idnits 2.17.1 draft-ietf-core-resource-directory-26.txt: -(2): Line appears to be too long, but this could be caused by non-ascii characters in UTF-8 encoding Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == There are 3 instances of lines with non-ascii characters in the document. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 1 instance of lines with multicast IPv4 addresses in the document. If these are generic example addresses, they should be changed to use the 233.252.0.x range defined in RFC 5771 == There are 4 instances of lines with non-RFC3849-compliant IPv6 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 389 has weird spacing: '... target o----...' == Line 391 has weird spacing: '...--o rel o...' == Line 456 has weird spacing: '...o href o----...' == Line 460 has weird spacing: '... o ep o---...' == Line 468 has weird spacing: '... o lt o---...' == (2 more instances...) -- The document date (2 November 2020) is 1264 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC3849' is defined on line 3387, but no explicit reference was found in the text ** Obsolete normative reference: RFC 7230 (Obsoleted by RFC 9110, RFC 9112) == Outdated reference: A later version (-46) exists of draft-ietf-ace-oauth-authz-35 == Outdated reference: A later version (-14) exists of draft-ietf-core-echo-request-tag-10 Summary: 1 error (**), 0 flaws (~~), 13 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 CoRE C. Amsüss, Ed. 3 Internet-Draft 4 Intended status: Standards Track Z. Shelby 5 Expires: 6 May 2021 ARM 6 M. Koster 7 SmartThings 8 C. Bormann 9 Universitaet Bremen TZI 10 P. van der Stok 11 consultant 12 2 November 2020 14 CoRE Resource Directory 15 draft-ietf-core-resource-directory-26 17 Abstract 19 In many IoT applications, direct discovery of resources is not 20 practical due to sleeping nodes, or networks where multicast traffic 21 is inefficient. These problems can be solved by employing an entity 22 called a Resource Directory (RD), which contains information about 23 resources held on other servers, allowing lookups to be performed for 24 those resources. The input to an RD is composed of links and the 25 output is composed of links constructed from the information stored 26 in the RD. This document specifies the web interfaces that an RD 27 supports for web servers to discover the RD and to register, 28 maintain, lookup and remove information on resources. Furthermore, 29 new target attributes useful in conjunction with an RD are defined. 31 Note to Readers 33 Discussion of this document takes place on the CORE Working Group 34 mailing list (core@ietf.org), which is archived at 35 https://mailarchive.ietf.org/arch/browse/core/ 36 (https://mailarchive.ietf.org/arch/browse/core/). 38 Source for this draft and an issue tracker can be found at 39 https://github.com/core-wg/resource-directory (https://github.com/ 40 core-wg/resource-directory). 42 Status of This Memo 44 This Internet-Draft is submitted in full conformance with the 45 provisions of BCP 78 and BCP 79. 47 Internet-Drafts are working documents of the Internet Engineering 48 Task Force (IETF). Note that other groups may also distribute 49 working documents as Internet-Drafts. The list of current Internet- 50 Drafts is at https://datatracker.ietf.org/drafts/current/. 52 Internet-Drafts are draft documents valid for a maximum of six months 53 and may be updated, replaced, or obsoleted by other documents at any 54 time. It is inappropriate to use Internet-Drafts as reference 55 material or to cite them other than as "work in progress." 57 This Internet-Draft will expire on 6 May 2021. 59 Copyright Notice 61 Copyright (c) 2020 IETF Trust and the persons identified as the 62 document authors. All rights reserved. 64 This document is subject to BCP 78 and the IETF Trust's Legal 65 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 66 license-info) in effect on the date of publication of this document. 67 Please review these documents carefully, as they describe your rights 68 and restrictions with respect to this document. Code Components 69 extracted from this document must include Simplified BSD License text 70 as described in Section 4.e of the Trust Legal Provisions and are 71 provided without warranty as described in the Simplified BSD License. 73 Table of Contents 75 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4 76 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 77 3. Architecture and Use Cases . . . . . . . . . . . . . . . . . 6 78 3.1. Principles . . . . . . . . . . . . . . . . . . . . . . . 7 79 3.2. Architecture . . . . . . . . . . . . . . . . . . . . . . 7 80 3.3. RD Content Model . . . . . . . . . . . . . . . . . . . . 8 81 3.4. Link-local addresses and zone identifiers . . . . . . . . 12 82 3.5. Use Case: Cellular M2M . . . . . . . . . . . . . . . . . 12 83 3.6. Use Case: Home and Building Automation . . . . . . . . . 13 84 3.7. Use Case: Link Catalogues . . . . . . . . . . . . . . . . 14 85 4. RD discovery and other interface-independent components . . . 14 86 4.1. Finding a Resource Directory . . . . . . . . . . . . . . 15 87 4.1.1. Resource Directory Address Option (RDAO) . . . . . . 17 88 4.1.2. Using DNS-SD to discover a Resource Directory . . . . 19 89 4.2. Payload Content Formats . . . . . . . . . . . . . . . . . 19 90 4.3. URI Discovery . . . . . . . . . . . . . . . . . . . . . . 19 91 5. Registration . . . . . . . . . . . . . . . . . . . . . . . . 22 92 5.1. Simple Registration . . . . . . . . . . . . . . . . . . . 27 93 5.2. Third-party registration . . . . . . . . . . . . . . . . 29 94 5.3. Operations on the Registration Resource . . . . . . . . . 30 95 5.3.1. Registration Update . . . . . . . . . . . . . . . . . 30 96 5.3.2. Registration Removal . . . . . . . . . . . . . . . . 33 97 5.3.3. Further operations . . . . . . . . . . . . . . . . . 34 98 6. RD Lookup . . . . . . . . . . . . . . . . . . . . . . . . . . 34 99 6.1. Resource lookup . . . . . . . . . . . . . . . . . . . . . 35 100 6.2. Lookup filtering . . . . . . . . . . . . . . . . . . . . 36 101 6.3. Resource lookup examples . . . . . . . . . . . . . . . . 38 102 6.4. Endpoint lookup . . . . . . . . . . . . . . . . . . . . . 40 103 7. Security policies . . . . . . . . . . . . . . . . . . . . . . 41 104 7.1. Endpoint name . . . . . . . . . . . . . . . . . . . . . . 42 105 7.1.1. Random endpoint names . . . . . . . . . . . . . . . . 42 106 7.2. Entered resources . . . . . . . . . . . . . . . . . . . . 42 107 7.3. Link confidentiality . . . . . . . . . . . . . . . . . . 43 108 7.4. Segmentation . . . . . . . . . . . . . . . . . . . . . . 43 109 7.5. First-Come-First-Remembered: A default policy . . . . . . 44 110 8. Security Considerations . . . . . . . . . . . . . . . . . . . 45 111 8.1. Discovery . . . . . . . . . . . . . . . . . . . . . . . . 46 112 8.2. Endpoint Identification and Authentication . . . . . . . 46 113 8.3. Access Control . . . . . . . . . . . . . . . . . . . . . 47 114 8.4. Denial of Service Attacks . . . . . . . . . . . . . . . . 47 115 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 48 116 9.1. Resource Types . . . . . . . . . . . . . . . . . . . . . 48 117 9.2. IPv6 ND Resource Directory Address Option . . . . . . . . 48 118 9.3. RD Parameter Registry . . . . . . . . . . . . . . . . . . 48 119 9.3.1. Full description of the "Endpoint Type" RD 120 Parameter . . . . . . . . . . . . . . . . . . . . . . 51 121 9.4. "Endpoint Type" (et=) RD Parameter values . . . . . . . . 51 122 9.5. Multicast Address Registration . . . . . . . . . . . . . 52 123 9.6. Well-Known URIs . . . . . . . . . . . . . . . . . . . . . 52 124 9.7. Service Names and Transport Protocol Port Number 125 Registry . . . . . . . . . . . . . . . . . . . . . . . . 52 126 10. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 53 127 10.1. Lighting Installation . . . . . . . . . . . . . . . . . 53 128 10.1.1. Installation Characteristics . . . . . . . . . . . . 53 129 10.1.2. RD entries . . . . . . . . . . . . . . . . . . . . . 54 130 10.2. OMA Lightweight M2M (LwM2M) . . . . . . . . . . . . . . 57 131 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 58 132 12. Changelog . . . . . . . . . . . . . . . . . . . . . . . . . . 58 133 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 72 134 13.1. Normative References . . . . . . . . . . . . . . . . . . 72 135 13.2. Informative References . . . . . . . . . . . . . . . . . 73 136 Appendix A. Groups Registration and Lookup . . . . . . . . . . . 76 137 Appendix B. Web links and the Resource Directory . . . . . . . . 78 138 B.1. A simple example . . . . . . . . . . . . . . . . . . . . 78 139 B.1.1. Resolving the URIs . . . . . . . . . . . . . . . . . 79 140 B.1.2. Interpreting attributes and relations . . . . . . . . 79 141 B.2. A slightly more complex example . . . . . . . . . . . . . 79 142 B.3. Enter the Resource Directory . . . . . . . . . . . . . . 80 143 B.4. A note on differences between link-format and Link header 144 fields . . . . . . . . . . . . . . . . . . . . . . . . . 82 145 Appendix C. Limited Link Format . . . . . . . . . . . . . . . . 83 146 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 83 148 1. Introduction 150 In the work on Constrained RESTful Environments (CoRE), a REST 151 architecture suitable for constrained nodes (e.g. with limited RAM 152 and ROM [RFC7228]) and networks (e.g. 6LoWPAN [RFC4944]) has been 153 established and is used in Internet-of-Things (IoT) or machine-to- 154 machine (M2M) applications such as smart energy and building 155 automation. 157 The discovery of resources offered by a constrained server is very 158 important in machine-to-machine applications where there are no 159 humans in the loop and static interfaces result in fragility. The 160 discovery of resources provided by an HTTP Web Server is typically 161 called Web Linking [RFC8288]. The use of Web Linking for the 162 description and discovery of resources hosted by constrained web 163 servers is specified by the CoRE Link Format [RFC6690]. However, 164 [RFC6690] only describes how to discover resources from the web 165 server that hosts them by querying "/.well-known/core". In many 166 constrained scenarios, direct discovery of resources is not practical 167 due to sleeping nodes, or networks where multicast traffic is 168 inefficient. These problems can be solved by employing an entity 169 called a Resource Directory (RD), which contains information about 170 resources held on other servers, allowing lookups to be performed for 171 those resources. 173 This document specifies the web interfaces that an RD supports for 174 web servers to discover the RD and to register, maintain, lookup and 175 remove information on resources. Furthermore, new target attributes 176 useful in conjunction with an RD are defined. Although the examples 177 in this document show the use of these interfaces with CoAP 178 [RFC7252], they can be applied in an equivalent manner to HTTP 179 [RFC7230]. 181 2. Terminology 183 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 184 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 185 "OPTIONAL" in this document are to be interpreted as described in BCP 186 14 [RFC2119] [RFC8174] when, and only when, they appear in all 187 capitals, as shown here. 189 The term "byte" is used in its now customary sense as a synonym for 190 "octet". 192 This specification requires readers to be familiar with all the terms 193 and concepts that are discussed in [RFC3986], [RFC8288] and 194 [RFC6690]. Readers should also be familiar with the terms and 195 concepts discussed in [RFC7252]. To describe the REST interfaces 196 defined in this specification, the URI Template format is used 197 [RFC6570]. 199 This specification makes use of the following additional terminology: 201 resolve against 202 The expression "a URI-reference is _resolved against_ a base URI" 203 is used to describe the process of [RFC3986] Section 5.2. 204 Noteworthy corner cases are that if the URI-reference is a (full) 205 URI and resolved against any base URI, that gives the original 206 full URI, and that resolving an empty URI reference gives the base 207 URI without any fragment identifier. 209 Resource Directory (RD) 210 A web entity that stores information about web resources and 211 implements the REST interfaces defined in this specification for 212 discovery, for the creation, the maintenance and the removal of 213 registrations, and for lookup of the registered resources. 215 Sector 216 In the context of an RD, a sector is a logical grouping of 217 endpoints. 219 The abbreviation "d=" is used for the sector in query parameters 220 for compatibility with deployed implementations. 222 Endpoint 223 Endpoint (EP) is a term used to describe a web server or client in 224 [RFC7252]. In the context of this specification an endpoint is 225 used to describe a web server that registers resources to the RD. 226 An endpoint is identified by its endpoint name, which is included 227 during registration, and has a unique name within the associated 228 sector of the registration. 230 Registration Base URI 231 The Base URI of a Registration is a URI that typically gives 232 scheme and authority information about an Endpoint. The 233 Registration Base URI is provided at registration time, and is 234 used by the RD to resolve relative references of the registration 235 into URIs. 237 Target 238 The target of a link is the destination address (URI) of the link. 239 It is sometimes identified with "href=", or displayed as 240 "". Relative targets need resolving with respect to the 241 Base URI (section 5.2 of [RFC3986]). 243 This use of the term Target is consistent with [RFC8288]'s use of 244 the term. 246 Context 247 The context of a link is the source address (URI) of the link, and 248 describes which resource is linked to the target. A link's 249 context is made explicit in serialized links as the "anchor=" 250 attribute. 252 This use of the term Context is consistent with [RFC8288]'s use of 253 the term. 255 Directory Resource 256 A resource in the RD containing registration resources. 258 Registration Resource 259 A resource in the RD that contains information about an Endpoint 260 and its links. 262 Commissioning Tool 263 Commissioning Tool (CT) is a device that assists during 264 installation events by assigning values to parameters, naming 265 endpoints and groups, or adapting the installation to the needs of 266 the applications. 268 Registrant-ep 269 Registrant-ep is the endpoint that is registered into the RD. The 270 registrant-ep can register itself, or a CT registers the 271 registrant-ep. 273 RDAO 274 Resource Directory Address Option. A new IPv6 Neighbor Discovery 275 option defined for announcing an RD's address. 277 3. Architecture and Use Cases 278 3.1. Principles 280 The RD is primarily a tool to make discovery operations more 281 efficient than querying /.well-known/core on all connected devices, 282 or across boundaries that would limit those operations. 284 It provides information about resources hosted by other devices that 285 could otherwise only be obtained by directly querying the /.well- 286 known/core resource on these other devices, either by a unicast 287 request or a multicast request. 289 Information SHOULD only be stored in the RD if it can be obtained by 290 querying the described device's /.well-known/core resource directly. 292 Data in the RD can only be provided by the device which hosts those 293 data or a dedicated Commissioning Tool (CT). These CTs act on behalf 294 of endpoints too constrained, or generally unable, to present that 295 information themselves. No other client can modify data in the RD. 296 Changes to the information in the RD do not propagate automatically 297 back to the web servers from where the information originated. 299 3.2. Architecture 301 The RD architecture is illustrated in Figure 1. An RD is used as a 302 repository of registrations describing resources hosted on other web 303 servers, also called endpoints (EP). An endpoint is a web server 304 associated with a scheme, IP address and port. A physical node may 305 host one or more endpoints. The RD implements a set of REST 306 interfaces for endpoints to register and maintain RD registrations, 307 and for endpoints to lookup resources from the RD. An RD can be 308 logically segmented by the use of Sectors. 310 A mechanism to discover an RD using CoRE Link Format [RFC6690] is 311 defined. 313 Registrations in the RD are soft state and need to be periodically 314 refreshed. 316 An endpoint uses specific interfaces to register, update and remove a 317 registration. It is also possible for an RD to fetch Web Links from 318 endpoints and add their contents to its registrations. 320 At the first registration of an endpoint, a "registration resource" 321 is created, the location of which is returned to the registering 322 endpoint. The registering endpoint uses this registration resource 323 to manage the contents of registrations. 325 A lookup interface for discovering any of the Web Links stored in the 326 RD is provided using the CoRE Link Format. 328 Registration Lookup 329 Interface Interface 330 +----+ | | 331 | EP |---- | | 332 +----+ ---- | | 333 --|- +------+ | 334 +----+ | ----| | | +--------+ 335 | EP | ---------|-----| RD |----|-----| Client | 336 +----+ | ----| | | +--------+ 337 --|- +------+ | 338 +----+ ---- | | 339 | CT |---- | | 340 +----+ 342 Figure 1: The RD architecture. 344 A Registrant-EP MAY keep concurrent registrations to more than one RD 345 at the same time if explicitly configured to do so, but that is not 346 expected to be supported by typical EP implementations. Any such 347 registrations are independent of each other. The usual expectation 348 when multiple discovery mechanisms or addresses are configured is 349 that they constitute a fall-back path for a single registration. 351 3.3. RD Content Model 353 The Entity-Relationship (ER) models shown in Figure 2 and Figure 3 354 model the contents of /.well-known/core and the RD respectively, with 355 entity-relationship diagrams [ER]. Entities (rectangles) are used 356 for concepts that exist independently. Attributes (ovals) are used 357 for concepts that exist only in connection with a related entity. 358 Relations (diamonds) give a semantic meaning to the relation between 359 entities. Numbers specify the cardinality of the relations. 361 Some of the attribute values are URIs. Those values are always full 362 URIs and never relative references in the information model. They 363 can, however, be expressed as relative references in serializations, 364 and often are. 366 These models provide an abstract view of the information expressed in 367 link-format documents and an RD. They cover the concepts, but not 368 necessarily all details of an RD's operation; they are meant to give 369 an overview, and not be a template for implementations. 371 +----------------------+ 372 | /.well-known/core | 373 +----------------------+ 374 | 375 | 1 376 ////////\\\\\\\ 377 < contains > 378 \\\\\\\\/////// 379 | 380 | 0+ 381 +--------------------+ 382 | link | 383 +--------------------+ 384 | 385 | 1 oooooooo 386 +-----o target o 387 | oooooooo 388 oooooooooooo 0+ | 389 o target o--------+ 390 o attribute o | 0+ oooooo 391 oooooooooooo +-----o rel o 392 | oooooo 393 | 394 | 1 ooooooooo 395 +-----o context o 396 ooooooooo 398 Figure 2: ER Model of the content of /.well-known/core 400 The model shown in Figure 2 models the contents of /.well-known/core 401 which contains: 403 * a set of links belonging to the hosting web server 405 The web server is free to choose links it deems appropriate to be 406 exposed in its "/.well-known/core". Typically, the links describe 407 resources that are served by the host, but the set can also contain 408 links to resources on other servers (see examples in [RFC6690] page 409 14). The set does not necessarily contain links to all resources 410 served by the host. 412 A link has the following attributes (see [RFC8288]): 414 * Zero or more link relations: They describe relations between the 415 link context and the link target. 