| rfc9952.original.md | rfc9952.md | |||
|---|---|---|---|---|
| --- | --- | |||
| title: "ALPN ID Specification for CoAP over DTLS " | title: "The Application-Layer Protocol Negotiation (ALPN) ID Specification for the Co nstrained Application Protocol (CoAP) over DTLS" | |||
| abbrev: "CoRE ALPN" | abbrev: "CoRE ALPN" | |||
| category: info | category: info | |||
| docname: draft-ietf-core-coap-dtls-alpn-05 | docname: draft-ietf-core-coap-dtls-alpn-05 | |||
| submissiontype: IETF # also: "independent", "editorial", "IAB", or "IRTF" | submissiontype: IETF | |||
| number: | number: 9952 | |||
| date: | updates: | |||
| obsoletes: | ||||
| consensus: true | consensus: true | |||
| ipr: trust200902 | ||||
| pi: [toc, symrefs, sortrefs] | ||||
| date: 2026-03 | ||||
| v: 3 | v: 3 | |||
| area: "Web and Internet Transport" | area: WIT | |||
| workgroup: "Constrained RESTful Environments" | workgroup: core | |||
| keyword: | keyword: | |||
| - CoRE | - CoRE | |||
| - CoAP | - CoAP | |||
| - SVCB | - SVCB | |||
| - DTLS | - DTLS | |||
| - ALPN | - ALPN | |||
| venue: | ||||
| group: "Constrained RESTful Environments" | ||||
| type: "Working Group" | ||||
| mail: "core@ietf.org" | ||||
| arch: "https://mailarchive.ietf.org/arch/browse/core/" | ||||
| github: "core-wg/coap-dtls-alpn" | ||||
| latest: "https://core-wg.github.io/coap-dtls-alpn/draft-ietf-core-coap-dtls-alpn. | ||||
| html" | ||||
| author: | author: | |||
| - fullname: Martine Sophie Lenders | - fullname: Martine Sophie Lenders | |||
| org: TUD Dresden University of Technology | org: TUD Dresden University of Technology | |||
| abbrev: TU Dresden | abbrev: TU Dresden | |||
| street: Helmholtzstr. 10 | street: Helmholtzstr. 10 | |||
| city: Dresden | city: Dresden | |||
| code: D-01069 | code: D-01069 | |||
| country: Germany | country: Germany | |||
| email: martine.lenders@tu-dresden.de | email: martine.lenders@tu-dresden.de | |||
| skipping to change at line 65 ¶ | skipping to change at line 62 ¶ | |||
| normative: | normative: | |||
| RFC6347: dtls12 | RFC6347: dtls12 | |||
| RFC7252: coap | RFC7252: coap | |||
| RFC7301: alpn | RFC7301: alpn | |||
| RFC9147: dtls13 | RFC9147: dtls13 | |||
| RFC9460: svcb | RFC9460: svcb | |||
| informative: | informative: | |||
| RFC8323: coap-tcp | RFC8323: coap-tcp | |||
| RFC8446: tls13 | RFC8446: tls13 | |||
| I-D.ietf-core-dns-over-coap: doc | # I-D.ietf-core-dns-over-coap: doc | |||
| PRE-RFC9953: | ||||
| -: doc | ||||
| title: > | ||||
| DNS over the Constrained Application Protocol (DoC) | ||||
| target: https://www.rfc-editor.org/info/rfc9953 | ||||
| seriesinfo: | ||||
| RFC: PRE-9953 | ||||
| DOI: 10.17487/PRE-RFC9953 | ||||
| date: March 2026 | ||||
| author: | ||||
| - | ||||
| fullname: Martine Sophie Lenders | ||||
| - | ||||
| fullname: Christian Amsüss | ||||
| - | ||||
| fullname: Cenk Gündoğan | ||||
| - | ||||
| fullname: Thomas C. Schmidt | ||||
| - | ||||
| fullname: Matthias Wählisch | ||||
| RFC4944: 6lo | RFC4944: 6lo | |||
| --- abstract | --- abstract | |||
| <!-- [rfced] FYI - We updated [I-D.ietf-core-dns-over-coap] to [PRE-RFC9953] | ||||
| for now. We will make the final updates in RFCXML (i.e., remove "PRE-"). | ||||
| --> | ||||
| <!--[rfced] Author Names | ||||
| a) Thomas, we note "T. C. Schmidt" in the document header; however, the | ||||
| majority of past RFCs have used "T. Schmidt". Which form do you prefer? | ||||
| b) Martine, please confirm if you prefer "M. S. Lenders" or "M. Lenders" | ||||
| in the document header. | ||||
| --> | ||||
| <!-- [I-D.ietf-core-dns-over-coap] - RFC 9953 | ||||
| draft-ietf-core-dns-over-coap-20 | ||||
