Internet Engineering Task Force T. Fossati Internet-Draft KoanLogic Intended status: Standards Track October 3, 2012 Expires: April 6, 2013 Multipart Content Format Encoding for CoAP draft-fossati-core-multipart-ct-01 Abstract This memo defines a new content format encoding that can be used to combine several different media types into a single CoAP message- body. The proposed encoding provides a cheap framing facility aimed at minimizing the overhead bits as much as possible. Its main use case is for applications whose purpose is as simple as just pulling together a number of known content formats, with the caveat that their juxtaposition must not raise any semantic ambiguity on the receiving side (i.e. strictly ordered, with no optional parts). Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on April 6, 2013. Copyright Notice Copyright (c) 2012 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents Fossati Expires April 6, 2013 [Page 1] Internet-Draft Multipart Content Format for CoAP October 2012 carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Requirements Language . . . . . . . . . . . . . . . . . . . 3 2. Multipart Content-Format Encoding . . . . . . . . . . . . . . . 3 3. Length Encoding . . . . . . . . . . . . . . . . . . . . . . . . 3 3.1. Short . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 3.2. Extended . . . . . . . . . . . . . . . . . . . . . . . . . 4 3.3. Constraints . . . . . . . . . . . . . . . . . . . . . . . . 4 3.4. Examples . . . . . . . . . . . . . . . . . . . . . . . . . 4 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5 5. Security Considerations . . . . . . . . . . . . . . . . . . . . 5 6. Normative References . . . . . . . . . . . . . . . . . . . . . 5 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 6 Fossati Expires April 6, 2013 [Page 2] Internet-Draft Multipart Content Format for CoAP October 2012 1. Introduction This memo defines a new media type encoding that can be used to combine several different media types into a single CoAP message- body. 1.1. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 2. Multipart Content-Format Encoding Multipart encoding uses multiple adjacent frames each of which represents a single media. Every frame can further be broken in three logical pieces: the type of the framed media (T), its length in bytes (L), and the media payload itself (V) as depicted in the following figure. ,------------------ multi part -----------------. +------+------+------+ +------+------+------+ | T[0] | L[0] | V[0] | ... | T[n] | L[n] | V[n] | +------+------+------+ +------+------+------+ `------ part 0 ------' `------ part n ------' The semantics associated to the TLV atoms is as follows: T: is one of the numeric content format identifiers defined in the CoAP Content-Format Registry (Section 12.3 of [I-D.ietf-core-coap]), and is encoded as a 16-bit uint (Section 3.4.1. of [I-D.ietf-core-coap]). L: is the lentgh in bytes of the following V frame, and has two possible encodings: short or extended (see Section 3). It determines the offset of the next part, or the end of the multipart representation when applied to the last frame. V: is the media, encoded as implied by the preceding T field. 3. Length Encoding Two different encodings are defined for the L value: short for parts where length(V) measured in bytes is in range [0, 32767]; extended for parts with length(V) in range (32767, 2^127-1]. Fossati Expires April 6, 2013 [Page 3] Internet-Draft Multipart Content Format for CoAP October 2012 3.1. Short The short format uses a fixed 16-bit uint with the most significant bit set to '0'. The remaining 15 bits encode a length(V) value up to 32767 bytes. 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |0| 0-32767 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 3.2. Extended The extended format uses a fixed 8-bit uint with the most significant bit set to '1'. The remaining 7 bits encode the number of bytes needed to uint-encode the length(V) bytes. 0 1 2 3 4 5 6 7 +-+-+-+-+-+-+-+-+------/ /------+ |1| 0-127 | 0-(2^127-1) | +-+-+-+-+-+-+-+-+------/ /------+ 3.3. Constraints The most compact encoding MUST be used, i.e.: 1. always use the short encoding when length(V) < 32768; 2. never zero-pad the most significant byte when using the extended encoding. The former implies that 0x81 would be an invalid value for the first octet, and that in case the first octet is 0x82 the length(V) value MUST be > 0x7FFF. 3.4. Examples A length of 32767 bytes would use short encoding: 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |0|1 1 1 1 1 1 1 1 1 1 1 1 1 1 1| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ S len=32767 A length of 32768 bytes would use extended encoding with length of length 2: Fossati Expires April 6, 2013 [Page 4] Internet-Draft Multipart Content Format for CoAP October 2012 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |1|0 0 0 0 0 1 0|1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ E lenlen=2 len=32768 4. IANA Considerations The following entry is added to the CoAP Content Format registry: .--------------------------------. | Number | Name | Reference | :--------:-----------:-----------: | n | Multipart | RFC XXXX | `--------------------------------' When used as the payload in a CoAP message, one Content-Format option MUST be present and set to n. 5. Security Considerations The extended encoding may trigger insanely huge buffer allocations on the receiving party. Receivers of multipart media SHOULD put a cap on the maximum allowed size of the whole Multipart. A CoAP server MAY respond with a 4.13 (Request Entity Too Large) status code to such requests, and refuse to proceed further (e.g. processing more blocks). A CoAP client can't tell if a 4.15 status code applies to the whole Multipart or just to one of its parts. An attacker may leverage on this ambiguity to craft application specific attacks (e.g. cause downgraded behavior). Applications built on top of Multipart need to handle such eventuality in a safe way. 6. Normative References [I-D.ietf-core-coap] Shelby, Z., Hartke, K., Bormann, C., and B. Frank, "Constrained Application Protocol (CoAP)", draft-ietf-core-coap-12 (work in progress), October 2012. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. Fossati Expires April 6, 2013 [Page 5] Internet-Draft Multipart Content Format for CoAP October 2012 Author's Address Thomas Fossati KoanLogic Via di Sabbiuno, 11/5 Bologna 40100 Italy Email: tho@koanlogic.com Fossati Expires April 6, 2013 [Page 6]