idnits 2.17.1 draft-ietf-core-senml-data-ct-07.txt: -(2): Line appears to be too long, but this could be caused by non-ascii characters in UTF-8 encoding -(5): Line appears to be too long, but this could be caused by non-ascii characters in UTF-8 encoding Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == There are 8 instances of lines with non-ascii characters in the document. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (21 October 2021) is 917 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC-httpbis-semantics' is mentioned on line 348, but not defined -- Possible downref: Normative reference to a draft: ref. 'I-D.ietf-httpbis-semantics' -- Obsolete informational reference (is this intentional?): RFC 1590 (Obsoleted by RFC 2045, RFC 2046, RFC 2047, RFC 2048, RFC 2049) Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group A. Keränen 3 Internet-Draft Ericsson 4 Intended status: Standards Track C. Bormann 5 Expires: 24 April 2022 Universität Bremen TZI 6 21 October 2021 8 SenML Data Value Content-Format Indication 9 draft-ietf-core-senml-data-ct-07 11 Abstract 13 The Sensor Measurement Lists (SenML) media type supports multiple 14 types of values, from numbers to text strings and arbitrary binary 15 data values. In order to facilitate processing of binary data 16 values, this document specifies a pair of new SenML fields for 17 indicating the content format of those binary data values, i.e., 18 their Internet media type including parameters as well as any content 19 codings applied. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at https://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on 24 April 2022. 38 Copyright Notice 40 Copyright (c) 2021 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 45 license-info) in effect on the date of publication of this document. 46 Please review these documents carefully, as they describe your rights 47 and restrictions with respect to this document. Code Components 48 extracted from this document must include Simplified BSD License text 49 as described in Section 4.e of the Trust Legal Provisions and are 50 provided without warranty as described in the Simplified BSD License. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 55 1.1. Evolution . . . . . . . . . . . . . . . . . . . . . . . . 3 56 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 57 3. SenML Content-Format ("ct") Field . . . . . . . . . . . . . . 5 58 4. SenML Base Content-Format ("bct") Field . . . . . . . . . . . 6 59 5. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 6 60 6. ABNF . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 61 7. Security Considerations . . . . . . . . . . . . . . . . . . . 8 62 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 63 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 64 9.1. Normative References . . . . . . . . . . . . . . . . . . 9 65 9.2. Informative References . . . . . . . . . . . . . . . . . 10 66 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 11 67 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 11 69 1. Introduction 71 The Sensor Measurement Lists (SenML) media types [RFC8428] can be 72 used to send various kinds of data. In the example given in 73 Figure 1, a temperature value, an indication whether a lock is open, 74 and a data value (with SenML field "vd") read from an NFC reader is 75 sent in a single SenML pack. The example is given in SenML JSON 76 representation, so the "vd" (data value) field is encoded as a 77 base64url string (without padding), as per Section 5 of [RFC8428]. 79 [ 80 {"bn":"urn:dev:ow:10e2073a01080063:","n":"temp","u":"Cel","v":7.1}, 81 {"n":"open","vb":false}, 82 {"n":"nfc-reader","vd":"aGkgCg"} 83 ] 85 Figure 1: SenML pack with unidentified binary data 87 The receiver is expected to know how to interpret the data in the 88 "vd" field based on the context, e.g., name of the data source and 89 out-of-band knowledge of the application. However, this context may 90 not always be easily available to entities processing the SenML pack, 91 especially if the pack is propagated over time and via multiple 92 entities. To facilitate automatic interpretation it is useful to be 93 able to indicate an Internet media type and, optionally, content 94 codings right in the SenML Record. 