417 In link-format serialization, they are expressed as space- 418 separated values in the "rel" attribute, and default to "hosts". 420 * A link context URI: It defines the source of the relation, e.g. 421 _who_ "hosts" something. 423 In link-format serialization, it is expressed in the "anchor" 424 attribute. It defaults to that document's URI. 426 * A link target URI: It defines the destination of the relation 427 (e.g. _what_ is hosted), and is the topic of all target 428 attributes. 430 In link-format serialization, it is expressed between angular 431 brackets, and sometimes called the "href". 433 * Other target attributes (e.g. resource type (rt), interface (if), 434 or content format (ct)). These provide additional information 435 about the target URI. 437 +--------------+ 438 + RD + 439 +--------------+ 440 | 1 441 | 442 | 443 | 444 | 445 //////\\\\ 446 < contains > 447 \\\\\///// 448 | 449 0+ | 450 ooooooo 1 +---------------+ 451 o base o-------| registration | 452 ooooooo +---------------+ 453 | | 1 454 | +--------------+ 455 oooooooo 1 | | 456 o href o----+ /////\\\\ 457 oooooooo | < contains > 458 | \\\\\///// 459 oooooooo 1 | | 460 o ep o----+ | 0+ 461 oooooooo | +------------------+ 462 | | link | 463 oooooooo 0-1 | +------------------+ 464 o d o----+ | 465 oooooooo | | 1 oooooooo 466 | +-----o target o 467 oooooooo 1 | | oooooooo 468 o lt o----+ ooooooooooo 0+ | 469 oooooooo | o target o-----+ 470 | o attribute o | 0+ oooooo 471 ooooooooooo 0+ | ooooooooooo +-----o rel o 472 o endpoint o----+ | oooooo 473 o attribute o | 474 ooooooooooo | 1 ooooooooo 475 +----o context o 476 ooooooooo 478 Figure 3: ER Model of the content of the RD 480 The model shown in Figure 3 models the contents of the RD which 481 contains in addition to /.well-known/core: 483 * 0 to n Registrations of endpoints, 484 A registration is associated with one endpoint. A registration 485 defines a set of links as defined for /.well-known/core. A 486 Registration has six types of attributes: 488 * an endpoint name ("ep", a Unicode string) unique within a sector 490 * a Registration Base URI ("base", a URI typically describing the 491 scheme://authority part) 493 * a lifetime ("lt"), 495 * a registration resource location inside the RD ("href"), 497 * optionally a sector ("d", a Unicode string) 499 * optional additional endpoint attributes (from Section 9.3) 501 The cardinality of "base" is currently 1; future documents are 502 invited to extend the RD specification to support multiple values 503 (e.g. [I-D.silverajan-core-coap-protocol-negotiation]). Its value 504 is used as a Base URI when resolving URIs in the links contained in 505 the endpoint. 507 Links are modelled as they are in Figure 2. 509 3.4. Link-local addresses and zone identifiers 511 Registration Base URIs can contain link-local IP addresses. To be 512 usable across hosts, those cannot be serialized to contain zone 513 identifiers (see [RFC6874] Section 1). 515 Link-local addresses can only be used on a single link (therefore RD 516 servers cannot announce them when queried on a different link), and 517 lookup clients using them need to keep track of which interface they 518 got them from. 520 Therefore, it is advisable in many scenarios to use addresses with 521 larger scope if available. 523 3.5. Use Case: Cellular M2M 525 Over the last few years, mobile operators around the world have 526 focused on development of M2M solutions in order to expand the 527 business to the new type of users: machines. The machines are 528 connected directly to a mobile network using an appropriate embedded 529 wireless interface (GSM/GPRS, WCDMA, LTE) or via a gateway providing 530 short and wide range wireless interfaces. The ambition in such 531 systems is to build them from reusable components. These speed up 532 development and deployment, and enable shared use of machines across 533 different applications. One crucial component of such systems is the 534 discovery of resources (and thus the endpoints they are hosted on) 535 capable of providing required information at a given time or acting 536 on instructions from the end users. 538 Imagine a scenario where endpoints installed on vehicles enable 539 tracking of the position of these vehicles for fleet management 540 purposes and allow monitoring of environment parameters. During the 541 boot-up process endpoints register with an RD, which is hosted by the 542 mobile operator or somewhere in the cloud. Periodically, these 543 endpoints update their registration and may modify resources they 544 offer. 546 When endpoints are not always connected, for example because they 547 enter a sleep mode, a remote server is usually used to provide proxy 548 access to the endpoints. Mobile apps or web applications for 549 environment monitoring contact the RD, look up the endpoints capable 550 of providing information about the environment using an appropriate 551 set of link parameters, obtain information on how to contact them 552 (URLs of the proxy server), and then initiate interaction to obtain 553 information that is finally processed, displayed on the screen and 554 usually stored in a database. Similarly, fleet management systems 555 provide the appropriate link parameters to the RD to look up for EPs 556 deployed on the vehicles the application is responsible for. 558 3.6. Use Case: Home and Building Automation 560 Home and commercial building automation systems can benefit from the 561 use of IoT web services. The discovery requirements of these 562 applications are demanding. Home automation usually relies on run- 563 time discovery to commission the system, whereas in building 564 automation a combination of professional commissioning and run-time 565 discovery is used. Both home and building automation involve peer- 566 to-peer interactions between endpoints, and involve battery-powered 567 sleeping devices. Both can use the common RD infrastructure to 568 establish device interactions efficiently, but can pick security 569 policies suitable for their needs. 571 Two phases can be discerned for a network servicing the system: (1) 572 installation and (2) operation. During the operational phase, the 573 network is connected to the Internet with a Border Router (e.g. a 574 6LoWPAN Border Router (6LBR), see {{RFC6775}) and the nodes connected 575 to the network can use the Internet services that are provided by the 576 Internet Provider or the network administrator. During the 577 installation phase, the network is completely stand-alone, no Border 578 Router is connected, and the network only supports the IP 579 communication between the connected nodes. The installation phase is 580 usually followed by the operational phase. As an RD's operations 581 work without hard dependencies on names or addresses, it can be used 582 for discovery across both phases. 584 3.7. Use Case: Link Catalogues 586 Resources may be shared through data brokers that have no knowledge 587 beforehand of who is going to consume the data. An RD can be used to 588 hold links about resources and services hosted anywhere to make them 589 discoverable by a general class of applications. 591 For example, environmental and weather sensors that generate data for 592 public consumption may provide data to an intermediary server, or 593 broker. Sensor data are published to the intermediary upon changes 594 or at regular intervals. Descriptions of the sensors that resolve to 595 links to sensor data may be published to an RD. Applications wishing 596 to consume the data can use RD Lookup to discover and resolve links 597 to the desired resources and endpoints. The RD service need not be 598 coupled with the data intermediary service. Mapping of RDs to data 599 intermediaries may be many-to-many. 601 Metadata in web link formats like [RFC6690] which may be internally 602 stored as triples, or relation/attribute pairs providing metadata 603 about resource links, need to be supported by RDs. External 604 catalogues that are represented in other formats may be converted to 605 common web linking formats for storage and access by RDs. Since it 606 is common practice for these to be encoded in URNs [RFC8141], simple 607 and lossless structural transforms should generally be sufficient to 608 store external metadata in RDs. 610 The additional features of an RD allow sectors to be defined to 611 enable access to a particular set of resources from particular 612 applications. This provides isolation and protection of sensitive 613 data when needed. Application groups with multicast addresses may be 614 defined to support efficient data transport. 616 4. RD discovery and other interface-independent components 618 This and the following sections define the required set of REST 619 interfaces between an RD, endpoints and lookup clients. Although the 620 examples throughout these sections assume the use of CoAP [RFC7252], 621 these REST interfaces can also be realized using HTTP [RFC7230]. The 622 multicast discovery and simple registration operations are exceptions 623 to that, as they rely on mechanisms unavailable in HTTP. In all 624 definitions in these sections, both CoAP response codes (with dot 625 notation) and HTTP response codes (without dot notation) are shown. 626 An RD implementing this specification MUST support the discovery, 627 registration, update, lookup, and removal interfaces. 629 All operations on the contents of the RD MUST be atomic and 630 idempotent. 632 For several operations, interface templates are given in list form; 633 those describe the operation participants, request codes, URIs, 634 content formats and outcomes. Sections of those templates contain 635 normative content about Interaction, Method, URI Template and URI 636 Template Variables as well as the details of the Success condition. 637 The additional sections on options like Content-Format and on Failure 638 codes give typical cases that an implementation of the RD should deal 639 with. Those serve to illustrate the typical responses to readers who 640 are not yet familiar with all the details of CoAP based interfaces; 641 they do not limit what a server may respond under atypical 642 circumstances. 644 REST clients (registrant-EPs and CTs during registration and 645 maintenance, lookup clients, RD servers during simple registrations) 646 must be prepared to receive any unsuccessful code and act upon it 647 according to its definition, options and/or payload to the best of 648 their capabilities, falling back to failing the operation if recovery 649 is not possible. In particular, they SHOULD retry the request upon 650 5.03 (Service Unavailable; 503 in HTTP) according to the Max-Age 651 (Retry-After in HTTP) option, and SHOULD fall back to link-format 652 when receiving 4.15 (Unsupported Content-Format; 415 in HTTP). 654 An RD MAY make the information submitted to it available to further 655 directories (subject to security policies on link confidentiality), 656 if it can ensure that a loop does not form. The protocol used 657 between directories to ensure loop-free operation is outside the 658 scope of this document. 660 4.1. Finding a Resource Directory 662 A (re-)starting device may want to find one or more RDs before it can 663 discover their URIs. Dependent on the operational conditions, one or 664 more of the techniques below apply. 666 The device may be pre-configured to exercise specific mechanisms for 667 finding the RD: 669 1. It may be configured with a specific IP address for the RD. That 670 IP address may also be an anycast address, allowing the network 671 to forward RD requests to an RD that is topologically close; each 672 target network environment in which some of these preconfigured 673 nodes are to be brought up is then configured with a route for 674 this anycast address that leads to an appropriate RD. (Instead 675 of using an anycast address, a multicast address can also be 676 preconfigured. The RD servers then need to configure one of 677 their interfaces with this multicast address.) 679 2. It may be configured with a DNS name for the RD and use DNS to 680 return the IP address of the RD; it can find a DNS server to 681 perform the lookup using the usual mechanisms for finding DNS 682 servers. 684 3. It may be configured to use a service discovery mechanism such as 685 DNS-SD, as outlined in Section 4.1.2. 687 For cases where the device is not specifically configured with a way 688 to find an RD, the network may want to provide a suitable default. 690 1. The IPv6 Neighbor Discovery option RDAO Section 4.1.1 can do 691 that. 693 2. When DHCP is in use, this could be provided via a DHCP option (no 694 such option is defined at the time of writing). 696 Finally, if neither the device nor the network offers any specific 697 configuration, the device may want to employ heuristics to find a 698 suitable RD. 700 The present specification does not fully define these heuristics, but 701 suggests a number of candidates: 703 1. In a 6LoWPAN, just assume the Border Router (6LBR) can act as an 704 RD (using the ABRO option to find that [RFC6775]). Confirmation 705 can be obtained by sending a unicast to "coap://[6LBR]/.well- 706 known/core?rt=core.rd*". 708 2. In a network that supports multicast well, discovering the RD 709 using a multicast query for /.well-known/core as specified in 710 CoRE Link Format [RFC6690]: Sending a Multicast GET to 711 "coap://[MCD1]/.well-known/core?rt=core.rd*". RDs within the 712 multicast scope will answer the query. 714 When answering a multicast request directed at a link-local group, 715 the RD may want to respond from a routable address; this makes it 716 easier for registrants to use one of their own routable addresses for 717 registration. When [RFC6724] is used for source address selection, 718 this can be achieved by applying the changes of its Section 10.4, 719 picking public addresses in its Section 5 Rule 7, and superseding 720 rule 8 with preferring the source address's precedence. 722 As some of the RD addresses obtained by the methods listed here are 723 just (more or less educated) guesses, endpoints MUST make use of any 724 error messages to very strictly rate-limit requests to candidate IP 725 addresses that don't work out. For example, an ICMP Destination 726 Unreachable message (and, in particular, the port unreachable code 727 for this message) may indicate the lack of a CoAP server on the 728 candidate host, or a CoAP error response code such as 4.05 "Method 729 Not Allowed" may indicate unwillingness of a CoAP server to act as a 730 directory server. 732 The following RD discovery mechanisms are recommended: 734 * In managed networks with border routers that need stand-alone 735 operation, the RDAO option is recommended (e.g. operational phase 736 described in Section 3.6). 738 * In managed networks without border router (no Internet services 739 available), the use of a preconfigured anycast address is 740 recommended (e.g. installation phase described in Section 3.6). 742 * In networks managed using DNS-SD, the use of DNS-SD for discovery 743 as described in Section 4.1.2 is recommended. 745 The use of multicast discovery in mesh networks is NOT RECOMMENDED. 747 4.1.1. Resource Directory Address Option (RDAO) 749 The Resource Directory Address Option (RDAO) carries information 750 about the address of the RD in RAs (Router Advertisements) of IPv6 751 Neighbor Discovery (ND), similar to how RDNSS options [RFC8106] are 752 sent. This information is needed when endpoints cannot discover the 753 RD with a link-local or realm-local scope multicast address, for 754 instance because the endpoint and the RD are separated by a Border 755 Router (6LBR). In many circumstances the availability of DHCP cannot 756 be guaranteed either during commissioning of the network. The 757 presence and the use of the RD is essential during commissioning. 759 It is possible to send multiple RDAO options in one message, 760 indicating as many RD addresses. 762 The RDAO format is: 764 0 1 2 3 765 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 766 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 767 | Type | Length = 3 | Reserved | 768 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 769 | Valid Lifetime | 770 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 771 | | 772 + + 773 | | 774 + RD Address + 775 | | 776 + + 777 | | 778 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 780 Fields: 782 Type: TBD38 784 Length: 8-bit unsigned integer. The length of 785 the option in units of 8 bytes. 786 Always 3. 788 Reserved: This field is unused. It MUST be 789 initialized to zero by the sender and 790 MUST be ignored by the receiver. 792 Valid Lifetime: 32-bit unsigned integer. The length of 793 time in seconds (relative to 794 the time the packet is received) that 795 this RD address is valid. 796 A value of all zero bits (0x0) indicates 797 that this RD address 798 is not valid anymore. 800 RD Address: IPv6 address of the RD. 802 Figure 4: Resource Directory Address Option 804 4.1.2. Using DNS-SD to discover a Resource Directory 806 An RD can advertise its presence in DNS-SD [RFC6763] using the 807 service name "_core-rd._udp" (for CoAP), "_core-rd-dtls._udp" (for 808 CoAP over DTLS), "_core-rd._tcp" (for CoAP over TCP) or "_core-rd- 809 tls._tcp" (for CoAP over TLS) defined in this document. (For the 810 WebSocket transports of CoAP, no service is defined as DNS-SD is 811 typically unavailable in environments where CoAP over WebSockets is 812 used). 814 The selection of the service indicates the protocol used, and the SRV 815 record points the client to a host name and port to use as a starting 816 point for the URI discovery steps of Section 4.3. 818 This section is a simplified concrete application of the more generic 819 mechanism specified in [I-D.ietf-core-rd-dns-sd]. 821 4.2. Payload Content Formats 823 RDs implementing this specification MUST support the application/ 824 link-format content format (ct=40). 826 RDs implementing this specification MAY support additional content 827 formats. 829 Any additional content format supported by an RD implementing this 830 specification SHOULD be able to express all the information 831 expressible in link-format. It MAY be able to express information 832 that is inexpressible in link-format, but those expressions SHOULD be 833 avoided where possible. 835 4.3. URI Discovery 837 Before an endpoint can make use of an RD, it must first know the RD's 838 address and port, and the URI path information for its REST APIs. 839 This section defines discovery of the RD and its URIs using the well- 840 known interface of the CoRE Link Format [RFC6690] after having 841 discovered a host as described in Section 4.1. 843 Discovery of the RD registration URI is performed by sending either a 844 multicast or unicast GET request to "/.well-known/core" and including 845 a Resource Type (rt) parameter [RFC6690] with the value "core.rd" in 846 the query string. Likewise, a Resource Type parameter value of 847 "core.rd-lookup*" is used to discover the URIs for RD Lookup 848 operations, core.rd* is used to discover all URIs for RD operations. 