Jiang Xingfeng, and David Bryan. Eric Rescorla wrote the message PDUs.