| rfc9876v1.txt | rfc9876.txt | |||
|---|---|---|---|---|
| skipping to change at line 78 ¶ | skipping to change at line 78 ¶ | |||
| Authors' Addresses | Authors' Addresses | |||
| 1. Introduction | 1. Introduction | |||
| Section 12.3 of [RFC7252] describes the registration procedures for | Section 12.3 of [RFC7252] describes the registration procedures for | |||
| the "CoAP Content-Formats" IANA registry within the "Constrained | the "CoAP Content-Formats" IANA registry within the "Constrained | |||
| RESTful Environments (CoRE) Parameters" registry group | RESTful Environments (CoRE) Parameters" registry group | |||
| [IANA.core-params]. (Note that the columns of this registry have | [IANA.core-params]. (Note that the columns of this registry have | |||
| been revised according to [Err4954].) In particular, it defines the | been revised according to [Err4954].) In particular, it defines the | |||
| rules for obtaining Constrained Application Protocol (CoAP) Content- | rules for obtaining Constrained Application Protocol (CoAP) Content- | |||
| Format identifiers from the "IETF Review with Expert Review or IESG | Format identifiers from the "IETF Review or IESG Approval" range of | |||
| Approval with Expert Review" range of the registry (256-9999) as well | the registry (256-9999) as well as from the "First Come First Served" | |||
| as from the "First Come First Served" (FCFS) range of the registry | (FCFS) range of the registry (10000-64999). For the FCFS range, | |||
| (10000-64999). For the FCFS range, these rules do not involve the | these rules do not involve the designated expert and are managed | |||
| designated expert (DE) and are managed solely by IANA personnel to | solely by IANA personnel to finalize the registration. | |||
| finalize the registration. | ||||
| Unfortunately, the rules do not explicitly require checking that the | Unfortunately, the rules do not explicitly require checking that the | |||
| combination of Content-Type (i.e., Media Type with optional | combination of Content-Type (i.e., Media Type with optional | |||
| parameters) and Content Coding associated with the requested CoAP | parameters) and Content Coding associated with the requested CoAP | |||
| Content-Format is semantically valid. This task is generally non- | Content-Format is semantically valid. This task is generally non- | |||
| trivial, requires knowledge from multiple documents and technologies, | trivial, requires knowledge from multiple documents and technologies, | |||
| and should not be solely demanded from the registrar. This lack of | and should not be solely demanded from the registrar. This lack of | |||
| guidance may engender confusion in both the registering party and the | guidance may engender confusion in both the registering party and the | |||
| registrar, and it has already led to erroneous registrations. | registrar, and it has already led to erroneous registrations. | |||
| skipping to change at line 118 ¶ | skipping to change at line 117 ¶ | |||
| "OPTIONAL" in this document are to be interpreted as described in | "OPTIONAL" in this document are to be interpreted as described in | |||
| BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| capitals, as shown here. | capitals, as shown here. | |||
| This document uses the terms "Media Type", "Content Coding", | This document uses the terms "Media Type", "Content Coding", | |||
| "Content-Type", and "Content Format" as defined in Section 2 of | "Content-Type", and "Content Format" as defined in Section 2 of | |||
| [RFC9193]. In this document, those terms are fully capitalized. | [RFC9193]. In this document, those terms are fully capitalized. | |||
| 3. Security Considerations | 3. Security Considerations | |||
| This document hardens the registration procedures of CoAP Content- | This document updates the registration procedures of CoAP Content- | |||
| Formats in ways that reduce the chances of malicious manipulation of | Formats to reduce the chances of malicious manipulation of the | |||
| the associated registry. | associated registry. | |||
| Otherwise, it does not change the Security Considerations of | Otherwise, it does not change the Security Considerations of | |||
| [RFC7252]. | [RFC7252]. | |||
| 4. IANA Considerations | 4. IANA Considerations | |||
| This document updates the IANA procedures defined in [RFC7252] for | This document updates the IANA procedures defined in [RFC7252] for | |||
| registering CoAP Content-Formats as described in Section 4.1. It | registering CoAP Content-Formats as described in Section 4.1. It | |||
| also adds a new note concerning temporary registrations (Section 4.2) | also adds a new note concerning temporary registrations (Section 4.2) | |||
