The present invention relates to content distribution in packet-switched networks.
Packet-switched networks, such as networks based on the TCP/IP protocol suite, can be utilized to distribute a rich array of digital content to a variety of different client applications. The most popular applications on the Internet today are browsing applications for searching the World Wide Web, e.g. Netscape Navigator or Microsoft Internet Explorer, which utilize the HyperText Transfer Protocol (HTTP) to retrieve documents written in the HyperText Markup Language (HTML) along with embedded content. See, e.g., R. Fielding et al., “Hypertext Transfer Protocol—HTTP/1.1,” IETF RFC 2616, Network Working Group, 1999, which is incorporated by reference herein. Where there is a need to secure the communications between the HTTP server and the client, security protocols such as the Secure Sockets Layer (SSL) or Secure HTTP (S-HTTP) can be utilized to encrypt the content of the HTTP traffic. See, e.g., Freier et al., “The SSL Protocol Version 3.0,” IETF Internet Draft, Netscape Communications, http://home.netscape.com/eng/ssl3/index.html; E. Rescorla et al., “The Secure HyperText Transfer Protocol,” RFC 2660, IETF Network Working Group (August 1990), which are incorporated by reference herein. See also U.S. Pat. No. 5,657,390, “Secure Socket Layer Application Program Apparatus and Method,” to Elgamal et al., which is incorporated by reference herein.
It is often advantageous when distributing digital content across a packet-switched network to divide the duty of answering content requests among a plurality of geographically dispersed servers. Companies such as Akamai Technologies, Digital Island, AT&T and Adero provide services—referred to in the art as “content distribution” services—utilizing architectures which dynamically redirect content requests to a cache advantageously situated closer to the client issuing the request. Such network architectures are referred to herein generically as “content distribution networks” or “CDNs” for short. These companies either co-locate caches within Internet Service Providers or deploy the cache servers within their own separate networks for their content provider customers. Despite the rapid proliferation of content distribution networks in the market today, the use of content distribution networks with existing security protocols such as SSL poses additional performance challenges—in particular compared to the already high amount of resources required to establish and maintain a secure session between a client and single server. The additional performance requirements stem from the fact that in a content distribution network a client might be redirected to multiple cache servers, each server required to establish a new secure communication session thereby degrading performance of the network.