idnits 2.17.1 draft-bormann-coap-misc-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document date (June 21, 2010) is 5030 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Informational ---------------------------------------------------------------------------- == Outdated reference: A later version (-18) exists of draft-ietf-core-coap-00 ** Obsolete normative reference: RFC 2616 (Obsoleted by RFC 7230, RFC 7231, RFC 7232, RFC 7233, RFC 7234, RFC 7235) Summary: 2 errors (**), 0 flaws (~~), 3 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 CoRE Working Group C. Bormann 3 Internet-Draft Universitaet Bremen TZI 4 Intended status: Informational June 21, 2010 5 Expires: December 23, 2010 7 Miscellaneous additions to CoAP 8 draft-bormann-coap-misc-00 10 Abstract 12 This short I-D makes a number of interrelated proposals how to solve 13 certain problems in the CoRE WG's main protocol, CoAP. 15 Status of this Memo 17 This Internet-Draft is submitted in full conformance with the 18 provisions of BCP 78 and BCP 79. 20 Internet-Drafts are working documents of the Internet Engineering 21 Task Force (IETF). Note that other groups may also distribute 22 working documents as Internet-Drafts. The list of current Internet- 23 Drafts is at http://datatracker.ietf.org/drafts/current/. 25 Internet-Drafts are draft documents valid for a maximum of six months 26 and may be updated, replaced, or obsoleted by other documents at any 27 time. It is inappropriate to use Internet-Drafts as reference 28 material or to cite them other than as "work in progress." 30 This Internet-Draft will expire on December 23, 2010. 32 Copyright Notice 34 Copyright (c) 2010 IETF Trust and the persons identified as the 35 document authors. All rights reserved. 37 This document is subject to BCP 78 and the IETF Trust's Legal 38 Provisions Relating to IETF Documents 39 (http://trustee.ietf.org/license-info) in effect on the date of 40 publication of this document. Please review these documents 41 carefully, as they describe your rights and restrictions with respect 42 to this document. Code Components extracted from this document must 43 include Simplified BSD License text as described in Section 4.e of 44 the Trust Legal Provisions and are provided without warranty as 45 described in the Simplified BSD License. 47 Table of Contents 49 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 50 2. Representing Durations . . . . . . . . . . . . . . . . . . . . 4 51 2.1. Pseudo-Floating Point . . . . . . . . . . . . . . . . . . 4 52 2.2. A Duration Type for CoAP . . . . . . . . . . . . . . . . . 6 53 3. URI encoding . . . . . . . . . . . . . . . . . . . . . . . . . 7 54 3.1. An efficient stateless URI encoding . . . . . . . . . . . 7 55 3.2. Stateful URI compression . . . . . . . . . . . . . . . . . 9 56 4. Block-wise transfers . . . . . . . . . . . . . . . . . . . . . 11 57 4.1. The Block Option . . . . . . . . . . . . . . . . . . . . . 11 58 5. Security Considerations . . . . . . . . . . . . . . . . . . . 15 59 6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 16 60 6.1. Normative References . . . . . . . . . . . . . . . . . . . 16 61 6.2. Informative References . . . . . . . . . . . . . . . . . . 16 62 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 17 64 1. Introduction 66 The CoRE WG is tasked with standardizing an Application Protocol for 67 Constrained Networks/Nodes, CoAP. This protocol is intended to 68 provide RESTful [REST] services not unlike HTTP [RFC2616], while 69 reducing the complexity of implementation as well as the size of 70 packets exchanged in order to make these services useful in a highly 71 constrained network of themselves highly constrained nodes. 73 This objective requires restraint in a number of sometimes 74 conflicting ways: 76 o reducing implementation complexity in order to minimize code size, 78 o reducing message sizes in order to minimize the number of 79 fragments needed for each message (in turn to maximize the 80 probability of delivery of the message), the amount of 81 transmission power needed and the loading of the limited-bandwidth 82 channel, 84 o reducing requirements on the environment such as stable storage, 85 good sources of randomness or user interaction capabilities. 87 This draft attempts to address a number of problems not yet 88 adequately solved in [I-D.ietf-core-coap]. The solutions proposed to 89 these problems are somewhat interrelated and are therefore presented 90 in one draft. 