| Companion document (C554) | ||||
| --> | ||||
| <!--[rfced] Document Title | ||||
| a) Please note that the document title has been updated as follows. | ||||
| Abbreviations have been expanded per Section 3.6 of RFC 7322 ("RFC Style | ||||
| Guide"). | ||||
| In addition, is "Specification" essential to the title or may it be removed | ||||
| for conciseness? | ||||
| Original (document title): | ||||
| ALPN ID Specification for CoAP over DTLS | ||||
| Current: | ||||
| The Application-Layer Protocol Negotiation (ALPN) ID Specification for | ||||
| the Constrained Application Protocol (CoAP) over DTLS | ||||
| Perhaps: | ||||
| Application-Layer Protocol Negotiation (ALPN) ID for | ||||
| the Constrained Application Protocol (CoAP) over DTLS | ||||
| b) For the short title that spans the header of the PDF file, should "CoRE | ||||
| ALPN" be updated to "ALPN ID for CoAP over DTLS" to more closely match the | ||||
| document title? | ||||
| Original (short title): | ||||
| CoRE ALPN | ||||
| Perhaps: | ||||
| ALPN ID for CoAP over DTLS | ||||
| --> | ||||
| <!-- [rfced] Abstract: Should the abstract mention DTLS? | ||||
| Original: | ||||
| This document specifies an Application-Layer Protocol Negotiation | ||||
| (ALPN) ID for transport-layer-secured Constrained Application | ||||
| Protocol (CoAP) services. | ||||
| Perhaps (similar to text in the Introduction): | ||||
| This document specifies an Application-Layer Protocol Negotiation | ||||
| (ALPN) ID for Constrained Application | ||||
| Protocol (CoAP) services that are secured by DTLS. | ||||
| --> | ||||
| <!-- [rfced] Introduction: We updated "by transport layer security using DTLS" | ||||
| to "by TLS using DTLS" here. Would further updating as shown below improve | ||||
| this sentence? | ||||
| Original: | ||||
| This document | ||||
| specifies an ALPN ID for CoAP services that are secured by transport | ||||
| layer security using DTLS. | ||||
| Current: | ||||
| This document | ||||
| specifies an ALPN ID for CoAP services that are secured by TLS | ||||
| using DTLS. | ||||
| Perhaps: | ||||
| This document | ||||
| specifies an ALPN ID for CoAP services that are secured | ||||
| by DTLS. | ||||
| --> | ||||
| This document specifies an Application-Layer Protocol Negotiation (ALPN) ID for | This document specifies an Application-Layer Protocol Negotiation (ALPN) ID for | |||
| transport-layer-secured Constrained Application Protocol (CoAP) services. | transport-layer-secured Constrained Application Protocol (CoAP) services. | |||
| --- middle | --- middle | |||
| # Introduction | # Introduction | |||
| Application-Layer Protocol Negotiation (ALPN) enables communicating parties to agree on an application-layer protocol during a Transport Layer Security (TLS) handshake us ing an ALPN ID {{-alpn}}. | Application-Layer Protocol Negotiation (ALPN) enables communicating parties to agree on an application-layer protocol during a Transport Layer Security (TLS) handshake us ing an ALPN ID {{-alpn}}. | |||
| This ALPN ID can be discovered for services as part of Service Bindings (SVCB) via th e DNS, using SVCB resource records with the "alpn" Service Parameter Keys {{-svcb}}. | This ALPN ID can be discovered for services as part of Service Bindings (SVCBs) via t he DNS, using SVCB resource records with the "alpn" Service Parameter Keys {{-svcb}}. | |||