| and reserves Content-Format IDs 64998 and 64999 for documentation | and reserves Content-Format IDs 64998 and 64999 for documentation | |||
| skipping to change at line 146 ¶ | skipping to change at line 145 ¶ | |||
| Internet Media Types are identified by a string, such as | Internet Media Types are identified by a string, such as | |||
| "application/xml" [RFC2046]. In order to minimize the overhead of | "application/xml" [RFC2046]. In order to minimize the overhead of | |||
| using Media Types to indicate the format of payloads, [RFC7252] has | using Media Types to indicate the format of payloads, [RFC7252] has | |||
| defined a registry for a subset of Internet Media Types to be used in | defined a registry for a subset of Internet Media Types to be used in | |||
| CoAP and assigned each, in combination with a Content Coding, a | CoAP and assigned each, in combination with a Content Coding, a | |||
| numeric identifier. The name of the registry is "CoAP Content- | numeric identifier. The name of the registry is "CoAP Content- | |||
| Formats", within the "Constrained RESTful Environments (CoRE) | Formats", within the "Constrained RESTful Environments (CoRE) | |||
| Parameters" registry group. | Parameters" registry group. | |||
| Each entry in the registry must include the Media Type registered | Each entry in the registry must include the Content Type, the Content | |||
| with IANA, the numeric identifier in the range 0-65535 to be used for | Coding (if any), the Media Type registered with IANA, the numeric | |||
| that Media Type in CoAP, the Content Coding associated with this | identifier in the range 0-65535 to be used for that Media Type in | |||
| identifier, and a reference to a document describing what a payload | CoAP, and a reference to a document describing what a payload with | |||
| with that Media Type means semantically. | that Media Type means semantically. | |||
| CoAP does not include a separate way to convey Content Coding | CoAP does not include a separate way to convey Content Coding | |||
| information with a request or response; for that reason, the Content | information with a request or response; for that reason, the Content | |||
| Coding (if any) is also specified for each identifier. If multiple | Coding (if any) is also specified for each identifier. If multiple | |||
| Content Codings will be used with a Media Type, then a separate | Content Codings will be used with a Media Type, then a separate | |||
| Content-Format identifier for each is to be registered. Similarly, | Content-Format identifier for each is to be registered. Similarly, | |||
| other parameters related to an Internet Media Type can be defined for | other parameters related to an Internet Media Type can be defined for | |||
| a CoAP Content-Format entry. | a CoAP Content-Format entry. | |||
| The registration procedures for CoAP Content-Formats are described in | The registration procedures for CoAP Content-Formats are described in | |||
| skipping to change at line 257 ¶ | skipping to change at line 256 ¶ | |||
| term. It is recommended that M2M applications making use of CoAP | term. It is recommended that M2M applications making use of CoAP | |||
| request new Internet Media Types from IANA indicating semantic | request new Internet Media Types from IANA indicating semantic | |||
| information about how to create or parse a payload. For example, a | information about how to create or parse a payload. For example, a | |||
| Smart Energy application payload carried as Concise Binary Object | Smart Energy application payload carried as Concise Binary Object | |||
| Representation (CBOR) might request a more specific type like | Representation (CBOR) might request a more specific type like | |||
| application/se+cbor. | application/se+cbor. | |||
| 4.1.1. Temporary Content-Format Registrations | 4.1.1. Temporary Content-Format Registrations | |||
| This section clarifies that the "CoAP Content-Formats" registry | This section clarifies that the "CoAP Content-Formats" registry | |||
| allows temporary registrations within the 0-64998 range. | allows temporary registrations within the 0-64997 range. | |||
| A temporary registration may be created, for example, by an IANA | A temporary registration may be created, for example, by an IANA | |||
| early allocation action [RFC7120]. If the referenced Media Type is | early allocation action [RFC7120]. If the referenced Media Type is | |||
| provisional (that is, included in the "Provisional Standard Media | provisional (that is, included in the "Provisional Standard Media | |||
| Type Registry" [IANA.prov-media-types]), then a created registration | Type Registry" [IANA.prov-media-types]), then a created registration | |||
