| rfc7650v2.txt | rfc7650.txt | |||
|---|---|---|---|---|
| skipping to change at page 2, line 13 | skipping to change at page 2, line 22 | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 | 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 3. Architecture . . . . . . . . . . . . . . . . . . . . . . . . 5 | 3. Architecture . . . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 4. Registering CoAP URIs . . . . . . . . . . . . . . . . . . . . 7 | 4. Registering CoAP URIs . . . . . . . . . . . . . . . . . . . . 7 | |||
| 5. Lookup . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 | 5. Lookup . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 | |||
| 6. Forming a Direct Connection and Reading Data . . . . . . . . 9 | 6. Forming a Direct Connection and Reading Data . . . . . . . . 9 | |||
| 7. Caching Mechanisms . . . . . . . . . . . . . . . . . . . . . 11 | 7. Caching Mechanisms . . . . . . . . . . . . . . . . . . . . . 11 | |||
| 7.1. ProxyCache . . . . . . . . . . . . . . . . . . . . . . . 11 | 7.1. ProxyCache . . . . . . . . . . . . . . . . . . . . . . . 11 | |||
| 7.2. SensorCache . . . . . . . . . . . . . . . . . . . . . . . 12 | 7.2. SensorCache . . . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 8. CoAP Usage Kinds Definition . . . . . . . . . . . . . . . . . 14 | 8. CoAP Usage Kinds Definition . . . . . . . . . . . . . . . . . 14 | |||
| 8.1. CoAP-REGISTRATION Kind . . . . . . . . . . . . . . . . . 14 | 8.1. CoAP-REGISTRATION Kind . . . . . . . . . . . . . . . . . 14 | |||
| 8.2. CoAP-CACHING Kind . . . . . . . . . . . . . . . . . . . . 14 | 8.2. CoAP-CACHING Kind . . . . . . . . . . . . . . . . . . . . 15 | |||
| 9. Access Control Rules . . . . . . . . . . . . . . . . . . . . 15 | 9. Access Control Rules . . . . . . . . . . . . . . . . . . . . 15 | |||
| 10. Security Considerations . . . . . . . . . . . . . . . . . . . 16 | 10. Security Considerations . . . . . . . . . . . . . . . . . . . 16 | |||
| 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16 | 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17 | |||
| 11.1. CoAP-REGISTRATION Kind-ID . . . . . . . . . . . . . . . 16 | 11.1. CoAP-REGISTRATION Kind-ID . . . . . . . . . . . . . . . 17 | |||
| 11.2. CoAP-CACHING Kind-ID . . . . . . . . . . . . . . . . . . 17 | 11.2. CoAP-CACHING Kind-ID . . . . . . . . . . . . . . . . . . 17 | |||
| 11.3. Access Control Policies . . . . . . . . . . . . . . . . 17 | 11.3. Access Control Policies . . . . . . . . . . . . . . . . 17 | |||
| 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 17 | 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 18 | |||
| 12.1. Normative References . . . . . . . . . . . . . . . . . . 17 | 12.1. Normative References . . . . . . . . . . . . . . . . . . 18 | |||
| 12.2. Informative References . . . . . . . . . . . . . . . . . 18 | 12.2. Informative References . . . . . . . . . . . . . . . . . 18 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 18 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 19 | |||
| 1. Introduction | 1. Introduction | |||
| The Constrained Application Protocol (CoAP) Usage for REsource | The Constrained Application Protocol (CoAP) Usage for REsource | |||
| LOcation And Discovery (RELOAD) allows CoAP nodes to store resources | LOcation And Discovery (RELOAD) allows CoAP nodes to store resources | |||
| in a RELOAD peer-to-peer overlay, provides a lookup service, and | in a RELOAD peer-to-peer overlay, provides a lookup service, and | |||
| enables the use of RELOAD overlay as a cache for sensor data. This | enables the use of RELOAD overlay as a cache for sensor data. This | |||
| functionality is implemented in the RELOAD overlay itself, without | functionality is implemented in the RELOAD overlay itself, without | |||
| the use of centralized servers. | the use of centralized servers. | |||
| skipping to change at page 12, line 5 | skipping to change at page 12, line 5 | |||
| 7.1. ProxyCache | 7.1. ProxyCache | |||
| ProxyCache is meant to store values and sensor information (e.g., | ProxyCache is meant to store values and sensor information (e.g., | |||
| inactivity time) for all the sensors associated with a certain proxy, | inactivity time) for all the sensors associated with a certain proxy, | |||