849 Upon success, the response will contain a payload with a link format 850 entry for each RD function discovered, indicating the URI of the RD 851 function returned and the corresponding Resource Type. When 852 performing multicast discovery, the multicast IP address used will 853 depend on the scope required and the multicast capabilities of the 854 network (see Section 9.5). 856 An RD MAY provide hints about the content-formats it supports in the 857 links it exposes or registers, using the "ct" target attribute, as 858 shown in the example below. Clients MAY use these hints to select 859 alternate content-formats for interaction with the RD. 861 HTTP does not support multicast and consequently only unicast 862 discovery can be supported at the using the HTTP "/.well-known/core" 863 resource. 865 RDs implementing this specification MUST support query filtering for 866 the rt parameter as defined in [RFC6690]. 868 While the link targets in this discovery step are often expressed in 869 path-absolute form, this is not a requirement. Clients of the RD 870 SHOULD therefore accept URIs of all schemes they support, both as 871 URIs and relative references, and not limit the set of discovered 872 URIs to those hosted at the address used for URI discovery. 874 With security policies where the client requires the RD to be 875 authorized to act as an RD, that authorization may be limited to 876 resources on which the authorized RD advertises the adequate resource 877 types. Clients that have obtained links they can not rely on yet can 878 repeat the URI discovery step at the /.well-known/core resource of 879 the indicated host to obtain the resource type information from an 880 authorized source. 882 The URI Discovery operation can yield multiple URIs of a given 883 resource type. The client of the RD can use any of the discovered 884 addresses initially. 886 The discovery request interface is specified as follows (this is 887 exactly the Well-Known Interface of [RFC6690] Section 4, with the 888 additional requirement that the server MUST support query filtering): 890 Interaction: EP, CT or Client -> RD 892 Method: GET 894 URI Template: /.well-known/core{?rt} 896 URI Template Variables: rt := Resource Type. SHOULD contain one of 897 the values "core.rd", "core.rd-lookup*", "core.rd-lookup-res", 898 "core.rd-lookup-ep", or "core.rd*" 900 Accept: absent, application/link-format or any other media type 901 representing web links 903 The following response is expected on this interface: 905 Success: 2.05 "Content" or 200 "OK" with an application/link-format 906 or other web link payload containing one or more matching entries 907 for the RD resource. 909 The following example shows an endpoint discovering an RD using this 910 interface, thus learning that the directory resource location, in 911 this example, is /rd, and that the content-format delivered by the 912 server hosting the resource is application/link-format (ct=40). Note 913 that it is up to the RD to choose its RD locations. 915 Req: GET coap://[MCD1]/.well-known/core?rt=core.rd* 917 Res: 2.05 Content 918 ;rt="core.rd";ct=40, 919 ;rt="core.rd-lookup-ep";ct=40, 920 ;rt="core.rd-lookup-res";ct=40 922 Figure 5: Example discovery exchange 924 The following example shows the way of indicating that a client may 925 request alternate content-formats. The Content-Format code attribute 926 "ct" MAY include a space-separated sequence of Content-Format codes 927 as specified in Section 7.2.1 of [RFC7252], indicating that multiple 928 content-formats are available. The example below shows the required 929 Content-Format 40 (application/link-format) indicated as well as a 930 CBOR and JSON representation from [I-D.ietf-core-links-json] (which 931 have no numeric values assigned yet, so they are shown as TBD64 and 932 TBD504 as in that draft). The RD resource locations /rd, and /rd- 933 lookup are example values. The server in this example also indicates 934 that it is capable of providing observation on resource lookups. 936 Req: GET coap://[MCD1]/.well-known/core?rt=core.rd* 938 Res: 2.05 Content 939 ;rt="core.rd";ct="40 65225", 940 ;rt="core.rd-lookup-res";ct="40 TBD64 TBD504";obs, 941 ;rt="core.rd-lookup-ep";ct="40 TBD64 TBD504" 943 Figure 6: Example discovery exchange indicating additional 944 content-formats 946 From a management and maintenance perspective, it is necessary to 947 identify the components that constitute the RD server. The 948 identification refers to information about for example client-server 949 incompatibilities, supported features, required updates and other 950 aspects. The URI discovery address, as described in section 4 of 951 [RFC6690] can be used to find the identification. 953 It would typically be stored in an implementation information link 954 (as described in [I-D.bormann-t2trg-rel-impl]): 956 Req: GET /.well-known/core?rel=impl-info 958 Res: 2.05 Content 959 ; 960 rel="impl-info" 962 Figure 7: Example exchange of obtaining implementation 963 information, using the relation type currently proposed in the 964 work-in-progress document 966 Note that depending on the particular server's architecture, such a 967 link could be anchored at the RD server's root, at the discovery site 968 (as in this example) or at individual RD components. The latter is 969 to be expected when different applications are run on the same 970 server. 972 5. Registration 974 After discovering the location of an RD, a registrant-ep or CT MAY 975 register the resources of the registrant-ep using the registration 976 interface. This interface accepts a POST from an endpoint containing 977 the list of resources to be added to the directory as the message 978 payload in the CoRE Link Format [RFC6690] or other representations of 979 web links, along with query parameters indicating the name of the 980 endpoint, and optionally the sector, lifetime and base URI of the 981 registration. It is expected that other specifications will define 982 further parameters (see Section 9.3). The RD then creates a new 983 registration resource in the RD and returns its location. The 984 receiving endpoint MUST use that location when refreshing 985 registrations using this interface. Registration resources in the RD 986 are kept active for the period indicated by the lifetime parameter. 987 The creating endpoint is responsible for refreshing the registration 988 resource within this period using either the registration or update 989 interface. The registration interface MUST be implemented to be 990 idempotent, so that registering twice with the same endpoint 991 parameters ep and d (sector) does not create multiple registration 992 resources. 994 The following rules apply for a registration request targeting a 995 given (ep, d) value pair: 997 * When the (ep, d) value pair of the registration-request is 998 different from any existing registration, a new registration is 999 generated. 1001 * When the (ep, d) value pair of the registration-request is equal 1002 to an existing registration, the content and parameters of the 1003 existing registration are replaced with the content of the 1004 registration request. Like the later changes to registration 1005 resources, security policies (Section 7) usually require such 1006 requests to come from the same device. 1008 The posted link-format document can (and typically does) contain 1009 relative references both in its link targets and in its anchors, or 1010 contain empty anchors. The RD server needs to resolve these 1011 references in order to faithfully represent them in lookups. They 1012 are resolved against the base URI of the registration, which is 1013 provided either explicitly in the "base" parameter or constructed 1014 implicitly from the requester's URI as constructed from its network 1015 address and scheme. 1017 For media types to which Appendix C applies (i.e. documents in 1018 application/link-format), the RD only needs to accept representations 1019 in Limited Link Format as described there. Its behavior with 1020 representations outside that subset is implementation defined. 1022 The registration request interface is specified as follows: 1024 Interaction: EP or CT -> RD 1026 Method: POST 1028 URI Template: {+rd}{?ep,d,lt,base,extra-attrs*} 1030 URI Template Variables: rd := RD registration URI (mandatory). 1031 This is the location of the RD, as obtained from discovery. 1033 ep := Endpoint name (mostly mandatory). 1034 The endpoint name is an identifier that MUST be unique within a 1035 sector. As the endpoint name is a Unicode string, it is 1036 encoded in UTF-8 (and possibly pct-encoded) during variable 1037 expansion (see [RFC6570] Section 3.2.1). The endpoint name 1038 MUST NOT contain any character in the inclusive ranges 0-31 or 1039 127-159. The maximum length of this parameter is 63 UTF-8 1040 encoded bytes. If the RD is configured to recognize the 1041 endpoint to be authorized to use exactly one endpoint name, the 1042 RD assigns that name. In that case, giving the endpoint name 1043 becomes optional for the client; if the client gives any other 1044 endpoint name, it is not authorized to perform the 1045 registration. 1047 d := Sector (optional). The sector to 1048 which this endpoint belongs. When this parameter is not 1049 present, the RD MAY associate the endpoint with a configured 1050 default sector (possibly based on the endpoint's authorization) 1051 or leave it empty. The sector is encoded like the ep 1052 parameter, and is limited to 63 UTF-8 encoded bytes as well. 1054 lt := Lifetime (optional). Lifetime of the 1055 registration in seconds. Range of 1-4294967295. If no 1056 lifetime is included in the initial registration, a default 1057 value of 90000 (25 hours) SHOULD be assumed. 1059 base := Base URI (optional). This 1060 parameter sets the base URI of the registration, under which 1061 the relative links in the payload are to be interpreted. The 1062 specified URI typically does not have a path component of its 1063 own, and MUST be suitable as a base URI to resolve any relative 1064 references given in the registration. The parameter is 1065 therefore usually of the shape "scheme://authority" for HTTP 1066 and CoAP URIs. The URI SHOULD NOT have a query or fragment 1067 component as any non-empty relative part in a reference would 1068 remove those parts from the resulting URI. 1070 In the absence of this parameter the scheme of the protocol, 1071 source address and source port of the registration request are 1072 assumed. The Base URI is consecutively constructed by 1073 concatenating the used protocol's scheme with the characters 1074 "://", the requester's source address as an address literal and 1075 ":" followed by its port (if it was not the protocol's default 1076 one) in analogy to [RFC7252] Section 6.5. 1078 This parameter is mandatory when the directory is filled by a 1079 third party such as an commissioning tool. 1081 If the registrant-ep uses an ephemeral port to register with, 1082 it MUST include the base parameter in the registration to 1083 provide a valid network path. 1085 A registrant that cannot be reached by potential lookup clients 1086 at the address it registers from (e.g. because it is behind 1087 some form of Network Address Translation (NAT)) MUST provide a 1088 reachable base address with its registration. 1090 If the Base URI contains a link-local IP literal, it MUST NOT 1091 contain a Zone Identifier, and MUST be local to the link on 1092 which the registration request is received. 1094 Endpoints that register with a base that contains a path 1095 component cannot meaningfully use [RFC6690] Link Format due to 1096 its prevalence of the Origin concept in relative reference 1097 resolution. Those applications should use different 1098 representations of links to which Appendix C is not applicable 1099 (e.g. [I-D.hartke-t2trg-coral]). 1101 extra-attrs := Additional registration 1102 attributes (optional). The endpoint can pass any parameter 1103 registered at Section 9.3 to the directory. If the RD is aware 1104 of the parameter's specified semantics, it processes it 1105 accordingly. Otherwise, it MUST store the unknown key and its 1106 value(s) as an endpoint attribute for further lookup. 1108 Content-Format: application/link-format or any other indicated media 1109 type representing web links 1111 The following response is expected on this interface: 1113 Success: 2.01 "Created" or 201 "Created". The Location-Path option 1114 or Location header field MUST be included in the response. This 1115 location MUST be a stable identifier generated by the RD as it is 1116 used for all subsequent operations on this registration resource. 1117 The registration resource location thus returned is for the 1118 purpose of updating the lifetime of the registration and for 1119 maintaining the content of the registered links, including 1120 updating and deleting links. 1122 A registration with an already registered ep and d value pair 1123 responds with the same success code and location as the original 1124 registration; the set of links registered with the endpoint is 1125 replaced with the links from the payload. 1127 The location MUST NOT have a query or fragment component, as that 1128 could conflict with query parameters during the Registration 1129 Update operation. Therefore, the Location-Query option MUST NOT 1130 be present in a successful response. 1132 If the registration fails, including request timeouts, or if delays 1133 from Service Unavailable responses with Max-Age or Retry-After 1134 accumulate to exceed the registrant's configured timeouts, it SHOULD 1135 pick another registration URI from the "URI Discovery" step and if 1136 there is only one or the list is exhausted, pick other choices from 1137 the "Finding a Resource Directory" step. Care has to be taken to 1138 consider the freshness of results obtained earlier, e.g. of the 1139 result of a "/.well-known/core" response, the lifetime of an RDAO 1140 option and of DNS responses. Any rate limits and persistent errors 1141 from the "Finding a Resource Directory" step must be considered for 1142 the whole registration time, not only for a single operation. 1144 The following example shows a registrant-ep with the name "node1" 1145 registering two resources to an RD using this interface. The 1146 location "/rd" is an example RD location discovered in a request 1147 similar to Figure 5. 1149 Req: POST coap://rd.example.com/rd?ep=node1 1150 Content-Format: 40 1151 Payload: 1152 ;rt="temperature-c";if="sensor", 1153 ; 1154 anchor="/sensors/temp";rel="describedby" 1156 Res: 2.01 Created 1157 Location-Path: /rd/4521 1159 Figure 8: Example registration payload 1161 An RD may optionally support HTTP. Here is an example of almost the 1162 same registration operation above, when done using HTTP. 1164 Req: 1165 POST /rd?ep=node1&base=http://[2001:db8:1::1] HTTP/1.1 1166 Host: rd.example.com 1167 Content-Type: application/link-format 1169 ;rt="temperature-c";if="sensor", 1170 ; 1171 anchor="/sensors/temp";rel="describedby" 1173 Res: 1174 HTTP/1.1 201 Created 1175 Location: /rd/4521 1177 Figure 9: Example registration payload as expressed using HTTP 1179 5.1. Simple Registration 1181 Not all endpoints hosting resources are expected to know how to 1182 upload links to an RD as described in Section 5. Instead, simple 1183 endpoints can implement the Simple Registration approach described in 1184 this section. An RD implementing this specification MUST implement 1185 Simple Registration. However, there may be security reasons why this 1186 form of directory discovery would be disabled. 1188 This approach requires that the registrant-ep makes available the 1189 hosted resources that it wants to be discovered, as links on its 1190 "/.well-known/core" interface as specified in [RFC6690]. The links 1191 in that document are subject to the same limitations as the payload 1192 of a registration (with respect to Appendix C). 1194 * The registrant-ep finds one or more addresses of the directory 1195 server as described in Section 4.1. 1197 * The registrant-ep sends (and regularly refreshes with) a POST 1198 request to the "/.well-known/rd" URI of the directory server of 1199 choice. The body of the POST request is empty, and triggers the 1200 resource directory server to perform GET requests at the 1201 requesting registrant-ep's /.well-known/core to obtain the link- 1202 format payload to register. 1204 The registrant-ep includes the same registration parameters in the 1205 POST request as it would per Section 5. The registration base URI 1206 of the registration is taken from the registrant-ep's network 1207 address (as is default with regular registrations). 1209 Example request from registrant-EP to RD (unanswered until the 1210 next step): 1212 Req: POST /.well-known/rd?lt=6000&ep=node1 1213 (No payload) 1215 Figure 10: First half example exchange of a simple registration 1217 * The RD queries the registrant-ep's discovery resource to determine 1218 the success of the operation. It SHOULD keep a cache of the 1219 discovery resource and not query it again as long as it is fresh. 1221 Example request from the RD to the registrant-EP: 1223 Req: GET /.well-known/core 1224 Accept: 40 1226 Res: 2.05 Content 1227 Content-Format: 40 1228 Payload: 1229 1231 Figure 11: Example exchange of the RD querying the simple endpoint 1233 With this response, the RD would answer the previous step's request: 1235 Res: 2.04 Changed 1237 Figure 12: Second half example exchange of a simple registration 1239 The sequence of fetching the registration content before sending a 1240 successful response was chosen to make responses reliable, and the 1241 point about caching was chosen to still allow very constrained 1242 registrants. Registrants MUST be able to serve a GET request to 1243 "/.well-known/core" after having requested registration. Constrained 1244 devices MAY regard the initial request as temporarily failed when 1245 they need RAM occupied by their own request to serve the RD's GET, 1246 and retry later when the RD already has a cached representation of 1247 their discovery resources. Then, the RD can reply immediately and 1248 the registrant can receive the response. 1250 The simple registration request interface is specified as follows: 1252 Interaction: EP -> RD 1254 Method: POST 1256 URI Template: /.well-known/rd{?ep,d,lt,extra-attrs*} 1258 URI Template Variables are as they are for registration in Section 5. 1259 The base attribute is not accepted to keep the registration interface 1260 simple; that rules out registration over CoAP-over-TCP or HTTP that 1261 would need to specify one. For some time during this document's 1262 development, the URI template "/.well-known/core{?ep,...}" has been 1263 in use instead. 1265 The following response is expected on this interface: 1267 Success: 2.04 "Changed". 1269 For the second interaction triggered by the above, the registrant-ep 1270 takes the role of server and the RD the role of client. (Note that 1271 this is exactly the Well-Known Interface of [RFC6690] Section 4): 1273 Interaction: RD -> EP 1275 Method: GET 1277 URI Template: /.well-known/core 1279 The following response is expected on this interface: 1281 Success: 2.05 "Content". 1283 When the RD is in a position to successfully execute this second 1284 interaction and other network participants that can reach it are not, 1285 it SHOULD verify that the apparent registrant-ep intends to register 1286 with the given registration parameters before revealing the obtained 1287 discovery information to lookup clients. An easy way to do that is 1288 to verify the simple registration request's sender address using the 1289 Echo option as described in [I-D.ietf-core-echo-request-tag] 1290 Section 2.4. 