96 The CoAP Content-Format (Section 12.3 of [RFC7252]) provides this 97 information in the form of a single unsigned integer; enclosing a 98 Content-Format number (in this case number 60 as defined for content- 99 type application/cbor in [RFC8949]) in the Record is illustrated in 100 Figure 2. All registered CoAP Content-Format numbers are listed in 101 the COAP Content-Formats registry [IANA.core-parameters] as specified 102 by Section 12.3 of [RFC7252]. Note that, at the time of writing, the 103 structure of this registry only provides for zero or one content 104 codings; nothing in the present document needs to change if the 105 registry is extended to allow sequences of content codings. 107 {"n":"nfc-reader", "vd":"gmNmb28YKg", "ct":"60"} 109 Figure 2: SenML Record with binary data identified as CBOR 111 In this example SenML Record, the data value contains a string "foo" 112 and a number 42 encoded in a CBOR [RFC8949] array. Since the example 113 above uses the JSON format of SenML, the data value containing the 114 binary CBOR value is base64-encoded (Section 5 of [RFC4648]). The 115 data value after base64 decoding is shown with CBOR diagnostic 116 notation in Figure 3. 118 82 # array(2) 119 63 # text(3) 120 666F6F # "foo" 121 18 2A # unsigned(42) 123 Figure 3: Example Data Value in CBOR diagnostic notation 125 1.1. Evolution 127 As with SenML in general, there is no expectation that the creator of 128 a SenML pack knows (or has negotiated with) each consumer of that 129 pack, which may be very remote in space and particularly in time. 130 This means that the SenML creator in general has no way to know 131 whether the consumer knows: 133 * each specific media-type-name used 135 * each parameter and each parameter value used 137 * each content coding in use 138 * each Content-Format number in use for a combination of these 140 What SenML, as well as the new fields defined here, guarantees is 141 that a recipient implementation _knows_ when it needs to be updated 142 to understand these field values and the values controlled by them; 143 registries are used to evolve these name spaces in a controlled way. 144 SenML packs can be processed by a consumer while not understanding 145 all the information in them, and information can generally be 146 preserved in this processing such that it is useful for further 147 consumers. 149 2. Terminology 151 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 152 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 153 "OPTIONAL" in this document are to be interpreted as described in 154 BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all 155 capitals, as shown here. 157 Media Type: A registered label for representations (byte strings) 158 prepared for interchange, identified by a Media-Type-Name 159 [RFC1590], [RFC6838]. 161 Media-Type-Name: A combination of a type-name and a subtype-name 162 registered in [IANA.media-types] as per [RFC6838], conventionally 163 identified by the two names separated by a slash. 165 Content-Type: A Media-Type-Name, optionally associated with 166 parameters (Section 5 of [RFC2045], separated from the Media-Type- 167 Name and from each other by a semicolon). In HTTP and many other 168 protocols, used in a Content-Type header field. 170 content coding: A name registered in the HTTP Content Coding 171 registry [IANA.http-parameters] as specified by Sections 16.6.1 172 and 18.6 of [I-D.ietf-httpbis-semantics], indicating an encoding 173 transformation with semantics further specified in Section 8.4.1 174 of [I-D.ietf-httpbis-semantics]. Confusingly, in HTTP, content 175 coding values are found in a header field called "Content- 176 Encoding", however "content coding" is the correct term for the 177 process and the registered values. 