| as well as their CoAP URIs. SensorCache, on the other hand, is used | as well as their CoAP URIs. SensorCache, on the other hand, is used | |||
| for storing the information and cached value of only one sensor (CoAP | for storing the information and cached value of only one sensor (CoAP | |||
| URI is not necessary, as it is the same as the one used for | URI is not necessary, as it is the same as the one used for | |||
| generating the Resource-ID associated to that SensorCache entry). | generating the Resource-ID associated to that SensorCache entry). | |||
| ProxyCache contains the fields Node-ID and series of SensorEntry | ProxyCache contains the Node-ID, length, and a series of SensorEntry | |||
| types. | types. | |||
| struct { | struct { | |||
| Node-ID Node_ID; | Node-ID Node_ID; | |||
| uint32 length; | uint32 length; | |||
| SensorEntry sensors[count]; | SensorEntry sensors[count]; | |||
| } ProxyCache; | } ProxyCache; | |||
| Node-ID | Node-ID | |||
| The Node-ID of the Proxy Node (PN) responsible for different | The Node-ID of the Proxy Node (PN) responsible for different | |||
| skipping to change at page 14, line 19 | skipping to change at page 14, line 29 | |||
| lifetime | lifetime | |||
| indicates the validity time of that measured value in milliseconds | indicates the validity time of that measured value in milliseconds | |||
| since measurement_time. | since measurement_time. | |||
| value | value | |||
| indicates the actual value measured. It can be of different types | indicates the actual value measured. It can be of different types | |||
| (integer, long, string); therefore, opaque has been used. | (integer, long, string); therefore, opaque has been used. | |||
| 8. CoAP Usage Kinds Definition | 8. CoAP Usage Kinds Definition | |||
| This section defines the CoAP-REGISTRATION and CoAP-CACHING kinds. | This section defines the CoAP-REGISTRATION and CoAP-CACHING Kinds. | |||
| 8.1. CoAP-REGISTRATION Kind | 8.1. CoAP-REGISTRATION Kind | |||
| Kind-IDs | Kind-IDs | |||
| The Resource Name for the CoAP-REGISTRATION Kind-ID is the CoAP | The Resource Name for the CoAP-REGISTRATION Kind-ID is the CoAP | |||
| URI. The data stored is a CoAPRegistration, which contains a set | URI. The data stored is a CoAPRegistration, which contains a set | |||
| of CoAP URIs. | of CoAP URIs. | |||
| Data Model | Data Model | |||
| The data model for the CoAP-REGISTRATION Kind-ID is dictionary. | The data model for the CoAP-REGISTRATION Kind-ID is dictionary. | |||
| The dictionary key is the Node-ID of the storing RN. This allows | The dictionary key is the Node-ID of the storing RN. This allows | |||
| each RN to store a single mapping. | each RN to store a single mapping. | |||
| Access Control | Access Control | |||
| URI-NODE-MATCH. The "coap:" prefix needs to be removed from the | URI-NODE-MATCH. The "coap:" prefix needs to be removed from the | |||
| COAP URI before matching. | COAP URI before matching. | |||
| Data stored under the COAP-REGISTRATION kind is of type | Data stored under the COAP-REGISTRATION Kind is of type | |||
| CoAPRegistration, defined below. | CoAPRegistration, defined below. | |||
| struct { | struct { | |||
| Node-ID Node_ID; | Node-ID Node_ID; | |||
| uint16 coap_uris_length; | uint16 coap_uris_length; | |||
| opaque coap_uris (0..2^16-1); | opaque coap_uris (0..2^16-1); | |||
| } CoAPRegistration; | } CoAPRegistration; | |||
| 8.2. CoAP-CACHING Kind | 8.2. CoAP-CACHING Kind | |||
| skipping to change at page 15, line 12 | skipping to change at page 15, line 27 | |||
| The Resource Name for the CoAP-CACHING Kind-ID is the CoAP URI. | The Resource Name for the CoAP-CACHING Kind-ID is the CoAP URI. | |||
| The data stored is a CoAPCaching, which contains a cached value. | The data stored is a CoAPCaching, which contains a cached value. | |||
| Data Model | Data Model | |||
| The data model for the CoAP-CACHING Kind-ID is single value. | The data model for the CoAP-CACHING Kind-ID is single value. | |||
| Access Control | Access Control | |||
| URI-MATCH. The "coap:" prefix needs to be removed from the COAP | URI-MATCH. The "coap:" prefix needs to be removed from the COAP | |||
| URI before matching. | URI before matching. | |||