1292 The RD MUST delete registrations created by simple registration after 1293 the expiration of their lifetime. Additional operations on the 1294 registration resource cannot be executed because no registration 1295 location is returned. 1297 5.2. Third-party registration 1299 For some applications, even Simple Registration may be too taxing for 1300 some very constrained devices, in particular if the security 1301 requirements become too onerous. 1303 In a controlled environment (e.g. building control), the RD can be 1304 filled by a third party device, called a Commissioning Tool (CT). 1305 The commissioning tool can fill the RD from a database or other 1306 means. For that purpose scheme, IP address and port of the URI of 1307 the registered device is the value of the "base" parameter of the 1308 registration described in Section 5. 1310 It should be noted that the value of the "base" parameter applies to 1311 all the links of the registration and has consequences for the anchor 1312 value of the individual links as exemplified in Appendix B. An 1313 eventual (currently non-existing) "base" attribute of the link is not 1314 affected by the value of "base" parameter in the registration. 1316 5.3. Operations on the Registration Resource 1318 This section describes how the registering endpoint can maintain the 1319 registrations that it created. The registering endpoint can be the 1320 registrant-ep or the CT. The registrations are resources of the RD. 1322 An endpoint should not use this interface for registrations that it 1323 did not create. This is usually enforced by security policies, which 1324 in general require equivalent credentials for creation of and 1325 operations on a registration. 1327 After the initial registration, the registering endpoint retains the 1328 returned location of the Registration Resource for further 1329 operations, including refreshing the registration in order to extend 1330 the lifetime and "keep-alive" the registration. When the lifetime of 1331 the registration has expired, the RD SHOULD NOT respond to discovery 1332 queries concerning this endpoint. The RD SHOULD continue to provide 1333 access to the Registration Resource after a registration time-out 1334 occurs in order to enable the registering endpoint to eventually 1335 refresh the registration. The RD MAY eventually remove the 1336 registration resource for the purpose of garbage collection. If the 1337 Registration Resource is removed, the corresponding endpoint will 1338 need to be re-registered. 1340 The Registration Resource may also be used cancel the registration 1341 using DELETE, and to perform further operations beyond the scope of 1342 this specification. 1344 The operations on the Registration Resource are described below. 1346 5.3.1. Registration Update 1348 The update interface is used by the registering endpoint to refresh 1349 or update its registration with an RD. To use the interface, the 1350 registering endpoint sends a POST request to the registration 1351 resource returned by the initial registration operation. 1353 An update MAY update registration parameters like lifetime, base URI 1354 or others. Parameters that are not being changed should not be 1355 included in an update. Adding parameters that have not changed 1356 increases the size of the message but does not have any other 1357 implications. Parameters are included as query parameters in an 1358 update operation as in Section 5. 1360 A registration update resets the timeout of the registration to the 1361 (possibly updated) lifetime of the registration, independent of 1362 whether a "lt" parameter was given. 1364 If the base URI of the registration is changed in an update, relative 1365 references submitted in the original registration or later updates 1366 are resolved anew against the new base. 1368 The registration update operation only describes the use of POST with 1369 an empty payload. Future standards might describe the semantics of 1370 using content formats and payloads with the POST method to update the 1371 links of a registration (see Section 5.3.3). 1373 The update registration request interface is specified as follows: 1375 Interaction: EP or CT -> RD 1377 Method: POST 1379 URI Template: {+location}{?lt,base,extra-attrs*} 1381 URI Template Variables: location := This is the Location returned 1382 by the RD as a result of a successful earlier registration. 1384 lt := Lifetime (optional). Lifetime of the 1385 registration in seconds. Range of 1-4294967295. If no 1386 lifetime is included, the previous last lifetime set on a 1387 previous update or the original registration (falling back to 1388 90000) SHOULD be used. 1390 base := Base URI (optional). This 1391 parameter updates the Base URI established in the original 1392 registration to a new value, and is subject to the same 1393 restrictions as in the registration. If the parameter is set 1394 in an update, it is stored by the RD as the new Base URI under 1395 which to interpret the relative links present in the payload of 1396 the original registration. If the parameter is not set in the 1397 request but was set before, the previous Base URI value is kept 1398 unmodified. If the parameter is not set in the request and was 1399 not set before either, the source address and source port of 1400 the update request are stored as the Base URI. 1402 extra-attrs := Additional registration 1403 attributes (optional). As with the registration, the RD 1404 processes them if it knows their semantics. Otherwise, unknown 1405 attributes are stored as endpoint attributes, overriding any 1406 previously stored endpoint attributes of the same key. 1408 Note that this default behavior does not allow removing an 1409 endpoint attribute in an update. For attributes whose 1410 functionality depends on the endpoints' ability to remove them 1411 in an update, it can make sense to define a value whose 1412 presence is equivalent to the absence of a value. As an 1413 alternative, an extension can define different updating rules 1414 for their attributes. That necessitates either discovery of 1415 whether the RD is aware of that extension, or tolerating the 1416 default behavior. 1418 Content-Format: none (no payload) 1420 The following responses are expected on this interface: 1422 Success: 2.04 "Changed" or 204 "No Content" if the update was 1423 successfully processed. 1425 Failure: 4.04 "Not Found" or 404 "Not Found". Registration does not 1426 exist (e.g. may have been removed). 1428 If the registration update fails in any way, including "Not Found" 1429 and request timeouts, or if the time indicated in a Service 1430 Unavailable Max-Age/Retry-After exceeds the remaining lifetime, the 1431 registering endpoint SHOULD attempt registration again. 1433 The following example shows how the registering endpoint resets the 1434 timeout on its registration resource at an RD using this interface 1435 with the example location value: /rd/4521. 1437 Req: POST /rd/4521 1439 Res: 2.04 Changed 1441 Figure 13: Example update of a registration 1443 The following example shows the registering endpoint updating its 1444 registration resource at an RD using this interface with the example 1445 location value: /rd/4521. The initial registration by the 1446 registering endpoint set the following values: 1448 * endpoint name (ep)=endpoint1 1450 * lifetime (lt)=500 1452 * Base URI (base)=coap://local-proxy-old.example.com:5683 1454 * payload of Figure 8 1456 The initial state of the RD is reflected in the following request: 1458 Req: GET /rd-lookup/res?ep=endpoint1 1460 Res: 2.05 Content 1461 Payload: 1462 ; 1463 rt="temperature-c";if="sensor"; 1464 anchor="coap://local-proxy-old.example.com:5683/", 1465 ; 1466 anchor="coap://local-proxy-old.example.com:5683/sensors/temp"; 1467 rel="describedby" 1469 Figure 14: Example lookup before a change to the base address 1471 The following example shows the registering endpoint changing the 1472 Base URI to "coaps://new.example.com:5684": 1474 Req: POST /rd/4521?base=coaps://new.example.com:5684 1476 Res: 2.04 Changed 1478 Figure 15: Example registration update that changes the base address 1480 The consecutive query returns: 1482 Req: GET /rd-lookup/res?ep=endpoint1 1484 Res: 2.05 Content 1485 Payload: 1486 ; 1487 rt="temperature-c";if="sensor"; 1488 anchor="coap://new.example.com:5684/", 1489 ; 1490 anchor="coap://new.example.com:5684/sensors/temp"; 1491 rel="describedby" 1493 Figure 16: Example lookup after a change to the base address 1495 5.3.2. Registration Removal 1497 Although RD registrations have soft state and will eventually timeout 1498 after their lifetime, the registering endpoint SHOULD explicitly 1499 remove an entry from the RD if it knows it will no longer be 1500 available (for example on shut-down). This is accomplished using a 1501 removal interface on the RD by performing a DELETE on the endpoint 1502 resource. 1504 The removal request interface is specified as follows: 1506 Interaction: EP or CT -> RD 1508 Method: DELETE 1510 URI Template: {+location} 1512 URI Template Variables: location := This is the Location returned 1513 by the RD as a result of a successful earlier registration. 1515 The following responses are expected on this interface: 1517 Success: 2.02 "Deleted" or 204 "No Content" upon successful deletion 1519 Failure: 4.04 "Not Found" or 404 "Not Found". Registration does not 1520 exist (e.g. may already have been removed). 1522 The following examples shows successful removal of the endpoint from 1523 the RD with example location value /rd/4521. 1525 Req: DELETE /rd/4521 1527 Res: 2.02 Deleted 1529 Figure 17: Example of a registration removal 1531 5.3.3. Further operations 1533 Additional operations on the registration can be specified in future 1534 documents, for example: 1536 * Send iPATCH (or PATCH) updates ([RFC8132]) to add, remove or 1537 change the links of a registration. 1539 * Use GET to read the currently stored set of links in a 1540 registration resource. 1542 Those operations are out of scope of this document, and will require 1543 media types suitable for modifying sets of links. 1545 6. RD Lookup 1547 To discover the resources registered with the RD, a lookup interface 1548 must be provided. This lookup interface is defined as a default, and 1549 it is assumed that RDs may also support lookups to return resource 1550 descriptions in alternative formats (e.g. JSON or CBOR link format 1551 [I-D.ietf-core-links-json]) or using more advanced interfaces (e.g. 1552 supporting context or semantic based lookup) on different resources 1553 that are discovered independently. 1555 RD Lookup allows lookups for endpoints and resources using attributes 1556 defined in this document and for use with the CoRE Link Format. The 1557 result of a lookup request is the list of links (if any) 1558 corresponding to the type of lookup. Thus, an endpoint lookup MUST 1559 return a list of endpoints and a resource lookup MUST return a list 1560 of links to resources. 1562 The lookup type is selected by a URI endpoint, which is indicated by 1563 a Resource Type as per Table 1 below: 1565 +=============+====================+===========+ 1566 | Lookup Type | Resource Type | Mandatory | 1567 +=============+====================+===========+ 1568 | Resource | core.rd-lookup-res | Mandatory | 1569 +-------------+--------------------+-----------+ 1570 | Endpoint | core.rd-lookup-ep | Mandatory | 1571 +-------------+--------------------+-----------+ 1573 Table 1: Lookup Types 1575 6.1. Resource lookup 1577 Resource lookup results in links that are semantically equivalent to 1578 the links submitted to the RD by the registrant. The links and link 1579 parameters returned by the lookup are equal to the originally 1580 submitted ones, except that the target and anchor references are 1581 fully resolved. 1583 Links that did not have an anchor attribute are therefore returned 1584 with the base URI of the registration as the anchor. Links of which 1585 href or anchor was submitted as a (full) URI are returned with these 1586 attributes unmodified. 1588 The above rules allow the client to interpret the response as links 1589 without any further knowledge of the storage conventions of the RD. 1590 The RD MAY replace the registration base URIs with a configured 1591 intermediate proxy, e.g. in the case of an HTTP lookup interface for 1592 CoAP endpoints. 1594 If the base URI of a registration contains a link-local address, the 1595 RD MUST NOT show its links unless the lookup was made from the link 1596 on which the registered endpoint can be reached. The RD MUST NOT 1597 include zone identifiers in the resolved URIs. 1599 6.2. Lookup filtering 1601 Using the Accept Option, the requester can control whether the 1602 returned list is returned in CoRE Link Format ("application/link- 1603 format", default) or in alternate content-formats (e.g. from 1604 [I-D.ietf-core-links-json]). 1606 Multiple search criteria MAY be included in a lookup. All included 1607 criteria MUST match for a link to be returned. The RD MUST support 1608 matching with multiple search criteria. 1610 A link matches a search criterion if it has an attribute of the same 1611 name and the same value, allowing for a trailing "*" wildcard 1612 operator as in Section 4.1 of [RFC6690]. Attributes that are defined 1613 as "relation-types" (in the link-format ABNF) match if the search 1614 value matches any of their values (see Section 4.1 of [RFC6690]; e.g. 1615 "?if=tag:example.net,2020:sensor" matches ";if="example.regname 1616 tag:example.net,2020:sensor";"). A resource link also matches a 1617 search criterion if its endpoint would match the criterion, and vice 1618 versa, an endpoint link matches a search criterion if any of its 1619 resource links matches it. 1621 Note that "href" is a valid search criterion and matches target 1622 references. Like all search criteria, on a resource lookup it can 1623 match the target reference of the resource link itself, but also the 1624 registration resource of the endpoint that registered it. Queries 1625 for resource link targets MUST be in URI form (i.e. not relative 1626 references) and are matched against a resolved link target. Queries 1627 for endpoints SHOULD be expressed in path-absolute form if possible 1628 and MUST be expressed in URI form otherwise; the RD SHOULD recognize 1629 either. The "anchor" attribute is usable for resource lookups, and, 1630 if queried, MUST be in URI form as well. 1632 Additional query parameters "page" and "count" are used to obtain 1633 lookup results in specified increments using pagination, where count 1634 specifies how many links to return and page specifies which subset of 1635 links organized in sequential pages, each containing 'count' links, 1636 starting with link zero and page zero. Thus, specifying count of 10 1637 and page of 0 will return the first 10 links in the result set (links 1638 0-9). Count = 10 and page = 1 will return the next 'page' containing 1639 links 10-19, and so on. 1641 Endpoints that are interested in a lookup result repeatedly or 1642 continuously can use mechanisms like ETag caching, resource 1643 observation ([RFC7641]), or any future mechanism that might allow 1644 more efficient observations of collections. These are advertised, 1645 detected and used according to their own specifications and can be 1646 used with the lookup interface as with any other resource. 1648 When resource observation is used, every time the set of matching 1649 links changes, or the content of a matching link changes, the RD 1650 sends a notification with the matching link set. The notification 1651 contains the successful current response to the given request, 1652 especially with respect to representing zero matching links (see 1653 "Success" item below). 1655 The lookup interface is specified as follows: 1657 Interaction: Client -> RD 1659 Method: GET 1661 URI Template: {+type-lookup-location}{?page,count,search*} 1663 URI Template Variables: type-lookup-location := RD Lookup URI for a 1664 given lookup type (mandatory). The address is discovered as 1665 described in Section 4.3. 1667 search := Search criteria for limiting the 1668 number of results (optional). 1670 The search criteria are an associative array, expressed in a 1671 form-style query as per the URI template (see [RFC6570] 1672 Sections 2.4.2 and 3.2.8) 1674 page := Page (optional). Parameter cannot 1675 be used without the count parameter. Results are returned from 1676 result set in pages that contain 'count' links starting from 1677 index (page * count). Page numbering starts with zero. 1679 count := Count (optional). Number of 1680 results is limited to this parameter value. If the page 1681 parameter is also present, the response MUST only include 1682 'count' links starting with the (page * count) link in the 1683 result set from the query. If the count parameter is not 1684 present, then the response MUST return all matching links in 1685 the result set. Link numbering starts with zero. 1687 Accept: absent, application/link-format or any other indicated media 1688 type representing web links 1690 The following responses codes are defined for this interface: 1692 Success: 2.05 "Content" or 200 "OK" with an "application/link- 1693 format" or other web link payload containing matching entries for 1694 the lookup. The payload can contain zero links (which is an empty 1695 payload in [RFC6690] link format, but could also be "[]" in JSON 1696 based formats), indicating that no entities matched the request. 1698 6.3. Resource lookup examples 1700 The examples in this section assume the existence of CoAP hosts with 1701 a default CoAP port 61616. HTTP hosts are possible and do not change 1702 the nature of the examples. 1704 The following example shows a client performing a resource lookup 1705 with the example resource look-up locations discovered in Figure 5: 1707 Req: GET /rd-lookup/res?rt=tag:example.org,2020:temperature 1709 Res: 2.05 Content 1710 ; 1711 rt="tag:example.org,2020:temperature"; 1712 anchor="coap://[2001:db8:3::123]:61616" 1714 Figure 18: Example a resource lookup 1716 A client that wants to be notified of new resources as they show up 1717 can use observation: 1719 Req: GET /rd-lookup/res?rt=tag:example.org,2020:light 1720 Observe: 0 1722 Res: 2.05 Content 1723 Observe: 23 1724 Payload: empty 1726 (at a later point in time) 1728 Res: 2.05 Content 1729 Observe: 24 1730 Payload: 1731 ;rt="tag:example.org,2020:light"; 1732 anchor="coap://[2001:db8:3::124]", 1733 ;rt="tag:example.org,2020:light"; 1734 anchor="coap://[2001:db8:3::124]", 1735 ;rt="tag:example.org,2020:light"; 1736 anchor="coap://[2001:db8:3::124]" 1738 Figure 19: Example an observing resource lookup 1740 The following example shows a client performing a paginated resource 1741 lookup 1743 Req: GET /rd-lookup/res?page=0&count=5 1745 Res: 2.05 Content 1746 ;ct=60; 1747 anchor="coap://[2001:db8:3::123]:61616", 1748 ;ct=60; 1749 anchor="coap://[2001:db8:3::123]:61616", 1750 ;ct=60; 1751 anchor="coap://[2001:db8:3::123]:61616", 1752 ;ct=60; 1753 anchor="coap://[2001:db8:3::123]:61616", 1754 ;ct=60; 1755 anchor="coap://[2001:db8:3::123]:61616" 1757 Req: GET /rd-lookup/res?page=1&count=5 1759 Res: 2.05 Content 1760 ;ct=60; 1761 anchor="coap://[2001:db8:3::123]:61616", 1762 ;ct=60; 1763 anchor="coap://[2001:db8:3::123]:61616", 1764 ;ct=60; 1765 anchor="coap://[2001:db8:3::123]:61616", 1766 ;ct=60; 1767 anchor="coap://[2001:db8:3::123]:61616", 1768 ;ct=60; 1769 anchor="coap://[2001:db8:3::123]:61616" 1771 Figure 20: Examples of paginated resource lookup 1773 The following example shows a client performing a lookup of all 1774 resources of all endpoints of a given endpoint type. It assumes that 1775 two endpoints (with endpoint names "sensor1" and "sensor2") have 1776 previously registered with their respective addresses 1777 "coap://sensor1.example.com" and "coap://sensor2.example.com", and 1778 posted the very payload of the 6th response of section 5 of 1779 [RFC6690]. 