92 In this document, the key words "MUST", "MUST NOT", "REQUIRED", 93 "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", 94 and "OPTIONAL" are to be interpreted as described in BCP 14 [RFC2119] 95 and indicate requirement levels for compliant CoAP implementations. 97 2. Representing Durations 99 Various message types used in CoAP need the representation of 100 *durations*, i.e. of the length of a timespan. In SI units, these 101 are measured in seconds. Where CPU power and memory is abundant, a 102 duration can almost always be adequately represented by a non- 103 negative floating-point number representing that number of seconds. 104 Historically, many APIs have also used an integer representation, 105 which limits both the resolution (e.g., if the integer represents the 106 duration in seconds) and often the range (integer machine types have 107 range limits that may become relevant). UNIX's "time_t" (which is 108 used for both absolute time and durations) originally was a signed 109 32-bit value of seconds, but was later complemented by an additional 110 integer to add microsecond ("struct timeval") and then later 111 nanosecond ("struct timespec") resolution. 113 Three decisions need to be made for each application of the concept 114 of duration: 116 o the *resolution*. What rounding error is acceptable? 118 o the *range*. What is the maximum duration that needs to be 119 represented? 121 o the *number of bits* that can be expended. 123 Obviously, these decisions are interrelated. Typically, a large 124 range needs a large number of bits, unless resolution is traded. For 125 most applications, the actual requirement for resolution are limited 126 for longer durations, but can be more acute for shorter durations. 128 2.1. Pseudo-Floating Point 130 Constrained systems typically avoid the use of floating-point (FP) 131 values, as 133 o simple CPUs often don't have support for floating-point datatypes 135 o software floating-point libraries are expensive in code size and 136 slow. 138 In addition, floating-point datatypes used to be a significant 139 element of market differentiation in CPU design; it has taken the 140 industry a long time to agree on a standard floating point 141 representation. 143 These issues have led to protocols that try to constrain themselves 144 to integer representation even where the ability of a floating point 145 representation to trade range for resolution would be beneficial. 147 The idea of introducing _pseudo-FP_ is to obtain the increased range 148 provided by embedding an exponent, without necessarily getting stuck 149 with hardware datatypes or inefficient software floating-point 150 libraries. 152 For the purposes of this draft, we define an (n,e)-pseudo-FP as a 153 fixed-length value of n bits, e of which may be used for an exponent. 154 Figure 1 illustrates an (8,4)-pseudo-FP value. 156 0 1 2 3 4 5 6 7 157 +---+---+---+---+---+---+---+---+ 158 | 0... value | 159 +---+---+---+---+---+---+---+---+ 161 +---+---+---+---+---+---+---+---+ 162 | 1... mantissa | exponent | 163 +---+---+---+---+---+---+---+---+ 165 Figure 1: An (8,4) pseudo-FP representation 167 If the high bit is clear, the entire n-bit value (including the high 168 bit) is the decoded value. If the high bit is set, the mantissa 169 (including the high bit, but with the exponent field cleared out) is 170 shifted left by the exponent to yield the decoded value. 172 The (n,e)-pseudo-FP format can be decoded with a single line of code 173 (plus a couple of constant definition), as demonstrated in Figure 2. 175 #define N 8 176 #define E 4 177 #define HIBIT (1 << (N - 1)) 178 #define EMASK ((1 << E) - 1) 179 #define MMASK ((1 << N) - 1 - EMASK) 181 #define DECODE_8_4(r) (r < HIBIT ? r : (r & MMASK) << (r & EMASK)) 183 Figure 2: Decoding an (8,4) pseudo-FP value 185 Only non-negative numbers can be represented by this format. It is 186 designed to provide full integer resolution for values from 0 to 187 2^(n-1)-1, i.e., 0 to 127 in the (8,4) case, and a mantissa of n-e 188 bits from 2^(n-1) to (2^n-2^e)*2^(2^e-1), i.e., 128 to 7864320 in the 189 (8,4) case. By choosing e carefully, resolution can be traded 190 against range. 192 Note that a pseudo-FP encoder needs to consider rounding; different 193 applications of durations may favor rounding up or rounding down the 194 value encoded in the message. This requires a little more than a 195 single line of code (which is left as an exercise to the reader, as 196 the most efficient expression depends on hardware details). 198 2.2. A Duration Type for CoAP 200 CoAP needs durations in a number of places. In [I-D.ietf-core-coap], 201 durations occur in the option "Subscription-lifetime" as well as in 202 the option "Max-age". (Note that the option "Date" is not a 203 duration, but a point in time.) Other durations of this kind may be 204 added later. 