| is always temporary. | is always temporary. | |||
| A temporary registration is marked as such by IANA in the | A temporary registration is marked as such by IANA in the | |||
| corresponding registry entry. Once the required registration | corresponding registry entry. Once the required registration | |||
| procedure (defined in Table 1) for the temporary ID has successfully | procedure (defined in Table 1) for the temporary ID has successfully | |||
| skipping to change at line 281 ¶ | skipping to change at line 280 ¶ | |||
| becomes permanent. | becomes permanent. | |||
| If a temporary registration does not successfully complete the | If a temporary registration does not successfully complete the | |||
| registration procedure, IANA must remove the entry and set the | registration procedure, IANA must remove the entry and set the | |||
| Content-Format ID value back to "Unassigned". This may happen, for | Content-Format ID value back to "Unassigned". This may happen, for | |||
| example, when an Internet-Draft requesting a Content-Format ID is | example, when an Internet-Draft requesting a Content-Format ID is | |||
| abandoned. If a temporary registration (in any range) refers to a | abandoned. If a temporary registration (in any range) refers to a | |||
| provisional Media Type that is abandoned, IANA must remove the entry | provisional Media Type that is abandoned, IANA must remove the entry | |||
| and set the Content-Format ID value back to "Unassigned". | and set the Content-Format ID value back to "Unassigned". | |||
| Note that in the 10000-64998 range, the abandonment of a document | Note that in the 10000-64997 range, the abandonment of a document | |||
| requesting a Content-Format ID does not cause an entry to be removed. | requesting a Content-Format ID does not cause an entry to be removed. | |||
| That is because the required registration procedure for this range | That is because the required registration procedure for this range | |||
| does not require completion of any standards process, nor does it | does not require completion of any standards process, nor does it | |||
| require a registering document. | require a registering document. | |||
| Temporary registrations within the 0-255 range are exempt from the | Temporary registrations within the 0-255 range are exempt from the | |||
| formal renewal process outlined in [RFC7120]. Specifically, IANA | formal renewal process outlined in [RFC7120]. Specifically, IANA | |||
| will not monitor the removal of registrations in this range. | will not monitor the removal of registrations in this range. | |||
| Instead, the designated experts direct IANA to carry out this task. | Instead, the designated experts direct IANA to carry out this task. | |||
| 4.1.2. Addition of the Media Type Column to the Registry | 4.1.2. Addition of the Media Type Column to the Registry | |||
| To assist users of the "CoAP Content-Formats" registry in finding | To assist users of the "CoAP Content-Formats" registry in finding | |||
| detailed information about the Media Type associated with each CoAP | detailed information about the Media Type associated with each CoAP | |||
| Content-Format, and to ensure that a Media Type exists before a new | Content-Format, and to ensure that a Media Type exists before a new | |||
| entry can be registered, IANA has added the new column "Media Type" | entry can be registered, IANA has added the new column "Media Type" | |||
| to the registry. This new column is placed directly to the right of | to the registry. This new column is placed to the right of the | |||
| the existing "Content Type" column. | existing "Content Type" column. | |||
| The "Media Type" field for each entry lists the (base) Media Type | The "Media Type" field for each entry lists the (base) Media Type | |||
| name and provides a hyperlink to registration information for that | name and provides a hyperlink to registration information for that | |||
| Media Type as recorded by IANA. If the Media Type is provisional, | Media Type as recorded by IANA. If the Media Type is provisional, | |||
| the hyperlink points to the "Provisional Standard Media Type | the hyperlink points to the "Provisional Standard Media Type | |||
| Registry" [IANA.prov-media-types]. If a provisional Media Type | Registry" [IANA.prov-media-types]. If a provisional Media Type | |||
| becomes a permanent Media Type, IANA must update the "Media Type" | becomes a permanent Media Type, IANA must update the "Media Type" | |||
| field in the associated registry entries to ensure the hyperlink | field in the associated registry entries to ensure the hyperlink | |||