1781 It demonstrates how absolute link targets stay unmodified, while 1782 relative ones are resolved: 1784 Req: GET /rd-lookup/res?et=tag:example.com,2020:platform 1786 ;ct=40;title="Sensor Index"; 1787 anchor="coap://sensor1.example.com", 1788 ;rt="temperature-c"; 1789 if="sensor"; anchor="coap://sensor1.example.com", 1790 ;rt="light-lux"; 1791 if="sensor"; anchor="coap://sensor1.example.com", 1792 ;rel="describedby"; 1793 anchor="coap://sensor1.example.com/sensors/temp", 1794 ;rel="alternate"; 1795 anchor="coap://sensor1.example.com/sensors/temp", 1796 ;ct=40;title="Sensor Index"; 1797 anchor="coap://sensor2.example.com", 1798 ;rt="temperature-c"; 1799 if="sensor"; anchor="coap://sensor2.example.com", 1800 ;rt="light-lux"; 1801 if="sensor"; anchor="coap://sensor2.example.com", 1802 ;rel="describedby"; 1803 anchor="coap://sensor2.example.com/sensors/temp", 1804 ;rel="alternate"; 1805 anchor="coap://sensor2.example.com/sensors/temp" 1807 Figure 21: Example of resource lookup from multiple endpoints 1809 6.4. Endpoint lookup 1811 The endpoint lookup returns links to and information about 1812 registration resources, which themselves can only be manipulated by 1813 the registering endpoint. 1815 Endpoint registration resources are annotated with their endpoint 1816 names (ep), sectors (d, if present) and registration base URI (base; 1817 reports the registrant-ep's address if no explicit base was given) as 1818 well as a constant resource type (rt="core.rd-ep"); the lifetime (lt) 1819 is not reported. Additional endpoint attributes are added as target 1820 attributes to their endpoint link unless their specification says 1821 otherwise. 1823 Links to endpoints SHOULD be presented in path-absolute form or, if 1824 required, as (full) URIs. (This avoids the RFC6690 ambiguities.) 1826 Base addresses that contain link-local addresses MUST NOT include 1827 zone identifiers, and such registrations MUST NOT be shown unless the 1828 lookup was made from the same link from which the registration was 1829 made. 1831 While Endpoint Lookup does expose the registration resources, the RD 1832 does not need to make them accessible to clients. Clients SHOULD NOT 1833 attempt to dereference or manipulate them. 1835 An RD can report registrations in lookup whose URI scheme and 1836 authority differ from the lookup resource's. Lookup clients MUST be 1837 prepared to see arbitrary URIs as registration resources in the 1838 results and treat them as opaque identifiers; the precise semantics 1839 of such links are left to future specifications. 1841 The following example shows a client performing an endpoint lookup 1842 limited to endpoints of endpoint type 1843 "tag:example.com,2020:platform": 1845 Req: GET /rd-lookup/ep?et=tag:example.com,2020:platform 1847 Res: 2.05 Content 1848 ;base="coap://[2001:db8:3::127]:61616";ep="node5"; 1849 et="tag:example.com,2020:platform";ct="40";rt="core.rd-ep", 1850 ;base="coap://[2001:db8:3::129]:61616";ep="node7"; 1851 et="tag:example.com,2020:platform";ct="40";d="floor-3"; 1852 rt="core.rd-ep" 1854 Figure 22: Examples of endpoint lookup 1856 7. Security policies 1858 The security policies that are applicable to an RD strongly depend on 1859 the application, and are not set out normatively here. 1861 This section provides a list of aspects that applications should 1862 consider when describing their use of the RD, without claiming to 1863 cover all cases. It is using terminology of 1864 [I-D.ietf-ace-oauth-authz], in which the RD acts as the Resource 1865 Server (RS), and both registrant-eps and lookup clients act as 1866 Clients (C) with support from an Authorization Server (AS), without 1867 the intention of ruling out other (e.g. certificate / public-key 1868 infrastructure (PKI) based) schemes. 1870 Any, all or none of the below can apply to an application. Which are 1871 relevant depends on its protection objectives. 1873 Security policies are set by configuration of the RD, or by choice of 1874 the implementation. Lookup clients (and, where relevant, endpoints) 1875 can only trust an RD to uphold them if it is authenticated, and 1876 authorized to serve as an RD according to the application's 1877 requirements. 1879 7.1. Endpoint name 1881 Whenever an RD needs to provide trustworthy results to clients doing 1882 endpoint lookup, or resource lookup with filtering on the endpoint 1883 name, the RD must ensure that the registrant is authorized to use the 1884 given endpoint name. This applies both to registration and later to 1885 operations on the registration resource. It is immaterial whether 1886 the client is the registrant-ep itself or a CT is doing the 1887 registration: The RD cannot tell the difference, and CTs may use 1888 authorization credentials authorizing only operations on that 1889 particular endpoint name, or a wider range of endpoint names. 1891 It is up to the concrete security policy to describe how endpoint 1892 name and sector are transported when certificates are used. For 1893 example, it may describe how SubjectAltName dNSName entries are 1894 mapped to endpoint and domain names. 1896 7.1.1. Random endpoint names 1898 Conversely, in applications where the RD does not check the endpoint 1899 name, the authorized registering endpoint can generate a random 1900 number (or string) that identifies the endpoint. The RD should then 1901 remember unique properties of the registrant, associate them with the 1902 registration for as long as its registration resource is active 1903 (which may be longer than the registration's lifetime), and require 1904 the same properties for operations on the registration resource. 1906 Registrants that are prepared to pick a different identifier when 1907 their initial attempt (or attempts, in the unlikely case of two 1908 subsequent collisions) at registration is unauthorized should pick an 1909 identifier at least twice as long as the expected number of 1910 registrants; registrants without such a recovery options should pick 1911 significantly longer endpoint names (e.g. using UUID URNs [RFC4122]). 1913 7.2. Entered resources 1915 When lookup clients expect that certain types of links can only 1916 originate from certain endpoints, then the RD needs to apply 1917 filtering to the links an endpoint may register. 1919 For example, if clients use an RD to find a server that provides 1920 firmware updates, then any registrant that wants to register (or 1921 update) links to firmware sources will need to provide suitable 1922 credentials to do so, independently of its endpoint name. 1924 Note that the impact of having undesirable links in the RD depends on 1925 the application: if the client requires the firmware server to 1926 present credentials as a firmware server, a fraudulent link's impact 1927 is limited to the client revealing its intention to obtain updates 1928 and slowing down the client until it finds a legitimate firmware 1929 server; if the client accepts any credentials from the server as long 1930 as they fit the provided URI, the impact is larger. 1932 An RD may also require that links are only registered if the 1933 registrant is authorized to publish information about the anchor (or 1934 even target) of the link. One way to do this is to demand that the 1935 registrant present the same credentials as a client that they'd need 1936 to present if contacted as a server at the resources' URI, which may 1937 include using the address and port that are part of the URI. Such a 1938 restriction places severe practical limitations on the links that can 1939 be registered. 1941 As above, the impact of undesirable links depends on the extent to 1942 which the lookup client relies on the RD. To avoid the limitations, 1943 RD applications should consider prescribing that lookup clients only 1944 use the discovered information as hints, and describe which pieces of 1945 information need to be verified because they impact the application's 1946 security. A straightforward way to verify such information is to 1947 request it again from an authorized server, typically the one that 1948 hosts the target resource. That similar to what happens in 1949 Section 4.3 when the URI discovery step is repeated. 1951 7.3. Link confidentiality 1953 When registrants publish information in the RD that is not available 1954 to any client that would query the registrant's /.well-known/core 1955 interface, or when lookups to that interface are subject so stricter 1956 firewalling than lookups to the RD, the RD may need to limit which 1957 lookup clients may access the information. 1959 In this case, the endpoint (and not the lookup clients) needs to be 1960 careful to check the RD's authorization. 1962 7.4. Segmentation 1964 Within a single RD, different security policies can apply. 1966 One example of this are multi-tenant deployments separated by the 1967 sector (d) parameter. Some sectors might apply limitations on the 1968 endpoint names available, while others use a random identifier 1969 approach to endpoint names and place limits on the entered links 1970 based on their attributes instead. 1972 Care must be taken in such setups to determine the applicable access 1973 control measures to each operation. One easy way to do that is to 1974 mandate the use of the sector parameter on all operations, as no 1975 credentials are suitable for operations across sector borders anyway. 1977 7.5. First-Come-First-Remembered: A default policy 1979 The First-Come-First-Remembered policy is provided both as a 1980 reference example for a security policy definition, and as a policy 1981 that implementations may choose to use as default policy in absence 1982 of other configuration. It is designed to enable efficient discovery 1983 operations even in ad-hoc settings. 1985 Under this policy, the RD accepts registrations for any endpoint name 1986 that is not assigned to an active registration resource, and only 1987 accepts registration updates from the same endpoint. The policy is 1988 minimal in that towards lookup clients it does not make any of the 1989 claims of Section 7.2 and Section 7.3, and its claims on Section 7.1 1990 are limited to the lifetime of that endpoint's registration. It 1991 does, however, guarantee towards any endpoint that for the duration 1992 of its registration, its links will be discoverable on the RD. 1994 When a registration or operation is attempted, the RD MUST determine 1995 the client's subject name or public key: 1997 * If the client's credentials indicate any subject name that is 1998 certified by any authority which the RD recognizes (which may be 1999 the system's trust anchor store), all those subject names are 2000 stored. With CWT or JWT based credentials (as common with ACE), 2001 the Subject (sub) claim is stored as a single name, if it exists. 2002 With X.509 certificates, the Common Name (CN) and the complete 2003 list of SubjectAltName entries are stored. In both cases, the 2004 authority that certified the claim is stored along with the 2005 subject, as the latter may only be locally unique. 2007 * Otherwise, if the client proves possession of a private key, the 2008 matching public key is stored. This applies both to raw public 2009 keys and to the public keys indicated in certificates that failed 2010 the above authority check. 2012 * If neither is present, a reference to the security session itself 2013 is stored. With (D)TLS, that is the connection itself, or the 2014 session resumption information if available. With OSCORE, that is 2015 the security context. 2017 As part of the registration operation, that information is stored 2018 along with the registration resource. 2020 The RD MUST accept all registrations whose registration resource is 2021 not already active, as long as they are made using a security layer 2022 supported by the RD. 2024 Any operation on a registration resource, including registrations 2025 that lead to an existing registration resource, MUST be rejected by 2026 the RD unless all the stored information is found in the new 2027 request's credentials. 2029 Note that even though subject names are compared in this policy, they 2030 are never directly compared to endpoint names, and an endpoint can 2031 not expect to "own" any particular endpoint name outside of an active 2032 registration - even if a certificate says so. It is an accepted 2033 shortcoming of this approach that the endpoint has no indication of 2034 whether the RD remembers it by its subject name or public key; 2035 recognition by subject happens on a best-effort base (given the RD 2036 may not recognize any authority). Clients MUST be prepared to pick a 2037 different endpoint name when rejected by the RD initially or after a 2038 change in their credentials; picking an endpoint name as per 2039 Section 7.1.1 is an easy option for that. 2041 For this policy to be usable without configuration, clients should 2042 not set a sector name in their registrations. An RD can set a 2043 default sector name for registrations accepted under this policy, 2044 which is useful especially in a segmented setup where different 2045 policies apply to different sectors. The configuration of such a 2046 behavior, as well as any other configuration applicable to such an RD 2047 (i.e. the set of recognized authorities) is out of scope for this 2048 document. 2050 8. Security Considerations 2052 The security considerations as described in Section 5 of [RFC8288] 2053 and Section 6 of [RFC6690] apply. The "/.well-known/core" resource 2054 may be protected e.g. using DTLS when hosted on a CoAP server as 2055 described in [RFC7252]. 2057 Access that is limited or affects sensitive data SHOULD be protected, 2058 e.g. using (D)TLS or OSCORE ([RFC8613]; which aspects of the RD this 2059 affects depends on the security policies of the application (see 2060 Section 7). 2062 8.1. Discovery 2064 Most steps in discovery of the RD, and possibly its resources, are 2065 not covered by CoAP's security mechanisms. This will not endanger 2066 the security properties of the registrations and lookup itself (where 2067 the client requires authorization of the RD if it expects any 2068 security properties of the operation), but may leak the client's 2069 intention to third parties, and allow them to slow down the process. 2071 To mitigate that, clients can retain the RD's address, use secure 2072 discovery options like configured addresses, and send queries for RDs 2073 in a very general form ("?rt=core.rd*" rather than "?rt=core.rd- 2074 lookup-ep"). 2076 8.2. Endpoint Identification and Authentication 2078 An Endpoint (name, sector) pair is unique within the set of endpoints 2079 registered by the RD. An Endpoint MUST NOT be identified by its 2080 protocol, port or IP address as these may change over the lifetime of 2081 an Endpoint. 2083 Every operation performed by an Endpoint on an RD SHOULD be mutually 2084 authenticated using Pre-Shared Key, Raw Public Key or Certificate 2085 based security. 2087 Consider the following threat: two devices A and B are registered at 2088 a single server. Both devices have unique, per-device credentials 2089 for use with DTLS to make sure that only parties with authorization 2090 to access A or B can do so. 2092 Now, imagine that a malicious device A wants to sabotage the device 2093 B. It uses its credentials during the DTLS exchange. Then, it 2094 specifies the endpoint name of device B as the name of its own 2095 endpoint in device A. If the server does not check whether the 2096 identifier provided in the DTLS handshake matches the identifier used 2097 at the CoAP layer then it may be inclined to use the endpoint name 2098 for looking up what information to provision to the malicious device. 2100 Endpoint authorization needs to be checked on registration and 2101 registration resource operations independently of whether there are 2102 configured requirements on the credentials for a given endpoint name 2103 (and sector; Section 7.1) or whether arbitrary names are accepted 2104 (Section 7.1.1). 2106 Simple registration could be used to circumvent address-based access 2107 control: An attacker would send a simple registration request with 2108 the victim's address as source address, and later look up the 2109 victim's /.well-known/core content in the RD. Mitigation for this is 2110 recommended in Section 5.1. 2112 The Registration Resource path is visible to any client that is 2113 allowed endpoint lookup, and can be extracted by resource lookup 2114 clients as well. The same goes for registration attributes that are 2115 shown as target attributes or lookup attributes. The RD needs to 2116 consider this in the choice of Registration Resource paths, and 2117 administrators or endpoint in their choice of attributes. 2119 8.3. Access Control 2121 Access control SHOULD be performed separately for the RD registration 2122 and Lookup API paths, as different endpoints may be authorized to 2123 register with an RD from those authorized to lookup endpoints from 2124 the RD. Such access control SHOULD be performed in as fine-grained a 2125 level as possible. For example access control for lookups could be 2126 performed either at the sector, endpoint or resource level. 2128 The precise access controls necessary (and the consequences of 2129 failure to enforce them) depend on the protection objectives of the 2130 application and the security policies (Section 7) derived from them. 2132 8.4. Denial of Service Attacks 2134 Services that run over UDP unprotected are vulnerable to unknowingly 2135 amplify and distribute a DoS attack as UDP does not require return 2136 routability check. Since RD lookup responses can be significantly 2137 larger than requests, RDs are prone to this. 2139 [RFC7252] describes this at length in its Section 11.3, including 2140 some mitigation by using small block sizes in responses. The 2141 upcoming [I-D.ietf-core-echo-request-tag] updates that by describing 2142 a source address verification mechanism using the Echo option. 2144 [ If this document is published together with or after I-D.ietf-core- 2145 echo-request-tag, the above paragraph is replaced with the following: 2147 [RFC7252] describes this at length in its Section 11.3, and 2148 [I-D.ietf-core-echo-request-tag] (which updates the former) 2149 recommends using the Echo option to verify the request's source 2150 address. 2152 ] 2154 9. IANA Considerations 2156 9.1. Resource Types 2158 IANA is asked to enter the following values into the Resource Type 2159 (rt=) Link Target Attribute Values sub-registry of the Constrained 2160 Restful Environments (CoRE) Parameters registry defined in [RFC6690]: 2162 +====================+=============================+=============+ 2163 | Value | Description | Reference | 2164 +====================+=============================+=============+ 2165 | core.rd | Directory resource of an RD | RFCTHIS | 2166 | | | Section 4.3 | 2167 +--------------------+-----------------------------+-------------+ 2168 | core.rd-lookup-res | Resource lookup of an RD | RFCTHIS | 2169 | | | Section 4.3 | 2170 +--------------------+-----------------------------+-------------+ 2171 | core.rd-lookup-ep | Endpoint lookup of an RD | RFCTHIS | 2172 | | | Section 4.3 | 2173 +--------------------+-----------------------------+-------------+ 2174 | core.rd-ep | Endpoint resource of an RD | RFCTHIS | 2175 | | | Section 6 | 2176 +--------------------+-----------------------------+-------------+ 2178 Table 2 2180 9.2. IPv6 ND Resource Directory Address Option 2182 This document registers one new ND option type under the sub-registry 2183 "IPv6 Neighbor Discovery Option Formats" of the "Internet Control 2184 Message Protocol version 6 (ICMPv6) Parameters" registry: 2186 * Resource Directory Address Option (TBD38) 2188 [ The RFC editor is asked to replace TBD38 with the assigned number 2189 in the document; the value 38 is suggested. ] 2191 9.3. RD Parameter Registry 2193 This specification defines a new sub-registry for registration and 2194 lookup parameters called "RD Parameters" under "CoRE Parameters". 