206 Most durations relevant to CoAP are best expressed with a minimum 207 resolution of one second. More detailed resolutions are unlikely to 208 provide much benefit. 210 The range of lifetimes and caching ages are probably best kept below 211 the order of magnitude of months. An (8,4)-pseudo-FP has the maximum 212 value of 7864320, which is about 91 days; this appears to be adequate 213 for a subscription lifetime and probably even for a maximum cache 214 age. (If a larger range for the latter is indeed desired, an (8,5)- 215 pseudo-FP could be used; this would last 15 milleniums, at the cost 216 of having only 3 bits of accuracy for values larger than 127 217 seconds.) 219 Proposal: A single duration type is used throughout CoAP, based on 220 an (8,4)-pseudo-FP giving a duration in seconds. 222 Benefits: Implementations can use a single piece of code for 223 managing all CoAP-related durations. 225 In addition, length information never needs to be managed for 226 durations that are embedded in other data structures: All 227 durations are expressed by a single byte. 229 3. URI encoding 231 In HTTP-based systems, URIs can reach significant lengths. While 232 CoAP-based systems may be able to sidestep the most egregious 233 excesses (mostly by simply applying REST principles), a URI such as 235 /.well-known/resources 237 can use up one third of the available payload in a CoAP message 238 transported in a single 6LoWPAN packet. Is there a way to encode 239 these URIs in a more efficient way? 241 Several proposals have been made on the CoRE mailing list, e.g. 242 applying the principle of base64-encoding [RFC4648] in reverse and 243 using only 6 bits per character. However, due to rounding errors and 244 occasional characters that are not in the 64-character subset chosen 245 to be efficiently encodable, the actual gains are limited. 246 Similarly, using 7 bits per character (assuming URIs contain only 247 ASCII characters) only gives a best-case gain of 12.5 %, and that 248 only in the case the URI is a multiple of 8 characters long. On the 249 other hand, the complexity (and danger of subtle interoperability 250 problems) is not entirely trivial. 252 We will proceed by first proposing an URI encoding that is slightly 253 more efficient than the abovementioned ones, then rejecting even that 254 for its unconvincing cost-benefit ratio, and finally taking up 255 Henning Schulzrinne's proposal to add state. 257 3.1. An efficient stateless URI encoding 259 There is very little redundancy by repetition in a typical URI, 260 rendering popular compression methods such as LZ77 (as implemented in 261 in the widely used DEFLATE algorithm [RFC1951]) rather ineffective. 263 For the short, non-repetitive data structures that URIs tend to be, 264 efficient stateless compression is pretty much confined to Huffman 265 (or, for even more complexity, arithmetic) coding. The complexity 266 can be reduced significantly by moving to n-ary Huffman coding, i.e., 267 optimizing not to the bit level, but to a larger level of 268 granularity. Informal experiments by the author show that a 16ary 269 Huffman coding is close to optimal for reasonable URI lengths. In 270 other words, basing the encoding on nibbles (4-bit half-bytes) is 271 both nearly optimal and relatively inexpensive to implement. 273 The actual letter frequencies that will occur in CoAP URIs are hard 274 to predict. As a stopgap, the author has analyzed an HTTP-based URI 275 corpus and found the following characters to occur with high 276 frequency: 278 %.aeinorst 280 In the encoding proposed, each of these ten highly-compressed 281 characters is represented by a single 4-bit nibble. As the % 282 character is used for hexadecimal encoding in URIs, two additional 283 nibbles are used to provide the numeric value of the two hexadecimal 284 numbers following the % character (the original URI will only be 285 properly reconstituted if these are upper-case as they should be 286 according to section 2.1 of the URI specification [RFC3986]; the 287 encoder can choose to send all three characters in dual-nibble format 288 if that matters). An encoder could also map non-ASCII characters to 289 this three-nibble form, even though they are not allowed in URIs. 290 This gives compatibility with the %-encoding required by [RFC3986]. 