| directs to the registration information for that Media Type. | directs to the registration information for that Media Type. | |||
| In a registration request, the requester does not need to fill out | In a registration request, the requester does not need to fill out | |||
| the "Media Type" field separately, as the necessary information is | the "Media Type" field separately, as the necessary information is | |||
| already provided in the "Content Type" field of the request. | already provided in the "Content Type" field of the request. | |||
| 4.1.3. Expert Review Procedure | 4.1.3. Expert Review Procedure | |||
| The DE is instructed to perform the "Expert Review", as described by | The designated expert is instructed to perform the "Expert Review", | |||
| the following checklist: | as described by the following checklist: | |||
| 1. The combination of Content-Type and Content Coding for which the | 1. The combination of Content-Type and Content Coding for which the | |||
| registration is requested must not be already present in the | registration is requested must not be already present in the | |||
| "CoAP Content-Formats" registry. | "CoAP Content-Formats" registry. | |||
| 2. The Media Type associated with the requested Content-Format must | 2. The Media Type associated with the requested Content-Format must | |||
| be either registered in the "Media Types" registry | be either registered in the "Media Types" registry | |||
| [IANA.media-types] or approved for registration. Alternatively, | [IANA.media-types] or approved for registration. Alternatively, | |||
| it may be listed in the "Provisional Standard Media Type | it may be listed in the "Provisional Standard Media Type | |||
| Registry" [IANA.prov-media-types]. The use of provisional | Registry" [IANA.prov-media-types]. The use of provisional | |||
| skipping to change at line 344 ¶ | skipping to change at line 343 ¶ | |||
| 4. The Content Type must be in the preferred format defined in | 4. The Content Type must be in the preferred format defined in | |||
| Section 4.1.4. | Section 4.1.4. | |||
| 5. If a Content Coding is specified, it must exist (or must have | 5. If a Content Coding is specified, it must exist (or must have | |||
| been approved for registration) in the "HTTP Content Coding | been approved for registration) in the "HTTP Content Coding | |||
| Registry" within the "Hypertext Transfer Protocol (HTTP) | Registry" within the "Hypertext Transfer Protocol (HTTP) | |||
| Parameters" registry group [IANA.http-params]. | Parameters" registry group [IANA.http-params]. | |||
| For the 0-255 range, in addition to the checks described above, the | For the 0-255 range, in addition to the checks described above, the | |||
| DE is instructed to also evaluate the requested code point concerning | designated expert is instructed to also evaluate the requested code | |||
| the limited availability of the 1-byte code point space. For the | point concerning the limited availability of the 1-byte code point | |||
| ranges 256-9999, 10000-19999, and 33000-64997, a similar criterion | space. For the ranges 256-9999, 10000-19999, and 33000-64997, a | |||
| may also apply where combinations of Media Type parameters and | similar criterion may also apply where combinations of Media Type | |||
| Content Coding choices consume considerable code point space. | parameters and Content Coding choices consume considerable code point | |||
| space. | ||||
| 4.1.4. Preferred Format for the Content Type Field | 4.1.4. Preferred Format for the Content Type Field | |||
| This section defines the preferred string format for including a | This section defines the preferred string format for including a | |||
| requested Content Type in the "CoAP Content-Formats" registry. | requested Content Type in the "CoAP Content-Formats" registry. | |||
| During the review process, the designated expert(s) or IANA may | During the review process, the designated expert(s) or IANA may | |||
| rewrite a requested Content Type into this preferred string format | rewrite a requested Content Type into this preferred string format | |||
| before approval. | before approval. | |||
| The preferred string format is as defined in Section 8.3.1 of | The preferred string format is as defined in Section 8.3.1 of | |||
| skipping to change at line 378 ¶ | skipping to change at line 378 ¶ | |||
| characters is used as the separator between the Media Type and | characters is used as the separator between the Media Type and | |||
| parameters. | parameters. | |||
| 4.1.5. Examples of Invalid Registration Requests | 4.1.5. Examples of Invalid Registration Requests | |||