2195 Although this specification defines a basic set of parameters, it is 2196 expected that other standards that make use of this interface will 2197 define new ones. 2199 Each entry in the registry must include 2201 * the human readable name of the parameter, 2202 * the short name as used in query parameters or target attributes, 2204 * indication of whether it can be passed as a query parameter at 2205 registration of endpoints, as a query parameter in lookups, or be 2206 expressed as a target attribute, 2208 * syntax and validity requirements if any, 2210 * a description, 2212 * and a link to reference documentation. 2214 The query parameter MUST be both a valid URI query key [RFC3986] and 2215 a token as used in [RFC8288]. 2217 The description must give details on whether the parameter can be 2218 updated, and how it is to be processed in lookups. 2220 The mechanisms around new RD parameters should be designed in such a 2221 way that they tolerate RD implementations that are unaware of the 2222 parameter and expose any parameter passed at registration or updates 2223 on in endpoint lookups. (For example, if a parameter used at 2224 registration were to be confidential, the registering endpoint should 2225 be instructed to only set that parameter if the RD advertises support 2226 for keeping it confidential at the discovery step.) 2228 Initial entries in this sub-registry are as follows: 2230 +==============+=======+==============+=====+=====================+ 2231 | Full name | Short | Validity | Use | Description | 2232 +==============+=======+==============+=====+=====================+ 2233 | Endpoint | ep | Unicode* | RLA | Name of the | 2234 | Name | | | | endpoint | 2235 +--------------+-------+--------------+-----+---------------------+ 2236 | Lifetime | lt | 1-4294967295 | R | Lifetime of the | 2237 | | | | | registration in | 2238 | | | | | seconds | 2239 +--------------+-------+--------------+-----+---------------------+ 2240 | Sector | d | Unicode* | RLA | Sector to which | 2241 | | | | | this endpoint | 2242 | | | | | belongs | 2243 +--------------+-------+--------------+-----+---------------------+ 2244 | Registration | base | URI | RLA | The scheme, address | 2245 | Base URI | | | | and port and path | 2246 | | | | | at which this | 2247 | | | | | server is available | 2248 +--------------+-------+--------------+-----+---------------------+ 2249 | Page | page | Integer | L | Used for pagination | 2250 +--------------+-------+--------------+-----+---------------------+ 2251 | Count | count | Integer | L | Used for pagination | 2252 +--------------+-------+--------------+-----+---------------------+ 2253 | Endpoint | et | Section | RLA | Semantic type of | 2254 | Type | | 9.3.1 | | the endpoint (see | 2255 | | | | | Section 9.4) | 2256 +--------------+-------+--------------+-----+---------------------+ 2258 Table 3: RD Parameters 2260 (Short: Short name used in query parameters or target attributes. 2261 Validity: Unicode* = 63 Bytes of UTF-8 encoded Unicode, with no 2262 control characters as per Section 5. Use: R = used at registration, 2263 L = used at lookup, A = expressed in target attribute.) 2265 The descriptions for the options defined in this document are only 2266 summarized here. To which registrations they apply and when they are 2267 to be shown is described in the respective sections of this document. 2268 All their reference documentation entries point to this document. 2270 The IANA policy for future additions to the sub-registry is "Expert 2271 Review" as described in [RFC8126]. The evaluation should consider 2272 formal criteria, duplication of functionality (Is the new entry 2273 redundant with an existing one?), topical suitability (E.g. is the 2274 described property actually a property of the endpoint and not a 2275 property of a particular resource, in which case it should go into 2276 the payload of the registration and need not be registered?), and the 2277 potential for conflict with commonly used target attributes (For 2278 example, "if" could be used as a parameter for conditional 2279 registration if it were not to be used in lookup or attributes, but 2280 would make a bad parameter for lookup, because a resource lookup with 2281 an "if" query parameter could ambiguously filter by the registered 2282 endpoint property or the [RFC6690] target attribute). 2284 9.3.1. Full description of the "Endpoint Type" RD Parameter 2286 An endpoint registering at an RD can describe itself with endpoint 2287 types, similar to how resources are described with Resource Types in 2288 [RFC6690]. An endpoint type is expressed as a string, which can be 2289 either a URI or one of the values defined in the Endpoint Type sub- 2290 registry. Endpoint types can be passed in the "et" query parameter 2291 as part of extra-attrs at the Registration step, are shown on 2292 endpoint lookups using the "et" target attribute, and can be filtered 2293 for using "et" as a search criterion in resource and endpoint lookup. 2294 Multiple endpoint types are given as separate query parameters or 2295 link attributes. 2297 Note that Endpoint Type differs from Resource Type in that it uses 2298 multiple attributes rather than space separated values. As a result, 2299 RDs implementing this specification automatically support correct 2300 filtering in the lookup interfaces from the rules for unknown 2301 endpoint attributes. 2303 9.4. "Endpoint Type" (et=) RD Parameter values 2305 This specification establishes a new sub-registry under "CoRE 2306 Parameters" called '"Endpoint Type" (et=) RD Parameter values'. The 2307 registry properties (required policy, requirements, template) are 2308 identical to those of the Resource Type parameters in [RFC6690], in 2309 short: 2311 The review policy is IETF Review for values starting with "core", and 2312 Specification Required for others. 2314 The requirements to be enforced are: 2316 * The values MUST be related to the purpose described in 2317 Section 9.3.1. 2319 * The registered values MUST conform to the ABNF reg-rel-type 2320 definition of [RFC6690] and MUST NOT be a URI. 2322 * It is recommended to use the period "." character for 2323 segmentation. 2325 The registry initially contains one value: 2327 * "core.rd-group": An application group as described in Appendix A. 2329 9.5. Multicast Address Registration 2331 IANA is asked to assign the following multicast addresses for use by 2332 CoAP nodes: 2334 IPv4 - "all CoRE Resource Directories" address MCD2 (suggestion: 2335 224.0.1.189), from the "IPv4 Multicast Address Space Registry". As 2336 the address is used for discovery that may span beyond a single 2337 network, it has come from the Internetwork Control Block (224.0.1.x) 2338 [RFC5771]. 2340 IPv6 - "all CoRE Resource Directories" address MCD1 (suggestions 2341 FF0X::FE), from the "IPv6 Multicast Address Space Registry", in the 2342 "Variable Scope Multicast Addresses" space (RFC 3307). Note that 2343 there is a distinct multicast address for each scope that interested 2344 CoAP nodes should listen to; CoAP needs the Link-Local and Site-Local 2345 scopes only. 2347 [ The RFC editor is asked to replace MCD1 and MCD2 with the assigned 2348 addresses throughout the document. ] 2350 9.6. Well-Known URIs 2352 IANA is asked to permanently register the URI suffix "rd" in the 2353 "Well-Known URIs" registry. The change controller is the IETF, this 2354 document is the reference. 2356 9.7. Service Names and Transport Protocol Port Number Registry 2358 IANA is asked to enter four new items into the Service Names and 2359 Transport Protocol Port Number Registry: 2361 * Service name: "core-rd", Protocol: "udp", Description: "Resource 2362 Directory accessed using CoAP" 2364 * Service name "core-rd-dtls", Protocol: "udp", Description: 2365 "Resource Directory accessed using CoAP over DTLS" 2367 * Service name: "core-rd", Protocol: "tcp", Description: "Resource 2368 Directory accessed using CoAP over TCP" 2370 * Service name "core-rd-tls", Protocol: "tcp", Description: 2371 "Resource Directory accessed using CoAP over TLS" 2373 All in common have this document as their reference. 2375 10. Examples 2377 Two examples are presented: a Lighting Installation example in 2378 Section 10.1 and a LwM2M example in Section 10.2. 2380 10.1. Lighting Installation 2382 This example shows a simplified lighting installation which makes use 2383 of the RD with a CoAP interface to facilitate the installation and 2384 start-up of the application code in the lights and sensors. In 2385 particular, the example leads to the definition of a group and the 2386 enabling of the corresponding multicast address as described in 2387 Appendix A. No conclusions must be drawn on the realization of 2388 actual installation or naming procedures, because the example only 2389 "emphasizes" some of the issues that may influence the use of the RD 2390 and does not pretend to be normative. 2392 10.1.1. Installation Characteristics 2394 The example assumes that the installation is managed. That means 2395 that a Commissioning Tool (CT) is used to authorize the addition of 2396 nodes, name them, and name their services. The CT can be connected 2397 to the installation in many ways: the CT can be part of the 2398 installation network, connected by WiFi to the installation network, 2399 or connected via GPRS link, or other method. 2401 It is assumed that there are two naming authorities for the 2402 installation: (1) the network manager that is responsible for the 2403 correct operation of the network and the connected interfaces, and 2404 (2) the lighting manager that is responsible for the correct 2405 functioning of networked lights and sensors. The result is the 2406 existence of two naming schemes coming from the two managing 2407 entities. 2409 The example installation consists of one presence sensor, and two 2410 luminaries, luminary1 and luminary2, each with their own wireless 2411 interface. Each luminary contains three lamps: left, right and 2412 middle. Each luminary is accessible through one endpoint. For each 2413 lamp a resource exists to modify the settings of a lamp in a 2414 luminary. The purpose of the installation is that the presence 2415 sensor notifies the presence of persons to a group of lamps. The 2416 group of lamps consists of: middle and left lamps of luminary1 and 2417 right lamp of luminary2. 2419 Before commissioning by the lighting manager, the network is 2420 installed and access to the interfaces is proven to work by the 2421 network manager. 2423 At the moment of installation, the network under installation is not 2424 necessarily connected to the DNS infrastructure. Therefore, SLAAC 2425 IPv6 addresses are assigned to CT, RD, luminaries and the sensor. 2426 The addresses shown in Table 4 below stand in for these in the 2427 following examples. 2429 +=================+================+ 2430 | Name | IPv6 address | 2431 +=================+================+ 2432 | luminary1 | 2001:db8:4::1 | 2433 +-----------------+----------------+ 2434 | luminary2 | 2001:db8:4::2 | 2435 +-----------------+----------------+ 2436 | Presence sensor | 2001:db8:4::3 | 2437 +-----------------+----------------+ 2438 | RD | 2001:db8:4::ff | 2439 +-----------------+----------------+ 2441 Table 4: Addresses used in the 2442 examples 2444 In Section 10.1.2 the use of RD during installation is presented. 2446 10.1.2. RD entries 2448 It is assumed that access to the DNS infrastructure is not always 2449 possible during installation. Therefore, the SLAAC addresses are 2450 used in this section. 2452 For discovery, the resource types (rt) of the devices are important. 2453 The lamps in the luminaries have rt=tag:example.com,2020:light, and 2454 the presence sensor has rt=tag:example.com,2020:p-sensor. The 2455 endpoints have names which are relevant to the light installation 2456 manager. In this case luminary1, luminary2, and the presence sensor 2457 are located in room 2-4-015, where luminary1 is located at the window 2458 and luminary2 and the presence sensor are located at the door. The 2459 endpoint names reflect this physical location. The middle, left and 2460 right lamps are accessed via path /light/middle, /light/left, and 2461 /light/right respectively. The identifiers relevant to the RD are 2462 shown in Table 5 below: 2464 +=========+================+========+===============================+ 2465 |Name |endpoint |resource| resource type | 2466 | | |path | | 2467 +=========+================+========+===============================+ 2468 |luminary1|lm_R2-4-015_wndw|/light/ | tag:example.com,2020:light | 2469 | | |left | | 2470 +---------+----------------+--------+-------------------------------+ 2471 |luminary1|lm_R2-4-015_wndw|/light/ | tag:example.com,2020:light | 2472 | | |middle | | 2473 +---------+----------------+--------+-------------------------------+ 2474 |luminary1|lm_R2-4-015_wndw|/light/ | tag:example.com,2020:light | 2475 | | |right | | 2476 +---------+----------------+--------+-------------------------------+ 2477 |luminary2|lm_R2-4-015_door|/light/ | tag:example.com,2020:light | 2478 | | |left | | 2479 +---------+----------------+--------+-------------------------------+ 2480 |luminary2|lm_R2-4-015_door|/light/ | tag:example.com,2020:light | 2481 | | |middle | | 2482 +---------+----------------+--------+-------------------------------+ 2483 |luminary2|lm_R2-4-015_door|/light/ | tag:example.com,2020:light | 2484 | | |right | | 2485 +---------+----------------+--------+-------------------------------+ 2486 |Presence |ps_R2-4-015_door|/ps | tag:example.com,2020:p-sensor | 2487 |sensor | | | | 2488 +---------+----------------+--------+-------------------------------+ 2490 Table 5: RD identifiers 2492 It is assumed that the CT has performed RD discovery and has received 2493 a response like the one in the Section 4.3 example. 2495 The CT inserts the endpoints of the luminaries and the sensor in the 2496 RD using the registration base URI parameter (base) to specify the 2497 interface address: 2499 Req: POST coap://[2001:db8:4::ff]/rd 2500 ?ep=lm_R2-4-015_wndw&base=coap://[2001:db8:4::1]&d=R2-4-015 2501 Payload: 2502 ;rt="tag:example.com,2020:light", 2503 ;rt="tag:example.com,2020:light", 2504 ;rt="tag:example.com,2020:light" 2506 Res: 2.01 Created 2507 Location-Path: /rd/4521 2509 Req: POST coap://[2001:db8:4::ff]/rd 2510 ?ep=lm_R2-4-015_door&base=coap://[2001:db8:4::2]&d=R2-4-015 2511 Payload: 2512 ;rt="tag:example.com,2020:light", 2513 ;rt="tag:example.com,2020:light", 2514 ;rt="tag:example.com,2020:light" 2516 Res: 2.01 Created 2517 Location-Path: /rd/4522 2519 Req: POST coap://[2001:db8:4::ff]/rd 2520 ?ep=ps_R2-4-015_door&base=coap://[2001:db8:4::3]&d=R2-4-015 2521 Payload: 2522 ;rt="tag:example.com,2020:p-sensor" 2524 Res: 2.01 Created 2525 Location-Path: /rd/4523 2527 Figure 23: Example of registrations a CT enters into an RD 2529 The sector name d=R2-4-015 has been added for an efficient lookup 2530 because filtering on "ep" name is more awkward. The same sector name 2531 is communicated to the two luminaries and the presence sensor by the 2532 CT. 2534 The group is specified in the RD. The base parameter is set to the 2535 site-local multicast address allocated to the group. In the POST in 2536 the example below, the resources supported by all group members are 2537 published. 2539 Req: POST coap://[2001:db8:4::ff]/rd 2540 ?ep=grp_R2-4-015&et=core.rd-group&base=coap://[ff05::1] 2541 Payload: 2542 ;rt="tag:example.com,2020:light", 2543 ;rt="tag:example.com,2020:light", 2544 ;rt="tag:example.com,2020:light" 2546 Res: 2.01 Created 2547 Location-Path: /rd/501 2549 Figure 24: Example of a multicast group a CT enters into an RD 2551 After the filling of the RD by the CT, the application in the 2552 luminaries can learn to which groups they belong, and enable their 2553 interface for the multicast address. 2555 The luminary, knowing its sector and being configured to join any 2556 group containing lights, searches for candidate groups and joins 2557 them: 2559 Req: GET coap://[2001:db8:4::ff]/rd-lookup/ep 2560 ?d=R2-4-015&et=core.rd-group&rt=light 2562 Res: 2.05 Content 2563 ;ep="grp_R2-4-015";et="core.rd-group"; 2564 base="coap://[ff05::1]";rt="core.rd-ep" 2566 Figure 25: Example of a lookup exchange to find suitable 2567 multicast addresses 2569 From the returned base parameter value, the luminary learns the 2570 multicast address of the multicast group. 2572 The presence sensor can learn the presence of groups that support 2573 resources with rt=tag:example.com,2020:light in its own sector by 2574 sending the same request, as used by the luminary. The presence 2575 sensor learns the multicast address to use for sending messages to 2576 the luminaries. 2578 10.2. OMA Lightweight M2M (LwM2M) 2580 OMA LwM2M is a profile for device services based on CoAP, providing 2581 interfaces and operations for device management and device service 2582 enablement. 2584 An LwM2M server is an instance of an LwM2M middleware service layer, 2585 containing an RD ([LwM2M] page 36f). 2587 That RD only implements the registration interface, and no lookup is 2588 implemented. Instead, the LwM2M server provides access to the 2589 registered resources, in a similar way to a reverse proxy. 2591 The location of the LwM2M Server and RD URI path is provided by the 2592 LwM2M Bootstrap process, so no dynamic discovery of the RD is used. 2593 LwM2M Servers and endpoints are not required to implement the /.well- 2594 known/core resource. 2596 11. Acknowledgments 2598 Oscar Novo, Srdjan Krco, Szymon Sasin, Kerry Lynn, Esko Dijk, Anders 2599 Brandt, Matthieu Vial, Jim Schaad, Mohit Sethi, Hauke Petersen, 2600 Hannes Tschofenig, Sampo Ukkola, Linyi Tian, Jan Newmarch, Matthias 2601 Kovatsch, Jaime Jimenez and Ted Lemon have provided helpful comments, 2602 discussions and ideas to improve and shape this document. Zach would 2603 also like to thank his colleagues from the EU FP7 SENSEI project, 2604 where many of the RD concepts were originally developed. 2606 12. Changelog 2608 changes from -25 to -26 2610 * Security policies: 2612 - The First-Come-First-Remembered policy is added as an example 2613 and a potential default behavior. 2615 - Clarify that the mapping between endpoint names and subject 2616 fields is up to a policy that defines reliance on names, and 2617 give an example. 2619 - Random EP names: Point that multiple collisions are possible 2620 but unlikely. 2622 - Add pointers to policies: 2624 o RD replication: Point out that policies may limit that. 2626 o Registration: Reword (ep, d) mapping to a previous 2627 registration's resource that could have been read as another 2628 endpoint taking over an existing registration. 2630 - Clarify that the security policy is a property of the RD the 2631 any client may need to verify by checking the RD's 2632 authorization. 2634 - Clarify how information from an untrusted RD can be verified 2635 - Remove speculation about how in detail ACE scopes are obtained. 