292 All other characters are represented by both of their nibbles. The 293 resulting sequence of nibbles is reconstituted into a sequence of 294 bytes in most-significant-nibble-first order. Any unused nibble in 295 the last byte of an encoding is set to 0. (Upon decoding, this 296 padding can be readily distinguished from another % combination as 297 this would require another byte after the last byte.) The encoding 298 is summarized in Figure 3. 300 0 1 301 0 1 2 3 4 5 6 7 8 9 0 1 302 +---+---+---+---+ 303 | 1, 8-F | .aeinorst 304 +---+---+---+---+ 189ABCDEF 306 +---+---+---+---+---+---+---+---+ 307 | 2-7 | 0-F | other ASCII 308 +---+---+---+---+---+---+---+---+ 310 +---+---+---+---+---+---+---+---+---+---+---+---+ 311 | 0 | 0-F | 0-F | %HH 312 +---+---+---+---+---+---+---+---+---+---+---+---+ 314 Figure 3: A nibble-based URI encoding 316 An example encoding for "/.well-known/resources" (where the initial 317 slash is left out, as proposed for abs-path URIs) is given in 318 Figure 4. While the more than 28 % savings in this example may seem 319 just an accident, the HTTP-based corpus indeed shows an average 320 savings of about 21.8 %, i.e. the sum of the lengths of the encoded 321 version of all URIs in the corpus is about 78.2 % of the sum of the 322 length of all URIs. (The savings should be noticeably higher with a 323 more RESTful selection of URIs than was available for this 324 experiment.) 325 0 1 2 326 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 327 / . w e l l - k n o w n / r e s o u r c e s 329 2e 77 65 6c 6c 2d 6b 6e 6f 77 6e 2f 72 65 73 6f 75 72 63 65 73 330 -> 331 1 77 9 6c 6c 2d 6b b c 77 b 2f d 9 e c 75 d 63 9 e 332 = 17 79 6c 6c 2d 6b bc 77 b2 fd 9e c7 5d 63 9e 334 Figure 4: Nibble-based URI encoding: 21 -> 15 bytes 336 3.2. Stateful URI compression 338 Is the approximately 25 % average saving achievable with Huffman- 339 based URI compression schemes worth the complexity? Probably not, 340 because much higher average savings can be achieved by introducing 341 state. 343 Henning Schulzrinne has proposed for a server to be able to supply a 344 shortened URI once a resource has been requested using the full- 345 length URI. Let's call such a shortened referent a _Temporary 346 Resource Identifier_, _TeRI_ for short. This could be expressed by a 347 response option as shown in Figure 5. 349 0 350 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 351 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 352 | duration | TeRI... 353 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 355 Figure 5: Option for offering a TeRI in a response 357 The TeRI offer option indicates that the server promises to offer 358 this resources under the TeRI given for at least the time given as 359 the duration. Another TeRI offer can be made later to extend the 360 duration. 362 Once a TeRI for a URI is known (and still within its lifetime), the 363 client can supply a TeRI instead of a URI in its requests. The same 364 option format as an offer could be used to allow the client to 365 indicate how long it believes the TeRI will still be valid (so that 366 the server can decide when to update the lifetime duration). TeRIs 367 in requests could be distinguished from URIs e.g. by using a 368 different option number. 370 Proposal: Add a TeRI option that can be used in CoAP requests and 371 responses. 373 Add a way to indicate a TeRI and its duration in a link-value. 375 Do not add any form of stateless URI encoding. 377 Benefits: Much higher reduction of message size than any stateless 378 URI encoding could achieve. 380 As the use of TeRIs is entirely optional, minimal complexity nodes 381 can get by without implementing them. 383 4. Block-wise transfers 385 Not all resource representations will fit into a single link layer 386 packet of a constrained network. Using fragmentation (either at the 387 adaptation layer or at the IP layer) to enable the transport of 388 larger representations is possible up to the maximum size of a UDP 389 datagram, but the fragmentation/reassembly process loads the lower 390 layers with conversation state that is better managed in the 391 application layer. 393 This section proposes options to enable _block-wise_ access to 394 resource representations. The overriding objective is to avoid 395 creating conversation state at the server for block-wise GET 396 requests. (It is impossible to fully avoid creating conversation 397 state for POST/PUT, if the creation/replacement of resources is to be 398 atomic; where that property is not needed, there is no need to create 399 server conversation state in this case, either.) Also, 400 implementation of these options is intended to be optional. (The 401 details of which parts of the behavior need to be mandatory to enable 402 that optionality still are TBD, see below.) 