| Data stored under the CoAP-CACHING kind is of type CoAPCaching, | Data stored under the CoAP-CACHING Kind is of type CoAPCaching, | |||
| defined in Section 7. | defined in Section 7. | |||
| 9. Access Control Rules | 9. Access Control Rules | |||
| As specified in RELOAD Base [RFC6940], every kind that is storable in | As specified in RELOAD Base [RFC6940], every Kind that is storable in | |||
| an overlay must be associated with an access control policy. This | an overlay must be associated with an access control policy. This | |||
| policy defines whether a request from a given node to operate on a | policy defines whether a request from a given node to operate on a | |||
| given value should succeed or fail. Usages can define any access | given value should succeed or fail. Usages can define any access | |||
| control rules they choose, including publicly writable values. | control rules they choose, including publicly writable values. | |||
| CoAP Usage for RELOAD requires an access control policy that allows | CoAP Usage for RELOAD requires an access control policy that allows | |||
| multiple nodes in the overlay read and write access. This access is | multiple nodes in the overlay read and write access. This access is | |||
| for registering and caching information using CoAP URIs as | for registering and caching information using CoAP URIs as | |||
| identifiers. Therefore, none of the access control policies | identifiers. Therefore, none of the access control policies | |||
| specified in RELOAD Base [RFC6940] are sufficient. | specified in RELOAD Base [RFC6940] are sufficient. | |||
| skipping to change at page 16, line 16 | skipping to change at page 16, line 27 | |||
| The security considerations of RELOAD [RFC6940] and CoAP [RFC7252] | The security considerations of RELOAD [RFC6940] and CoAP [RFC7252] | |||
| apply to this specification. RELOAD's security model is based on | apply to this specification. RELOAD's security model is based on | |||
| public key certificates, which are used for signing messages and | public key certificates, which are used for signing messages and | |||
| stored objects. At the connection level, RELOAD can use either TLS | stored objects. At the connection level, RELOAD can use either TLS | |||
| or DTLS. In the case of CoAP, several security modes have been | or DTLS. In the case of CoAP, several security modes have been | |||
| defined. Implementations of this specification MUST follow all the | defined. Implementations of this specification MUST follow all the | |||
| security-related rules specified in the RELOAD [RFC6940] and CoAP | security-related rules specified in the RELOAD [RFC6940] and CoAP | |||
| [RFC7252] specifications. | [RFC7252] specifications. | |||
| Additionally, in RELOAD every kind which is storable in an overlay | Additionally, in RELOAD every Kind that is storable in an overlay | |||
| must be associated with an access control policy. This document | must be associated with an access control policy. This document | |||
| specifies two new access control policies, which are specified in | specifies two new access control policies, which are specified in | |||
| Section 9. These policies cover the most typical deployment | Section 9. These policies cover the most typical deployment | |||
| scenarios. | scenarios. | |||
| During the phase of registration and lookup, security considerations | During the phase of registration and lookup, security considerations | |||
| relevant to RELOAD apply. A CoAP node that advertises its existence | relevant to RELOAD apply. A CoAP node that advertises its existence | |||
| via this mechanism, is more likely to be attacked, compared to a node | via this mechanism, is more likely to be attacked, compared to a node | |||
| (especially a sleepy node) that does not advertise its existence. | (especially a sleepy node) that does not advertise its existence. | |||
| Section 11 of [RFC7252] and Section 13 of [RFC6940] have more | Section 11 of [RFC7252] and Section 13 of [RFC6940] have more | |||
| End of changes. 12 change blocks. | ||||
| 14 lines changed or deleted | 14 lines changed or added | |||
This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||