179 content format: the combination of a Content-Type and zero or more 180 content codings, identified by (1) a numeric identifier defined in 181 the COAP Content-Formats registry [IANA.core-parameters] as per 182 Section 12.3 of [RFC7252] (referred to as Content-Format number), 183 or (2) a Content-Format-String. 185 Content-Format-String: the string representation of the combination 186 of a Content-Type and zero or more content codings. 188 Content-Format-Spec: the string representation of a content format; 189 either a Content-Format-String or the (decimal) string 190 representation of a Content-Format number. 192 Readers should also be familiar with the terms and concepts discussed 193 in [RFC8428]. 195 3. SenML Content-Format ("ct") Field 197 When a SenML Record contains a Data Value field ("vd"), the Record 198 MAY also include a Content-Format indication field, using label "ct". 199 The value of this field is a Content-Format-Spec, i.e., one of: 201 * a CoAP Content-Format number in decimal form with no leading zeros 202 (except for the value "0" itself). This value represents an 203 unsigned integer in the range of 0-65535, similar to the "ct" 204 attribute defined in Section 7.2.1 of [RFC7252] for CoRE Link 205 Format [RFC6690]). 207 * or a Content-Format-String containing a Content-Type and zero or 208 more content codings (see below). 210 The syntax of this field is formally defined in Section 6. 212 The CoAP Content-Format number provides a simple and efficient way to 213 indicate the type of the data. Since some Internet media types and 214 their content coding and parameter alternatives do not have assigned 215 CoAP Content-Format numbers, using Content-Type and zero or more 216 content codings is also allowed. Both methods use a string value in 217 the "ct" field to keep its data type consistent across uses. When 218 the "ct" field contains only digits, it is interpreted as a CoAP 219 Content-Format number. 221 To indicate that one or more content codings are used with a Content- 222 Type, each of the content coding values is appended to the Content- 223 Type value (media type and parameters, if any), separated by a "@" 224 sign, in the order of the content codings were applied (the same 225 order as in Section 8.4 of [I-D.ietf-httpbis-semantics]). For 226 example (using a content coding value of "deflate" as defined in 227 Section 8.4.1.2 of [I-D.ietf-httpbis-semantics]): 229 text/plain; charset=utf-8@deflate 231 If no "@" sign is present after the media type and parameters, then 232 no content coding has been specified, and the "identity" content 233 coding is used -- no encoding transformation is employed. 235 4. SenML Base Content-Format ("bct") Field 237 The Base Content-Format Field, label "bct", provides a default value 238 for the Content-Format Field (label "ct") within its range. The 239 range of the base field includes the Record containing it, up to (but 240 not including) the next Record containing a "bct" field, if any, or 241 up to the end of the pack otherwise. The process of resolving 242 (Section 4.6 of [RFC8428]) this base field is performed by adding its 243 value with the label "ct" to all Records in this range that carry a 244 "vd" field but do not already contain a Content-Format ("ct") field. 246 Figure 4 shows a variation of Figure 2 with multiple records, with 247 the "nfc-reader" records resolving to the base field value "60" and 248 the "iris-photo" record overriding this with the "image/png" media 249 type (actual data left out for brevity). 