404 The size of the blocks should not be fixed by the protocol. On the 405 other hand, implementation should be as simple as possible. We 406 therefore propose a small range of power-of-two block sizes, from 2^4 407 (16) to 2^11 (2048) bytes. One of these eight values can be encoded 408 in three bits (0 for 2^4 to 7 for 2^11 bytes), the "szx" (size 409 exponent); the actual block size is then "1 << (szx + 4)". 411 4.1. The Block Option 413 When a representation is larger than can be comfortably transferred 414 in a single UDP datagram, the Block option can be used to indicate a 415 block-wise transfer. Block is a 1-, 2- or 3-byte integer, the four 416 least significant bits of which indicate the size and whether the 417 current block-wise transfer is the last block being transferred (M or 418 "more" bit). The value divided by sixteen is the number of the block 419 currently being transferred, starting from zero, i.e., the current 420 transfer is about the "size" bytes starting at "blocknr << (szx + 421 4)". The default value of the Block option is zero, indicating that 422 the current block is the first (block number 0) and only (M bit not 423 set) block of the transfer; however, there is no explicit size 424 implied by this default value. 426 0 427 0 1 2 3 4 5 6 7 428 +-+-+-+-+-+-+-+-+ 429 |blocknr|M| szx | 430 +-+-+-+-+-+-+-+-+ 432 0 1 433 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 434 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 435 | block nr |M| szx | 436 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 438 0 1 2 439 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 440 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 441 | block nr |M| szx | 442 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 444 Figure 6: Block option 446 (Note that the option with the last 4 bits masked out, shifted to the 447 left by the value of szx, gives the byte position of the block. The 448 author is not too sure whether that particularly is a feature.) 450 The block option is used in one of three roles: 452 o In the request for a GET, it gives the block number requested and 453 suggests a block size (block number 0) or echoes the block size of 454 previous blocks received (block numbers other than 0). 456 o In the response for a GET or in the request for a PUT or POST, it 457 describes what block number is contained in the payload, and 458 whether further blocks are part of that body (M bit). If the M 459 bit is set, the size of the payload body in bytes MUST indeed be 460 the power of two given by the block size. All blocks for a 461 transaction MUST use the same block size, except for the last 462 block (M bit not set). 464 o In the response for a PUT or POST, it indicates what block number 465 is being acknowledged. In this case, the M bit is set to indicate 466 that this response does not carry the final response to the 467 request; this can occur when the M bit was set in the request and 468 the server implements PUT/POST atomically (only with the receptin 469 of the last block). 471 In all cases, the block number logically extends the transaction ID, 472 i.e. the same transaction ID can be used for all exchanges for a 473 block-wise transfer. (For GET, and for PUT/POST where atomic 474 semantics are not needed, the requester is free to use different 475 transactions IDs for each block if desired.) 477 When a GET is answered with a response carrying a Block option with 478 the M bit set, the requestor may retrieve additional blocks by 479 sending requests with a Block option giving the block number desired. 480 In such a Block option, the M bit MUST be sent as zero and ignored on 481 reception. 483 To influence the block size used in response to a GET request, the 484 requestor uses the Block option, giving the desired size, a block 485 number of zero and an M bit of zero. A server SHOULD use the block 486 size indicated or a smaller size. Any further block-wise requests 487 for blocks beyond the first one MUST indicate the block size used in 488 the response for the first one. 490 If the Block option is used by the requestor, all GET requests in a 491 single transaction MUST use the same size. The server SHOULD use the 492 block size indicated in the request option, but the requestor MUST 493 take note of the actual block size used in the response; the server 494 MUST ensure that it uses the same block size for all responses in a 495 transaction (except for the last one with the M bit not set). [TBD: 496 decide whether the Block option can only be used in a response if a 497 Block option was in the request. Such a minimal block option could 498 be of length zero, i.e., would occupy just one byte for the type/ 499 length information, but is a bit redundant, so it would be nice to 500 leave this requirement out, but then every GET requestor has the 501 burden of having to cope with receiving Block options.] 