2637 * Security considerations: 2639 - Generalize to all current options for security layers usable 2640 with CoAP (OSCORE was missing as the text predated RFC8613) 2642 - Relax the previous SHOULD on secure access to SHOULD where 2643 protection is indicated by security policies (bringing the text 2644 in line with the -25 changes) 2646 - Point out that failure to follow the security considerations 2647 has implications depending on the protection objective 2648 described with the security policies 2650 - Shorten amplification mitigation 2652 - Add note about information in Registration Resource path. 2654 - Acknowledge that most host discovery operations are not 2655 secured; mention consequences and mitigation. 2657 * Abstract, introduction: removed "or disperse networks" 2659 * RD discovery: 2661 - Drop the previously stated assumption that RDAO and any DHCP 2662 options would only be used together with SLAAC and DHCP for 2663 address configuration, respectivly. 2665 - Give concrete guidance for address selection based on RFC6724 2666 when responding to multicasts 2668 - RDAO: 2670 o Clarify that it is an option for RAs and not other ND 2671 messages. 2673 o Change Lifetime from 16-bit minutes to 32-bit seconds and 2674 swap it with Reserved (aligning it with RDNSS which it 2675 shares other properties as well). 2677 - Point out that clients may need to check RD authorization 2678 already in last discovery step 2680 * Registration: 2682 - Wording around "mostly mandatory" has been improved, conflicts 2683 clarified and sector default selection adjusted. 2685 * Simple registration: Rather than coopting POSTs to /.well-known/ 2686 core, a new resource /.well-known/rd is registered. A historical 2687 note in the text documents the change. 2689 * Examples: 2691 - Use example URIs rather than unclear reg names (unless it's 2692 RFC6690 examples, which were kept for continuity) 2694 - The LwM2M example was reduced from an outdated explanation of 2695 the complete LwM2M model to a summary of how RD is used in 2696 there, with a reference to the current specification. 2698 - Luminary example: Explain example addresses 2700 - Luminary example: Drop reference to coap-group mechanism that's 2701 becoming obsolete, and thus also to RFC7390 2703 - Multicast addresses in the examples were changed from 2704 ff35:30:2001:db8::x to ff35:30:2001:db8:f1::8000:x; the 8000 is 2705 to follow RFC 3307, and the f1 is for consistency with all the 2706 other example addresses where 2001:db8::/32 is subnetted to 2707 2001:db8:x::/48 by groups of internally consistent examples. 2709 * Use case text enhancements 2711 - Home and building automation: Tie in with RD 2713 - M2M: Move system design paragraph towards the topic of 2714 reusability. 2716 * Various editorial fixes in response to Gen-ART and IESG reviews. 2718 * Rename 'Full description of the "Endpoint Type" Registration 2719 Parameter' section to '... RD Parameter' 2721 * Error handling: Place a SHOULD around the likely cases, and make 2722 the previous "MUST to the best of their capabilities" a "must". 2724 * impl-info: Add note about the type being WIP 2726 * Interaction tables: list CTs as possible initiators where 2727 applicable 2729 * Registration update: Relax requirement to not send parameters 2730 needlessly 2732 * Terminology: Clarify that the CTs' installation events can occur 2733 multiple times. 2735 * Promote RFCs 7252, 7230 and 8288 to normative references 2737 * Moved Christian Amsuess to first author 2739 changes from -24 to -25 2741 * Large rework of section 7 (Security policies) 2743 Rather than prescribing which data in the RD _is_ authenticated 2744 (and how), it now describes what applications built on an RD _can_ 2745 choose to authenticate, show possibilities on how to do it and 2746 outline what it means for clients. 2748 This addresses Russ' Genart review points on details in the text 2749 in a rather broad fashion. That is because the discussion on the 2750 topic inside the WG showed that that text on security has been 2751 driven more review-by-review than by an architectural plan of the 2752 authors and WG. 2754 * Add concrete suggestions (twice as long as registrant number with 2755 retries, or UUIDs without) for random endpoint names 2757 * Point out that simple registration can have faked origins, 2758 RECOMMEND mitigation when applicable and suggest the Echo 2759 mechanism to implement it. 2761 * Reference existing and upcoming specifications for DDOS mitigation 2762 in CoAP. 2764 * Explain the provenance of the example's multicast address. 2766 * Make "SHOULD" of not manipulating foreign registrations a "should" 2767 and explain how it is enforced 2769 * Clarify application of RFC6570 to search parameters 2771 * Syntactic fixes in examples 2773 * IANA: 2775 - Don't announce expected number of registrations (goes to write- 2776 up) 2778 - Include syntax as part of a field's validity in entry 2779 requirements 2781 * Editorial changes 2783 - Align wording between abstract and introduction 2785 - Abbreviation normalization: "ER model", "RD" 2787 - RFC8174 boilerplate update 2789 - Minor clarity fixes 2791 - Markup and layouting 2793 changes from -23 to -24 2795 * Discovery using DNS-SD added again 2797 * Minimum lifetime (lt) reduced from 60 to 1 2799 * References added 2801 * IANA considerations 2803 - added about .well-known/core resource 2805 - added DNS-SD service names 2807 - made RDAO option number a suggestion 2809 - added "reference" field to endpoint type registry 2811 * Lookup: mention that anchor is a legitimate lookup attribute 2813 * Terminology and example fixes 2815 * Layout fixes, esp. the use of non-ASCII characters in figures 2817 changes from -22 to -23 2819 * Explain that updates can not remove attributes 2821 * Typo fixes 2823 changes from -21 to -22 2824 * Request a dedicated IPv4 address from IANA (rather than sharing 2825 with All CoAP nodes) 2827 * Fix erroneous examples 2829 * Editorial changes 2831 - Add figure numbers to examples 2833 - Update RD parameters table to reflect changes of earlier 2834 versions in the text 2836 - Typos and minor wording 2838 changes from -20 to -21 2840 (Processing comments during WGLC) 2842 * Defer outdated description of using DNS-SD to find an RD to the 2843 defining document 2845 * Describe operational conditions in automation example 2847 * Recommend particular discovery mechanisms for some managed network 2848 scenarios 2850 changes from -19 to -20 2852 (Processing comments from the WG chair review) 2854 * Define the permissible characters in endpoint and sector names 2856 * Express requirements on NAT situations in more abstract terms 2858 * Shifted heading levels to have the interfaces on the same level 2860 * Group instructions for error handling into general section 2862 * Simple Registration: process reflowed into items list 2864 * Updated introduction to reflect state of CoRE in general, 2865 reference RFC7228 (defining "constrained") and use "IoT" term in 2866 addition to "M2M" 2868 * Update acknowledgements 2870 * Assorted editorial changes 2871 - Unify examples style 2873 - Terminology: RDAO defined and not only expanded 2875 - Add CT to Figure 1 2877 - Consistency in the use of the term "Content Format" 2879 changes from -18 to -19 2881 * link-local addresses: allow but prescribe split-horizon fashion 2882 when used, disallow zone identifiers 2884 * Remove informative references to documents not mentioned any more 2886 changes from -17 to -18 2888 * Rather than re-specifying link format (Modernized Link Format), 2889 describe a Limited Link Format that's the uncontested subset of 2890 Link Format 2892 * Acknowledging the -17 version as part of the draft 2894 * Move "Read endpoint links" operation to future specification like 2895 PATCH 2897 * Demote links-json to an informative reference, and removed them 2898 from exchange examples 2900 * Add note on unusability of link-local IP addresses, and describe 2901 mitigation. 2903 * Reshuffling of sections: Move additional operations and endpoint 2904 lookup back from appendix, and groups into one 2906 * Lookup interface tightened to not imply applicability for non 2907 link-format lookups (as those can have vastly different views on 2908 link cardinality) 2910 * Simple registration: Change sequence of GET and POST-response, 2911 ensuring unsuccessful registrations are reported as such, and 2912 suggest how devices that would have required the inverse behavior 2913 can still cope with it. 2915 * Abstract and introduction reworded to avoid the impression that 2916 resources are stored in full in the RD 2918 * Simplify the rules governing when a registration resource can or 2919 must be changed. 2921 * Drop a figure that has become useless due to the changes of and 2922 -13 and -17 2924 * Wording consistency fixes: Use "Registrations" and "target 2925 attributes" 2927 * Fix incorrect use of content negotiation in discovery interface 2928 description (Content-Format -> Accept) 2930 * State that the base attribute value is part of endpoint lookup 2931 even when implicit in the registration 2933 * Update references from RFC5988 to its update RFC8288 2935 * Remove appendix on protocol-negotiation (which had a note to be 2936 removed before publication) 2938 changes from -16 to -17 2940 (Note that -17 is published as a direct follow-up to -16, containing 2941 a single change to be discussed at IETF103) 2943 * Removed groups that are enumerations of registrations and have 2944 dedicated mechanism 2946 * Add groups that are enumerations of shared resources and are a 2947 special case of endpoint registrations 2949 changes from -15 to -16 2951 * Recommend a common set of resources for members of a group 2953 * Clarified use of multicast group in lighting example 2955 * Add note on concurrent registrations from one EP being possible 2956 but not expected 2958 * Refresh web examples appendix to reflect current use of Modernized 2959 Link Format 2961 * Add examples of URIs where Modernized Link Format matters 2963 * Editorial changes 2965 changes from -14 to -15 2966 * Rewrite of section "Security policies" 2968 * Clarify that the "base" parameter text applies both to relative 2969 references both in anchor and href 2971 * Renamed "Registree-EP" to Registrant-EP" 2973 * Talk of "relative references" and "URIs" rather than "relative" 2974 and "absolute" URIs. (The concept of "absolute URIs" of [RFC3986] 2975 is not needed in RD). 2977 * Fixed examples 2979 * Editorial changes 2981 changes from -13 to -14 2983 * Rename "registration context" to "registration base URI" (and 2984 "con" to "base") and "domain" to "sector" (where the abbreviation 2985 "d" stays for compatibility reasons) 2987 * Introduced resource types core.rd-ep and core.rd-gp 2989 * Registration management moved to appendix A, including endpoint 2990 and group lookup 2992 * Minor editorial changes 2994 - PATCH/iPATCH is clearly deferred to another document 2996 - Recommend against query / fragment identifier in con= 2998 - Interface description lists are described as illustrative 3000 - Rewording of Simple Registration 3002 * Simple registration carries no error information and succeeds 3003 immediately (previously, sequence was unspecified) 3005 * Lookup: href are matched against resolved values (previously, this 3006 was unspecified) 3008 * Lookup: lt are not exposed any more 3010 * con/base: Paths are allowed 3012 * Registration resource locations can not have query or fragment 3013 parts 3015 * Default life time extended to 25 hours 3017 * clarified registration update rules 3019 * lt-value semantics for lookup clarified. 3021 * added template for simple registration 3023 changes from -12 to -13 3025 * Added "all resource directory" nodes MC address 3027 * Clarified observation behavior 3029 * version identification 3031 * example rt= and et= values 3033 * domain from figure 2 3035 * more explanatory text 3037 * endpoints of a groups hosted by different RD 3039 * resolve RFC6690-vs-8288 resolution ambiguities: 3041 - require registered links not to be relative when using anchor 3043 - return absolute URIs in resource lookup 3045 changes from -11 to -12 3047 * added Content Model section, including ER diagram 3049 * removed domain lookup interface; domains are now plain attributes 3050 of groups and endpoints 3052 * updated chapter "Finding a Resource Directory"; now distinguishes 3053 configuration-provided, network-provided and heuristic sources 3055 * improved text on: atomicity, idempotency, lookup with multiple 3056 parameters, endpoint removal, simple registration 3058 * updated LWM2M description 3060 * clarified where relative references are resolved, and how context 3061 and anchor interact 3063 * new appendix on the interaction with RFCs 6690, 5988 and 3986 3065 * lookup interface: group and endpoint lookup return group and 3066 registration resources as link targets 3068 * lookup interface: search parameters work the same across all 3069 entities 3071 * removed all methods that modify links in an existing registration 3072 (POST with payload, PATCH and iPATCH) 3074 * removed plurality definition (was only needed for link 3075 modification) 3077 * enhanced IANA registry text 3079 * state that lookup resources can be observable 3081 * More examples and improved text 3083 changes from -09 to -10 3085 * removed "ins" and "exp" link-format extensions. 3087 * removed all text concerning DNS-SD. 3089 * removed inconsistency in RDAO text. 3091 * suggestions taken over from various sources 3093 * replaced "Function Set" with "REST API", "base URI", "base path" 3095 * moved simple registration to registration section 3097 changes from -08 to -09 3099 * clarified the "example use" of the base RD resource values /rd, 3100 /rd-lookup, and /rd-group. 3102 * changed "ins" ABNF notation. 3104 * various editorial improvements, including in examples 3106 * clarifications for RDAO 3108 changes from -07 to -08 3109 * removed link target value returned from domain and group lookup 3110 types 3112 * Maximum length of domain parameter 63 bytes for consistency with 3113 group 3115 * removed option for simple POST of link data, don't require a 3116 .well-known/core resource to accept POST data and handle it in a 3117 special way; we already have /rd for that 3119 * add IPv6 ND Option for discovery of an RD 3121 * clarify group configuration section 6.1 that endpoints must be 3122 registered before including them in a group 3124 * removed all superfluous client-server diagrams 3126 * simplified lighting example 3128 * introduced Commissioning Tool 3130 * RD-Look-up text is extended. 3132 changes from -06 to -07 3134 * added text in the discovery section to allow content format hints 3135 to be exposed in the discovery link attributes 3137 * editorial updates to section 9 3139 * update author information 3141 * minor text corrections 3143 Changes from -05 to -06 3145 * added note that the PATCH section is contingent on the progress of 3146 the PATCH method 3148 changes from -04 to -05 3150 * added Update Endpoint Links using PATCH 3152 * http access made explicit in interface specification 3154 * Added http examples 3156 Changes from -03 to -04: 3158 * Added http response codes 3160 * Clarified endpoint name usage 3162 * Add application/link-format+cbor content-format 3164 Changes from -02 to -03: 3166 * Added an example for lighting and DNS integration 3168 * Added an example for RD use in OMA LWM2M 3170 * Added Read Links operation for link inspection by endpoints 3172 * Expanded DNS-SD section 3174 * Added draft authors Peter van der Stok and Michael Koster 3176 Changes from -01 to -02: 3178 * Added a catalogue use case. 3180 * Changed the registration update to a POST with optional link 3181 format payload. Removed the endpoint type update from the update. 3183 * Additional examples section added for more complex use cases. 3185 * New DNS-SD mapping section. 3187 * Added text on endpoint identification and authentication. 3189 * Error code 4.04 added to Registration Update and Delete requests. 3191 * Made 63 bytes a SHOULD rather than a MUST for endpoint name and 3192 resource type parameters. 3194 Changes from -00 to -01: 3196 * Removed the ETag validation feature. 3198 * Place holder for the DNS-SD mapping section. 3200 * Explicitly disabled GET or POST on returned Location. 3202 * New registry for RD parameters. 3204 * Added support for the JSON Link Format. 3206 * Added reference to the Groupcomm WG draft. 3208 Changes from -05 to WG Document -00: 3210 * Updated the version and date. 3212 Changes from -04 to -05: 3214 * Restricted Update to parameter updates. 3216 * Added pagination support for the Lookup interface. 3218 * Minor editing, bug fixes and reference updates. 3220 * Added group support. 3222 * Changed rt to et for the registration and update interface. 3224 Changes from -03 to -04: 3226 * Added the ins= parameter back for the DNS-SD mapping. 3228 * Integrated the Simple Directory Discovery from Carsten. 3230 * Editorial improvements. 3232 * Fixed the use of ETags. 3234 * Fixed tickets 383 and 372 3236 Changes from -02 to -03: 3238 * Changed the endpoint name back to a single registration parameter 3239 ep= and removed the h= and ins= parameters. 3241 * Updated REST interface descriptions to use RFC6570 URI Template 3242 format. 3244 * Introduced an improved RD Lookup design as its own function set. 3246 * Improved the security considerations section. 3248 * Made the POST registration interface idempotent by requiring the 3249 ep= parameter to be present. 3251 Changes from -01 to -02: 3253 * Added a terminology section. 3255 * Changed the inclusion of an ETag in registration or update to a 3256 MAY. 3258 * Added the concept of an RD Domain and a registration parameter for 3259 it. 3261 * Recommended the Location returned from a registration to be 3262 stable, allowing for endpoint and Domain information to be changed 3263 during updates. 3265 * Changed the lookup interface to accept endpoint and Domain as 3266 query string parameters to control the scope of a lookup. 3268 13. References 3270 13.1. Normative References 3272 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 3273 Requirement Levels", BCP 14, RFC 2119, 3274 DOI 10.17487/RFC2119, March 1997, 3275 . 3277 [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform 3278 Resource Identifier (URI): Generic Syntax", STD 66, 3279 RFC 3986, DOI 10.17487/RFC3986, January 2005, 3280 . 3282 [RFC6570] Gregorio, J., Fielding, R., Hadley, M., Nottingham, M., 3283 and D. Orchard, "URI Template", RFC 6570, 3284 DOI 10.17487/RFC6570, March 2012, 3285 . 3287 [RFC6690] Shelby, Z., "Constrained RESTful Environments (CoRE) Link 3288 Format", RFC 6690, DOI 10.17487/RFC6690, August 2012, 3289 . 3291 [RFC6763] Cheshire, S. and M. Krochmal, "DNS-Based Service 3292 Discovery", RFC 6763, DOI 10.17487/RFC6763, February 2013, 3293 . 3295 [RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer 3296 Protocol (HTTP/1.1): Message Syntax and Routing", 3297 RFC 7230, DOI 10.17487/RFC7230, June 2014, 3298 . 3300 [RFC7252] Shelby, Z., Hartke, K., and C. Bormann, "The Constrained 3301 Application Protocol (CoAP)", RFC 7252, 3302 DOI 10.17487/RFC7252, June 2014, 3303 . 3305 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 3306 Writing an IANA Considerations Section in RFCs", BCP 26, 3307 RFC 8126, DOI 10.17487/RFC8126, June 2017, 3308 . 3310 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 3311 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 3312 May 2017, . 3314 [RFC8288] Nottingham, M., "Web Linking", RFC 8288, 3315 DOI 10.17487/RFC8288, October 2017, 3316 . 