| As an example, applications that use the Constrained Application Protocol (CoAP) {{-c oap}} can obtain this information as part of the discovery of DNS over CoAP (DoC) ser vers (see {{Section 3.2 of -doc}}) that deploy TLS 1.3 {{-tls13}} as well as Datagram Transport Layer Security (DTLS) 1.2 or 1.3 {{-dtls12}} {{-dtls13}} to secure their m essages. | As an example, applications that use the Constrained Application Protocol (CoAP) {{-c oap}} can obtain this information as part of the discovery of DNS over CoAP (DoC) ser vers (see {{Section 3.2 of -doc}}) that deploy TLS 1.3 {{-tls13}} as well as Datagram Transport Layer Security (DTLS) 1.2 or 1.3 {{-dtls12}} {{-dtls13}} to secure their m essages. | |||
| This document specifies an ALPN ID for CoAP services that are secured by transport la yer security using DTLS. | This document specifies an ALPN ID for CoAP services that are secured by TLS using DT LS. | |||
| An ALPN ID for CoAP services secured by TLS has already been specified in {{-coap-tcp }}. | An ALPN ID for CoAP services secured by TLS has already been specified in {{-coap-tcp }}. | |||
| # Application-Layer Protocol Negotiation (ALPN) IDs | # Application-Layer Protocol Negotiation (ALPN) IDs | |||
| For CoAP over TLS, an ALPN ID was defined as "coap" in {{-coap-tcp}}. | For CoAP over TLS, an ALPN ID is defined as "coap" in {{-coap-tcp}}. | |||
| As it is not advisable to re-use the same ALPN ID for a different transport layer, an | As it is not advisable to reuse the same ALPN ID for a different transport layer, an | |||
| ALPN for | ALPN for | |||
| CoAP over DTLS is registered in {{iana-coap-alpn}}. | CoAP over DTLS is registered in {{iana}}. | |||
| ALPN ID values have variable length. | ALPN ID values have variable length. | |||
| For CoAP over DTLS, a short value ("co") is allocated, as this can avoid fragmentatio n of Client Hello and Server Hello messages in constrained networks with link-layer f ragmentation, such as 6LoWPAN {{-6lo}}. | For CoAP over DTLS, a short value ("co") is allocated, as this can avoid fragmentatio n of Client Hello and Server Hello messages in constrained networks with link-layer f ragmentation, such as 6LoWPAN {{-6lo}}. | |||
| To discover CoAP services that secure their messages with TLS or DTLS, the ALPN IDs " coap" and "co" can be used, respectively, in | To discover CoAP services that secure their messages with TLS or DTLS, the ALPN IDs " coap" and "co" can be used, respectively, in | |||
| the same manner as for any other service secured with transport layer security, as | the same manner as for any other service secured with TLS, as | |||
| described in {{-svcb}}. | described in {{-svcb}}. | |||
| The discovery of CoAP services that rely on other security mechanisms is out of the s cope of this document. | The discovery of CoAP services that rely on other security mechanisms is out of the s cope of this document. | |||
| # Security Considerations | # Security Considerations | |||
| Any security considerations on ALPN (see {{-alpn}}) and SVCB resource records (see {{ -svcb}}) also apply to this document. | Any security considerations for ALPN (see {{-alpn}}) and SVCB resource records (see { {-svcb}}) also apply to this document. | |||
| # IANA Considerations {#iana} | # IANA Considerations {#iana} | |||
| [^replace-xxxx] | IANA has added the following entry to the "TLS Application-Layer Protocol Negotiation | |||
| (ALPN) Protocol IDs" registry in the "Transport Layer Security (TLS) Extensions" reg | ||||
| [^replace-xxxx]: RFC Ed.: throughout this section, please replace | istry group. | |||
| RFC-XXXX with the RFC number of this specification and remove this | ||||
| note. | ||||
| This document has the following actions for IANA. | ||||
| ## TLS ALPN for CoAP {#iana-coap-alpn} | ||||
| The following entry has been added to the "TLS Application-Layer Protocol Negotiation | ||||