503 Block-wise transfers SHOULD be used in conjunction with the Etag 504 option, unless the representation being exchanged is entirely static 505 (not changing over time at all, such as in a schema describing a 506 device). When reassembling the representation from the blocks being 507 exchanged, the reassembler MUST compare Etag options. If the Etag 508 options do not match in a GET transfer, the requestor has the option 509 of attempting to retrieve fresh values for the blocks it retrieved 510 first. To minimize the resulting inefficiency, the server MAY cache 511 the current value of a representation for an ongoing transaction, but 512 there is no requirement for the server to establish any state. The 513 server may offer a TeRI with the initial block to reduce the size of 514 further block-wise GET requests; this TeRI MAY be short-lived and 515 specific to the version of the representation being retrieved (which 516 would in effect freeze the representation of the resource 517 specifically for the purposes of this block-wise transfer). 519 In a PUT or POST transfer, the block option refers to the body in the 520 request, i.e., there is no way to perform a block-wise retrieval of 521 the body of the response. Servers that do need to supply large 522 bodies in response to PUT/POST SHOULD therefore be employing 523 redirects, possibly offering a TeRI. 525 In a PUT or POST transfer that is intended to be implemented in an 526 atomic fashion at the server, the actual creation/replacement takes 527 place at the time a block with the M bit unset is received. If not 528 all previous blocks are available at the server at this time, the 529 transfer fails and error code 4__ (TBD) MUST be returned. The error 530 code 4__ can also be returned at any time by a server that does not 531 currently have the resources to store blocks for a block-wise PUT or 532 POST transfer that it would intend to implement in an atomic fashion. 533 [TBD: a way for a server to derive the equivalent of an Etag for the 534 request body, so that when these do not match in a PUT or POST 535 transfer, the reassembler MUST discard older blocks. For now, the 536 transaction ID will have to suffice.] 538 Proposal: Add a Block option that can be used for block-wise 539 transfers. 541 Benefits: Transfers larger than can be accommodated in constrained- 542 network link-layer packets can be performed in smaller blocks. 544 No hard-to-manage conversation state is created at the adaptation 545 layer or IP layer for fragmentation. 547 The transfer of each block is acknowledged, enabling 548 retransmission if required. 550 Both sides have a say in the block size that actually will be 551 used. 553 5. Security Considerations 555 TBD. (Weigh the security implications of application layer block- 556 wise transfer against those of adaptation-layer or IP-layer 557 fragmentation. Discuss the implications of TeRIs. Also: Discuss 558 nodes without clocks.) 560 6. References 562 6.1. Normative References 564 [I-D.ietf-core-coap] 565 Shelby, Z., Frank, B., and D. Sturek, "Constrained 566 Application Protocol (CoAP)", draft-ietf-core-coap-00 567 (work in progress), June 2010. 569 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 570 Requirement Levels", BCP 14, RFC 2119, March 1997. 572 [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., 573 Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext 574 Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999. 576 [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform 577 Resource Identifier (URI): Generic Syntax", STD 66, 578 RFC 3986, January 2005. 580 6.2. Informative References 582 [REST] Fielding, R., "Architectural Styles and the Design of 583 Network-based Software Architectures", 2000. 585 [RFC1951] Deutsch, P., "DEFLATE Compressed Data Format Specification 586 version 1.3", RFC 1951, May 1996. 588 [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data 589 Encodings", RFC 4648, October 2006. 591 Author's Address 593 Carsten Bormann 594 Universitaet Bremen TZI 595 Postfach 330440 596 Bremen D-28359 597 Germany 599 Phone: +49-421-218-63921 600 Fax: +49-421-218-7000 601 Email: cabo@tzi.org