3318 13.2. Informative References 3320 [ER] Chen, P., "The entity-relationship model--toward a unified 3321 view of data", DOI 10.1145/320434.320440, ACM Transactions 3322 on Database Systems Vol. 1, pp. 9-36, March 1976, 3323 . 3325 [I-D.bormann-t2trg-rel-impl] 3326 Bormann, C., "impl-info: A link relation type for 3327 disclosing implementation information", Work in Progress, 3328 Internet-Draft, draft-bormann-t2trg-rel-impl-02, 27 3329 September 2020, . 3332 [I-D.hartke-t2trg-coral] 3333 Hartke, K., "The Constrained RESTful Application Language 3334 (CoRAL)", Work in Progress, Internet-Draft, draft-hartke- 3335 t2trg-coral-09, 8 July 2019, . 3338 [I-D.ietf-ace-oauth-authz] 3339 Seitz, L., Selander, G., Wahlstroem, E., Erdtman, S., and 3340 H. Tschofenig, "Authentication and Authorization for 3341 Constrained Environments (ACE) using the OAuth 2.0 3342 Framework (ACE-OAuth)", Work in Progress, Internet-Draft, 3343 draft-ietf-ace-oauth-authz-35, 24 June 2020, 3344 . 3347 [I-D.ietf-core-echo-request-tag] 3348 Amsuess, C., Mattsson, J., and G. Selander, "CoAP: Echo, 3349 Request-Tag, and Token Processing", Work in Progress, 3350 Internet-Draft, draft-ietf-core-echo-request-tag-10, 13 3351 July 2020, . 3354 [I-D.ietf-core-links-json] 3355 Li, K., Rahman, A., and C. Bormann, "Representing 3356 Constrained RESTful Environments (CoRE) Link Format in 3357 JSON and CBOR", Work in Progress, Internet-Draft, draft- 3358 ietf-core-links-json-10, 26 February 2018, 3359 . 3362 [I-D.ietf-core-rd-dns-sd] 3363 Stok, P., Koster, M., and C. Amsuess, "CoRE Resource 3364 Directory: DNS-SD mapping", Work in Progress, Internet- 3365 Draft, draft-ietf-core-rd-dns-sd-05, 7 July 2019, 3366 . 3369 [I-D.silverajan-core-coap-protocol-negotiation] 3370 Silverajan, B. and M. Ocak, "CoAP Protocol Negotiation", 3371 Work in Progress, Internet-Draft, draft-silverajan-core- 3372 coap-protocol-negotiation-09, 2 July 2018, 3373 . 3376 [LwM2M] Open Mobile Alliance, "Lightweight Machine to Machine 3377 Technical Specification: Transport Bindings (Candidate 3378 Version 1.1)", 12 June 2018, 3379 . 3383 [RFC3306] Haberman, B. and D. Thaler, "Unicast-Prefix-based IPv6 3384 Multicast Addresses", RFC 3306, DOI 10.17487/RFC3306, 3385 August 2002, . 3387 [RFC3849] Huston, G., Lord, A., and P. Smith, "IPv6 Address Prefix 3388 Reserved for Documentation", RFC 3849, 3389 DOI 10.17487/RFC3849, July 2004, 3390 . 3392 [RFC4122] Leach, P., Mealling, M., and R. Salz, "A Universally 3393 Unique IDentifier (UUID) URN Namespace", RFC 4122, 3394 DOI 10.17487/RFC4122, July 2005, 3395 . 3397 [RFC4944] Montenegro, G., Kushalnagar, N., Hui, J., and D. Culler, 3398 "Transmission of IPv6 Packets over IEEE 802.15.4 3399 Networks", RFC 4944, DOI 10.17487/RFC4944, September 2007, 3400 . 3402 [RFC5771] Cotton, M., Vegoda, L., and D. Meyer, "IANA Guidelines for 3403 IPv4 Multicast Address Assignments", BCP 51, RFC 5771, 3404 DOI 10.17487/RFC5771, March 2010, 3405 . 3407 [RFC6724] Thaler, D., Ed., Draves, R., Matsumoto, A., and T. Chown, 3408 "Default Address Selection for Internet Protocol Version 6 3409 (IPv6)", RFC 6724, DOI 10.17487/RFC6724, September 2012, 3410 . 3412 [RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C. 3413 Bormann, "Neighbor Discovery Optimization for IPv6 over 3414 Low-Power Wireless Personal Area Networks (6LoWPANs)", 3415 RFC 6775, DOI 10.17487/RFC6775, November 2012, 3416 . 3418 [RFC6874] Carpenter, B., Cheshire, S., and R. Hinden, "Representing 3419 IPv6 Zone Identifiers in Address Literals and Uniform 3420 Resource Identifiers", RFC 6874, DOI 10.17487/RFC6874, 3421 February 2013, . 3423 [RFC7228] Bormann, C., Ersue, M., and A. Keranen, "Terminology for 3424 Constrained-Node Networks", RFC 7228, 3425 DOI 10.17487/RFC7228, May 2014, 3426 . 3428 [RFC7641] Hartke, K., "Observing Resources in the Constrained 3429 Application Protocol (CoAP)", RFC 7641, 3430 DOI 10.17487/RFC7641, September 2015, 3431 . 3433 [RFC8106] Jeong, J., Park, S., Beloeil, L., and S. Madanapalli, 3434 "IPv6 Router Advertisement Options for DNS Configuration", 3435 RFC 8106, DOI 10.17487/RFC8106, March 2017, 3436 . 3438 [RFC8132] van der Stok, P., Bormann, C., and A. Sehgal, "PATCH and 3439 FETCH Methods for the Constrained Application Protocol 3440 (CoAP)", RFC 8132, DOI 10.17487/RFC8132, April 2017, 3441 . 3443 [RFC8141] Saint-Andre, P. and J. Klensin, "Uniform Resource Names 3444 (URNs)", RFC 8141, DOI 10.17487/RFC8141, April 2017, 3445 . 3447 [RFC8613] Selander, G., Mattsson, J., Palombini, F., and L. Seitz, 3448 "Object Security for Constrained RESTful Environments 3449 (OSCORE)", RFC 8613, DOI 10.17487/RFC8613, July 2019, 3450 . 3452 Appendix A. Groups Registration and Lookup 3454 The RD-Groups usage pattern allows announcing application groups 3455 inside an RD. 3457 Groups are represented by endpoint registrations. Their base address 3458 is a multicast address, and they SHOULD be entered with the endpoint 3459 type "core.rd-group". The endpoint name can also be referred to as a 3460 group name in this context. 3462 The registration is inserted into the RD by a Commissioning Tool, 3463 which might also be known as a group manager here. It performs third 3464 party registration and registration updates. 3466 The links it registers SHOULD be available on all members that join 3467 the group. Depending on the application, members that lack some 3468 resource MAY be permissible if requests to them fail gracefully. 3470 The following example shows a CT registering a group with the name 3471 "lights" which provides two resources. The directory resource path 3472 /rd is an example RD location discovered in a request similar to 3473 Figure 5. The group address in the example is constructed from 3474 [RFC3849]'s reserved 2001:db8:: prefix as a unicast-prefix based 3475 site-local address (see [RFC3306]. 3477 Req: POST coap://rd.example.com/rd?ep=lights&et=core.rd-group 3478 &base=coap://[ff35:30:2001:db8:f1::8000:1] 3479 Content-Format: 40 3480 Payload: 3481 ;rt="tag:example.com,2020:light"; 3482 if="tag:example.net,2020:actuator", 3483 ;if="tag:example.net,2020:parameter";u="K" 3485 Res: 2.01 Created 3486 Location-Path: /rd/12 3488 Figure 26: Example registration of a group 3490 In this example, the group manager can easily permit devices that 3491 have no writable color-temperature to join, as they would still 3492 respond to brightness changing commands. Had the group instead 3493 contained a single resource that sets brightness and color 3494 temperature atomically, endpoints would need to support both 3495 properties. 3497 The resources of a group can be looked up like any other resource, 3498 and the group registrations (along with any additional registration 3499 parameters) can be looked up using the endpoint lookup interface. 3501 The following example shows a client performing an endpoint lookup 3502 for all groups. 3504 Req: GET /rd-lookup/ep?et=core.rd-group 3506 Res: 2.05 Content 3507 Payload: 3508 ;ep="grp_R2-4-015";et="core.rd-group"; 3509 base="coap://[ff05::1]", 3510 ;ep=lights&et=core.rd-group; 3511 base="coap://[ff35:30:2001:f1:db8::8000:1]";rt="core.rd-ep" 3513 Figure 27: Example lookup of groups 3515 The following example shows a client performing a lookup of all 3516 resources of all endpoints (groups) with et=core.rd-group. 3518 Req: GET /rd-lookup/res?et=core.rd-group 3520 ; 3521 rt="tag:example.com,2020:light"; 3522 if="tag:example.net,2020:actuator"; 3523 anchor="coap://[ff35:30:2001:db8:f1::8000:1]", 3524 ; 3525 if="tag:example.net,2020:parameter";u="K"; 3526 anchor="coap://[ff35:30:2001:db8:f1::8000:1]" 3528 Figure 28: Example lookup of resources inside groups 3530 Appendix B. Web links and the Resource Directory 3532 Understanding the semantics of a link-format document and its URI 3533 references is a journey through different documents ([RFC3986] 3534 defining URIs, [RFC6690] defining link-format documents based on 3535 [RFC8288] which defines Link header fields, and [RFC7252] providing 3536 the transport). This appendix summarizes the mechanisms and 3537 semantics at play from an entry in "/.well-known/core" to a resource 3538 lookup. 3540 This text is primarily aimed at people entering the field of 3541 Constrained Restful Environments from applications that previously 3542 did not use web mechanisms. 3544 The explanation of the steps makes some shortcuts in the more 3545 confusing details of [RFC6690], which are justified as all examples 3546 being in Limited Link Format. 3548 B.1. A simple example 3550 Let's start this example with a very simple host, "2001:db8:f0::1". 3551 A client that follows classical CoAP Discovery ([RFC7252] Section 7), 3552 sends the following multicast request to learn about neighbours 3553 supporting resources with resource-type "temperature". 3555 The client sends a link-local multicast: 3557 GET coap://[ff02::fd]:5683/.well-known/core?rt=temperature 3559 RES 2.05 Content 3560 ;rt=temperature;ct=0 3562 Figure 29: Example of direct resource discovery 3564 where the response is sent by the server, "[2001:db8:f0::1]:5683". 3566 While the client - on the practical or implementation side - can just 3567 go ahead and create a new request to "[2001:db8:f0::1]:5683" with 3568 Uri-Path: "temp", the full resolution steps for insertion into and 3569 retrieval from the RD without any shortcuts are: 3571 B.1.1. Resolving the URIs 3573 The client parses the single returned record. The link's target 3574 (sometimes called "href") is ""/temp"", which is a relative URI that 3575 needs resolving. The base URI is used to resolve the reference /temp against. 3578 The Base URI of the requested resource can be composed from the 3579 options of the CoAP GET request by following the steps of [RFC7252] 3580 section 6.5 (with an addition at the end of 8.2) into 3581 ""coap://[2001:db8:f0::1]/.well-known/core"". 3583 Because ""/temp"" starts with a single slash, the record's target is 3584 resolved by replacing the path ""/.well-known/core"" from the Base 3585 URI (section 5.2 [RFC3986]) with the relative target URI ""/temp"" 3586 into ""coap://[2001:db8:f0::1]/temp"". 3588 B.1.2. Interpreting attributes and relations 3590 Some more information but the record's target can be obtained from 3591 the payload: the resource type of the target is "temperature", and 3592 its content format is text/plain (ct=0). 3594 A relation in a web link is a three-part statement that specifies a 3595 named relation between the so-called "context resource" and the 3596 target resource, like "_This page_ has _its table of contents_ at _/ 3597 toc.html_". In link format documents, there is an implicit "host 3598 relation" specified with default parameter: rel="hosts". 3600 In our example, the context resource of the link is the URI specified 3601 in the GET request "coap:://[2001:db8:f0::1]/.well-known/core". A 3602 full English expression of the "host relation" is: 3604 '"coap://[2001:db8:f0::1]/.well-known/core" is hosting the resource 3605 "coap://[2001:db8:f0::1]/temp", which is of the resource type 3606 "temperature" and can be accessed using the text/plain content 3607 format.' 3609 B.2. A slightly more complex example 3611 Omitting the "rt=temperature" filter, the discovery query would have 3612 given some more records in the payload: 3614 GET coap://[ff02::fd]:5683/.well-known/core 3616 RES 2.05 Content 3617 ;rt=temperature;ct=0, 3618 ;rt=light-lux;ct=0, 3619 ;anchor="/sensors/temp";rel=alternate, 3620 ;anchor="/temp"; 3621 rel="describedby" 3623 Figure 30: Extended example of direct resource discovery 3625 Parsing the third record, the client encounters the "anchor" 3626 parameter. It is a URI relative to the Base URI of the request and 3627 is thus resolved to ""coap://[2001:db8:f0::1]/sensors/temp"". That 3628 is the context resource of the link, so the "rel" statement is not 3629 about the target and the Base URI any more, but about the target and 3630 the resolved URI. Thus, the third record could be read as 3631 ""coap://[2001:db8:f0::1]/sensors/temp" has an alternate 3632 representation at "coap://[2001:db8:f0::1]/t"". 3634 Following the same resolution steps, the fourth record can be read as 3635 ""coap://[2001:db8:f0::1]/sensors/temp" is described by 3636 "http://www.example.com/sensors/t123"". 3638 B.3. Enter the Resource Directory 3640 The RD tries to carry the semantics obtainable by classical CoAP 3641 discovery over to the resource lookup interface as faithfully as 3642 possible. 3644 For the following queries, we will assume that the simple host has 3645 used Simple Registration to register at the RD that was announced to 3646 it, sending this request from its UDP port "[2001:db8:f0::1]:6553": 3648 POST coap://[2001:db8:f01::ff]/.well-known/rd?ep=simple-host1 3650 Figure 31: Example request starting a simple registration 3652 The RD would have accepted the registration, and queried the simple 3653 host's "/.well-known/core" by itself. As a result, the host is 3654 registered as an endpoint in the RD with the name "simple-host1". 3655 The registration is active for 90000 seconds, and the endpoint 3656 registration Base URI is ""coap://[2001:db8:f0::1]"" following the 3657 resolution steps described in Appendix B.1.1. It should be remarked 3658 that the Base URI constructed that way always yields a URI of the 3659 form: scheme://authority without path suffix. 3661 If the client now queries the RD as it would previously have issued a 3662 multicast request, it would go through the RD discovery steps by 3663 fetching "coap://[2001:db8:f0::ff]/.well-known/core?rt=core.rd- 3664 lookup-res", obtain "coap://[2001:db8:f0::ff]/rd-lookup/res" as the 3665 resource lookup endpoint, and issue a request to 3666 "coap://[2001:db8:f0::ff]/rd-lookup/res?rt=temperature" to receive 3667 the following data: 3669 ;rt=temperature;ct=0; 3670 anchor="coap://[2001:db8:f0::1]" 3672 Figure 32: Example payload of a response to a resource lookup 3674 This is not _literally_ the same response that it would have received 3675 from a multicast request, but it contains the equivalent statement: 3677 '"coap://[2001:db8:f0::1]" is hosting the resource 3678 "coap://[2001:db8:f0::1]/temp", which is of the resource type 3679 "temperature" and can be accessed using the text/plain content 3680 format.' 3682 (The difference is whether "/" or "/.well-known/core" hosts the 3683 resources, which does not matter in this application; if it did, the 3684 endpoint would have been more explicit. Actually, /.well-known/core 3685 does NOT host the resource but stores a URI reference to the 3686 resource.) 3688 To complete the examples, the client could also query all resources 3689 hosted at the endpoint with the known endpoint name "simple-host1". 3690 A request to "coap://[2001:db8:f0::ff]/rd-lookup/res?ep=simple-host1" 3691 would return 3693 ;rt=temperature;ct=0; 3694 anchor="coap://[2001:db8:f0::1]", 3695 ;rt=light-lux;ct=0; 3696 anchor="coap://[2001:db8:f0::1]", 3697 ; 3698 anchor="coap://[2001:db8:f0::1]/sensors/temp";rel=alternate, 3699 ; 3700 anchor="coap://[2001:db8:f0::1]/sensors/temp";rel="describedby" 3702 Figure 33: Extended example payload of a response to a resource 3703 lookup 3705 All the target and anchor references are already in absolute form 3706 there, which don't need to be resolved any further. 3708 Had the simple host done an equivalent full registration with a base= 3709 parameter (e.g. "?ep=simple-host1&base=coap+tcp://simple- 3710 host1.example.com"), that context would have been used to resolve the 3711 relative anchor values instead, giving 3713 ;rt=temperature;ct=0; 3714 anchor="coap+tcp://simple-host1.example.com" 3716 Figure 34: Example payload of a response to a resource lookup 3717 with a dedicated base URI 3719 and analogous records. 3721 B.4. A note on differences between link-format and Link header fields 3723 While link-format and Link header fields look very similar and are 3724 based on the same model of typed links, there are some differences 3725 between [RFC6690] and [RFC8288], which are dealt with differently: 3727 * "Resolving the target against the anchor": [RFC6690] Section 2.1 3728 states that the anchor of a link is used as the Base URI against 3729 which the term inside the angle brackets (the target) is resolved, 3730 falling back to the resource's URI with paths stripped off (its 3731 "Origin"). In contrast to that, [RFC8288] Section B.2 describes 3732 that the anchor is immaterial to the resolution of the target 3733 reference. 3735 RFC6690, in the same section, also states that absent anchors set 3736 the context of the link to the target's URI with its path stripped 3737 off, while according to [RFC8288] Section 3.2, the context is the 3738 resource's base URI. 3740 The rules introduced in Appendix C ensure that an RD does not need 3741 to deal with those differences when processing input data. Lookup 3742 results are required to be absolute references for the same 3743 reason. 3745 * There is no percent encoding in link-format documents. 3747 A link-format document is a UTF-8 encoded string of Unicode 3748 characters and does not have percent encoding, while Link header 3749 fields are practically ASCII strings that use percent encoding for 3750 non-ASCII characters, stating the encoding explicitly when 3751 required. 3753 For example, while a Link header field in a page about a Swedish 3754 city might read 3755 Link: ;rel="live-environment-data" 3757 a link-format document from the same source might describe the 3758 link as 3760 ;rel="live-environment-data" 3762 Parsers and producers of link-format and header fields need to be 3763 aware of this difference. 3765 Appendix C. Limited Link Format 3767 The CoRE Link Format as described in [RFC6690] has been interpreted 3768 differently by implementers, and a strict implementation rules out 3769 some use cases of an RD (e.g. base values with path components). 3771 This appendix describes a subset of link format documents called 3772 Limited Link Format. The rules herein are not very limiting in 3773 practice - all examples in RFC6690, and all deployments the authors 3774 are aware of already stick to them - but ease the implementation of 3775 RD servers. 3777 It is applicable to representations in the application/link-format 3778 media type, and any other media types that inherit [RFC6690] 3779 Section 2.1. 3781 A link format representation is in Limited Link format if, for each 3782 link in it, the following applies: 3784 * All URI references either follow the URI or the path-absolute ABNF 3785 rule of RFC3986 (i.e. target and anchor each either start with a 3786 scheme or with a single slash), 3788 * if the anchor reference starts with a scheme, the target reference 3789 starts with a scheme as well (i.e. relative references in target 3790 cannot be used when the anchor is a full URI), and 3792 * the application does not care whether links without an explicitly 3793 given anchor have the origin's "/" or "/.well-known/core" resource 3794 as their link context. 3796 Authors' Addresses 3798 Christian Amsüss (editor) 3799 Hollandstr. 12/4 3800 1020 3801 Austria 3802 Phone: +43-664-9790639 3803 Email: christian@amsuess.com 3805 Zach Shelby 3806 ARM 3807 150 Rose Orchard 3808 San Jose, 95134 3809 United States of America 3811 Phone: +1-408-203-9434 3812 Email: zach.shelby@arm.com 3814 Michael Koster 3815 SmartThings 3816 665 Clyde Avenue 3817 Mountain View, 94043 3818 United States of America 3820 Phone: +1-707-502-5136 3821 Email: Michael.Koster@smartthings.com 3823 Carsten Bormann 3824 Universitaet Bremen TZI 3825 Postfach 330440 3826 D-28359 Bremen 3827 Germany 3829 Phone: +49-421-218-63921 3830 Email: cabo@tzi.org 3832 Peter van der Stok 3833 consultant 3835 Phone: +31-492474673 (Netherlands), +33-966015248 (France) 3836 Email: consultancy@vanderstok.org 3837 URI: www.vanderstok.org