| (ALPN) Protocol IDs" registry, which is part of the "Transport Layer Security (TLS) | ||||
| Extensions" registry group. | ||||
| * Protocol: CoAP (over DTLS) | | Protocol | Identification Sequence | Reference | | |||
| * Identification sequence: 0x63 0x6f ("co") | | CoAP (over DTLS) | 0x63 0x6f ("co") | {{-coap}}, RFC 9952 | | |||
| * Reference: {{-coap}} and \[RFC-XXXX\] | {: title="TLS Application-Layer Protocol Negotiation (ALPN) Protocol IDs Registry" #t | |||
| able1} | ||||
| Note that {{-coap}} does not define the use of the ALPN TLS extension during the DTLS connection handshake. | Note that {{-coap}} does not define the use of the ALPN TLS extension during the DTLS connection handshake. | |||
| This document does not change this behavior, and thus does not establish any rules li ke those in {{Section 8.2 of -coap-tcp}}. | This document does not change this behavior and thus does not establish any rules lik e those in {{Section 8.2 of -coap-tcp}}. | |||
| --- back | --- back | |||
| # Change Log | ||||
| ## Since [draft-ietf-core-coap-dtls-alpn-04] | ||||
| - Address Deb Cooley's IESG ballot COMMENT | ||||
| ## Since [draft-ietf-core-coap-dtls-alpn-03] | ||||
| - Make DTLS references normative | ||||
| ## Since [draft-ietf-core-coap-dtls-alpn-02] | ||||
| - Address shepherd review | ||||
| ## Since [draft-ietf-core-coap-dtls-alpn-01] | ||||
| - Address review by Esko Dijk | ||||
| - Address review by Marco Tiloca | ||||
| ## Since [draft-ietf-core-coap-dtls-alpn-00] | ||||
| - Fix ALPN ID for CoAP over TLS | ||||
| - Change intended status to Informational | ||||
| [draft-ietf-core-coap-dtls-alpn-04]: https://datatracker.ietf.org/doc/draft-ietf-core | ||||
| -coap-dtls-alpn/04/ | ||||
| [draft-ietf-core-coap-dtls-alpn-03]: https://datatracker.ietf.org/doc/draft-ietf-core | ||||
| -coap-dtls-alpn/03/ | ||||
| [draft-ietf-core-coap-dtls-alpn-02]: https://datatracker.ietf.org/doc/draft-ietf-core | ||||
| -coap-dtls-alpn/02/ | ||||
| [draft-ietf-core-coap-dtls-alpn-01]: https://datatracker.ietf.org/doc/draft-ietf-core | ||||
| -coap-dtls-alpn/01/ | ||||
| [draft-ietf-core-coap-dtls-alpn-00]: https://datatracker.ietf.org/doc/draft-ietf-core | ||||
| -coap-dtls-alpn/00/ | ||||
| # Acknowledgments | # Acknowledgments | |||
| {:unnumbered} | {:unnumbered} | |||
| We like to thank Rich Salz for the expert review on the "co" ALPN ID allocation. | We would like to thank {{{Rich Salz}}} for the expert review on the "co" ALPN ID allo | |||
| We also like to thank Mohamed Boucadair and Ben Schwartz for their early review befor | cation. | |||
| e WG adoption | We would also like to thank {{{Mohamed Boucadair}}} and {{{Ben Schwartz}}} for their | |||
| of this draft and Esko Dijk, Thomas Fossati, and Marco Tiloca for their feedback and | early reviews before WG adoption | |||
| comments. | of this specification and {{{Esko Dijk}}}, {{{Thomas Fossati}}}, and {{{Marco Tiloca} | |||
| }} for their feedback and comments. | ||||
| <!--[rfced] Please review the "Inclusive Language" portion of the online Style | ||||
| Guide <https://www.rfc-editor.org/styleguide/part2/#inclusive_language> and | ||||
| let us know if any changes are needed. Updates of this nature typically | ||||
| result in more precise language, which is helpful for readers. | ||||
| Note that our script did not flag any words in particular, but this should | ||||
| still be reviewed as a best practice. | ||||
| --> | ||||
| End of changes. 17 change blocks. | ||||
| 75 lines changed or deleted | 129 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||