251 [ 252 {"n":"nfc-reader", "vd":"gmNmb28YKg", 253 "bct":"60", "bt":1627430700}, 254 {"n":"nfc-reader", "vd":"gmNiYXIYKw", "t":10}, 255 {"n":"iris-photo", "vd":".....", "ct":"image/png", "t":10}, 256 {"n":"nfc-reader", "vd":"gmNiYXoYLA", "t":20} 257 ] 259 Figure 4: SenML pack with bct field 261 5. Examples 263 The following examples are valid values for the "ct" and "bct" fields 264 (explanation/comments in parentheses): 266 * "60" (CoAP Content-Format number for "application/cbor") 268 * "0" (CoAP Content-Format number for "text/plain" with parameter 269 "charset=utf-8") 271 * "application/json" (JSON Content-Type -- equivalent to "50" CoAP 272 Content-Format number) 274 * "application/json@deflate" (JSON Content-Type with "deflate" as 275 content coding -- equivalent to "11050" CoAP Content-Format 276 number) 278 * "application/json@deflate@aes128gcm" (JSON Content-Type with 279 "deflate" followed by "aes128gcm" as content codings) 281 * "text/csv" (Comma-Separated Values (CSV) [RFC4180] Content-Type) 282 * "text/csv;header=present@gzip" (CSV with header row, using "gzip" 283 as content coding) 285 6. ABNF 287 This specification provides a formal definition of the syntax of 288 Content-Format-Spec strings using ABNF notation [RFC5234], which 289 contains three new rules and a number of rules collected and adapted 290 from various RFCs [I-D.ietf-httpbis-semantics] [RFC6838] [RFC5234] 291 [RFC8866]. 293 ; New in this document 295 Content-Format-Spec = Content-Format-Number / Content-Format-String 297 Content-Format-Number = "0" / (POS-DIGIT *DIGIT) 298 Content-Format-String = Content-Type *("@" Content-Coding) 300 ; Cleaned up from [RFC-httpbis-semantics], 301 ; leaving only SP as blank space, 302 ; removing legacy 8-bit characters, and 303 ; leaving the parameter as mandatory with each semicolon: 305 Content-Type = Media-Type-Name *( *SP ";" *SP parameter ) 306 parameter = token "=" ( token / quoted-string ) 308 token = 1*tchar 309 tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" 310 / "+" / "-" / "." / "^" / "_" / "`" / "|" / "~" 311 / DIGIT / ALPHA 312 quoted-string = %x22 *( qdtext / quoted-pair ) %x22 313 qdtext = SP / %x21 / %x23-5B / %x5D-7E 314 quoted-pair = "\" ( SP / VCHAR ) 316 ; Adapted from section 8.4.1 of [RFC-httpbis-semantics] 318 Content-Coding = token 320 ; Adapted from various specs 322 Media-Type-Name = type-name "/" subtype-name 324 ; RFC 6838 326 type-name = restricted-name 327 subtype-name = restricted-name 329 restricted-name = restricted-name-first *126restricted-name-chars 330 restricted-name-first = ALPHA / DIGIT 331 restricted-name-chars = ALPHA / DIGIT / "!" / "#" / 332 "$" / "&" / "-" / "^" / "_" 333 restricted-name-chars =/ "." ; Characters before first dot always 334 ; specify a facet name 335 restricted-name-chars =/ "+" ; Characters after last plus always 336 ; specify a structured syntax suffix 338 ; Boilerplate from RFC 5234 and RFC 8866 340 DIGIT = %x30-39 ; 0 – 9 341 POS-DIGIT = %x31-39 ; 1 – 9 342 ALPHA = %x41-5A / %x61-7A ; A – Z / a – z 343 SP = %x20 344 VCHAR = %x21-7E ; printable ASCII (no SP) 346 Figure 5: ABNF syntax of Content-Format-Spec 348 // RFC editor: Please replace [RFC-httpbis-semantics] by what gets 349 // published from [I-D.ietf-httpbis-semantics]. 351 7. Security Considerations 353 The indication of a media type in the data does not exempt a 354 consuming application from properly checking its inputs. Also, the 355 ability for an attacker to supply crafted SenML data that specify 356 media types chosen by the attacker may expose vulnerabilities of 357 handlers for these media types to the attacker. This includes 358 "decompression bombs", compressed data that is crafted to decompress 359 to extremely large data items. 