| This section provides examples of registration requests for the "CoAP | This section provides examples of registration requests for the "CoAP | |||
| Content-Formats" registry that are invalid but would be approved | Content-Formats" registry that are invalid but would be approved | |||
| under the procedure defined in Section 12.3 of [RFC7252]. The | under the procedure defined in Section 12.3 of [RFC7252]. The | |||
| checklist defined in Section 4.1.3 should prevent any of these | checklist defined in Section 4.1.3 should prevent any of these | |||
| attempts from succeeding. These examples serve as a representative, | attempts from succeeding. These examples serve as a representative, | |||
| but not exhaustive, sample to train the DE's eye on invalid | but not exhaustive, sample to train the designated expert's eye on | |||
| registration attempts. | invalid registration attempts. | |||
| All the example registration requests use two CoAP Content-Format | All the example registration requests use two CoAP Content-Format | |||
| identifiers: 64998 and 64999. | identifiers: 64998 and 64999. | |||
| For each of the following example registration requests, one can | ||||
| create a similar instance where the requested registration is for a | ||||
| CoAP Content-Format identifier within the "IETF Review with Expert | ||||
| Review or IESG Approval with Expert Review" range. Likewise, such | ||||
| registrations must not be allowed to succeed. | ||||
| 4.1.5.1. The Media Type is Unknown | 4.1.5.1. The Media Type is Unknown | |||
| The registrant requests an FCFS Content-Format ID for an unknown | The registrant requests an FCFS Content-Format ID for an unknown | |||
| Media Type: | Media Type: | |||
| +==========================+================+=======+ | +==========================+================+=======+ | |||
| | Content Type | Content Coding | ID | | | Content Type | Content Coding | ID | | |||
| +==========================+================+=======+ | +==========================+================+=======+ | |||
| | application/unknown+cbor | - | 64999 | | | application/unknown+cbor | - | 64999 | | |||
| +--------------------------+----------------+-------+ | +--------------------------+----------------+-------+ | |||
| skipping to change at line 496 ¶ | skipping to change at line 490 ¶ | |||
| The registrant requests an FCFS Content-Format ID for a Media Type | The registrant requests an FCFS Content-Format ID for a Media Type | |||
| that includes a parameter. The value of this parameter appears | that includes a parameter. The value of this parameter appears | |||
| distinct from that of a (hypothetical) previously registered Content- | distinct from that of a (hypothetical) previously registered Content- | |||
| Format ID 64998 that also includes this parameter. However, the | Format ID 64998 that also includes this parameter. However, the | |||
| semantics of the parameter value are identical to the existing | semantics of the parameter value are identical to the existing | |||
| registration. | registration. | |||
| In this example, the eat_profile parameter value (which can be any | In this example, the eat_profile parameter value (which can be any | |||
| URI) is set as a Uniform Resource Name (URN) [RFC8141]. Since the | URI) is set as a Uniform Resource Name (URN) [RFC8141]. Since the | |||
| Namespace Identifier (see example in this example) for URNs is | Namespace Identifier (example, in this case) for URNs is defined as | |||
| defined as case insensitive, the two registrations are semantically | case insensitive, the two registrations are semantically identical. | |||
| identical. | ||||
| +=====================================+================+=======+ | +=====================================+================+=======+ | |||
| | Content Type | Content Coding | ID | | | Content Type | Content Coding | ID | | |||
| +=====================================+================+=======+ | +=====================================+================+=======+ | |||
| | application/ | - | 64998 | | | application/ | - | 64998 | | |||
| | eat+cwt;eat_profile="urn:example:1" | | | | | eat+cwt;eat_profile="urn:example:1" | | | | |||
| +-------------------------------------+----------------+-------+ | +-------------------------------------+----------------+-------+ | |||
| | application/ | - | 64999 | | | application/ | - | 64999 | | |||
| | eat+cwt;eat_profile="urn:EXAMPLE:1" | | | | | eat+cwt;eat_profile="urn:EXAMPLE:1" | | | | |||
| +-------------------------------------+----------------+-------+ | +-------------------------------------+----------------+-------+ | |||
| End of changes. 11 change blocks. | ||||
| 36 lines changed or deleted | 29 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||