361 8. IANA Considerations 363 (Note to RFC Editor: Please replace all occurrences of "RFC-AAAA" 364 with the RFC number of this specification and remove this note.) 366 IANA is requested to assign new labels in the "SenML Labels" 367 subregistry of the SenML registry [IANA.senml] (as defined in 368 Section 12.2 of [RFC8428]) for the Content-Format indication as per 369 Table 1: 371 +=====================+=======+===========+==========+===========+ 372 | Name | Label | JSON Type | XML Type | Reference | 373 +=====================+=======+===========+==========+===========+ 374 | Base Content-Format | bct | String | string | RFC-AAAA | 375 +---------------------+-------+-----------+----------+-----------+ 376 | Content-Format | ct | String | string | RFC-AAAA | 377 +---------------------+-------+-----------+----------+-----------+ 379 Table 1: IANA Registration for new SenML Labels 381 Note that as per Section 12.2 of [RFC8428], no CBOR labels or EXI 382 schemaId values (EXI ID column) are supplied. 384 9. References 386 9.1. Normative References 388 [I-D.ietf-httpbis-semantics] 389 Fielding, R. T., Nottingham, M., and J. Reschke, "HTTP 390 Semantics", Work in Progress, Internet-Draft, draft-ietf- 391 httpbis-semantics-19, 12 September 2021, 392 . 395 [IANA.core-parameters] 396 IANA, "Constrained RESTful Environments (CoRE) 397 Parameters", 398 . 400 [IANA.http-parameters] 401 IANA, "Hypertext Transfer Protocol (HTTP) Parameters", 402 . 404 [IANA.media-types] 405 IANA, "Media Types", 406 . 408 [IANA.senml] 409 IANA, "Sensor Measurement Lists (SenML)", 410 . 412 [RFC2045] Freed, N. and N. Borenstein, "Multipurpose Internet Mail 413 Extensions (MIME) Part One: Format of Internet Message 414 Bodies", RFC 2045, DOI 10.17487/RFC2045, November 1996, 415 . 417 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 418 Requirement Levels", BCP 14, RFC 2119, 419 DOI 10.17487/RFC2119, March 1997, 420 . 422 [RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax 423 Specifications: ABNF", STD 68, RFC 5234, 424 DOI 10.17487/RFC5234, January 2008, 425 . 427 [RFC7252] Shelby, Z., Hartke, K., and C. Bormann, "The Constrained 428 Application Protocol (CoAP)", RFC 7252, 429 DOI 10.17487/RFC7252, June 2014, 430 . 432 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 433 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 434 May 2017, . 436 [RFC8428] Jennings, C., Shelby, Z., Arkko, J., Keranen, A., and C. 437 Bormann, "Sensor Measurement Lists (SenML)", RFC 8428, 438 DOI 10.17487/RFC8428, August 2018, 439 . 441 9.2. Informative References 443 [RFC1590] Postel, J., "Media Type Registration Procedure", RFC 1590, 444 DOI 10.17487/RFC1590, March 1994, 445 . 447 [RFC4180] Shafranovich, Y., "Common Format and MIME Type for Comma- 448 Separated Values (CSV) Files", RFC 4180, 449 DOI 10.17487/RFC4180, October 2005, 450 . 452 [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data 453 Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006, 454 . 456 [RFC6690] Shelby, Z., "Constrained RESTful Environments (CoRE) Link 457 Format", RFC 6690, DOI 10.17487/RFC6690, August 2012, 458 . 460 [RFC6838] Freed, N., Klensin, J., and T. Hansen, "Media Type 461 Specifications and Registration Procedures", BCP 13, 462 RFC 6838, DOI 10.17487/RFC6838, January 2013, 463 . 465 [RFC8866] Begen, A., Kyzivat, P., Perkins, C., and M. Handley, "SDP: 466 Session Description Protocol", RFC 8866, 467 DOI 10.17487/RFC8866, January 2021, 468 . 470 [RFC8949] Bormann, C. and P. Hoffman, "Concise Binary Object 471 Representation (CBOR)", STD 94, RFC 8949, 472 DOI 10.17487/RFC8949, December 2020, 473 . 475 Acknowledgements 477 The authors would like to thank Sérgio Abreu for the discussions 478 leading to the design of this extension and Isaac Rivera for reviews 479 and feedback. Klaus Hartke suggested not burdening this draft with a 480 separate mandatory-to-implement version of the fields. Alexey 481 Melnikov, Jim Schaad, and Thomas Fossati provided helpful comments at 482 Working-Group last call. Marco Tiloca asked for clarifying and using 483 the term Content-Format-Spec. 485 Authors' Addresses 487 Ari Keränen 488 Ericsson 489 FI-02420 Jorvas 490 Finland 492 Email: ari.keranen@ericsson.com 494 Carsten Bormann 495 Universität Bremen TZI 496 Postfach 330440 497 D-28359 Bremen 498 Germany 500 Phone: +49-421-218-63921 501 Email: cabo@tzi.org