Internet Engineering Task Force T. Fossati Internet-Draft KoanLogic Intended status: Standards Track October 11, 2013 Expires: April 14, 2014 Multipart Content-Format Encoding for CoAP draft-fossati-core-multipart-ct-02 Abstract This memo defines Multipart, an "anonymous" Content-Format that can be used to combine several different media types into a single CoAP message-body with minimal framing overhead. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on April 14, 2014. Copyright Notice Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Fossati Expires April 14, 2014 [Page 1] Internet-Draft Multipart Content-Format for CoAP October 2013 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 2 2. Multipart Content-Format Encoding . . . . . . . . . . . . . . 2 3. Length Encoding . . . . . . . . . . . . . . . . . . . . . . . 3 3.1. Small . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3.2. Medium . . . . . . . . . . . . . . . . . . . . . . . . . 4 3.3. Large . . . . . . . . . . . . . . . . . . . . . . . . . . 4 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 5. Security Considerations . . . . . . . . . . . . . . . . . . . 5 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 5 6.1. Normative References . . . . . . . . . . . . . . . . . . 5 6.2. Informative References . . . . . . . . . . . . . . . . . 5 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 5 1. Introduction This memo defines Multipart, an "anonymous" Content-Format that can be used to combine several different media types into a single CoAP message-body with minimal framing overhead. This simple and pretty efficient binary framing mechanism can be employed as an alternative to fully fledged marshalling mechanisms (e.g. JSON [RFC4627]), to create application specific formats which build on already existing types by assigning to them individual semantics. Applications using the Multipart Content-Format are supposed to define the internal structure of the Multipart representation, as well as registering its outermost type -- typically one in range 10000-64999. Specific sub-types in a Multipart container are always found at the same fixed position corresponding to their implicit name. Thus, the way to allow for optional parts, is to carry them as zero-length values for their respective types. 1.1. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 2. Multipart Content-Format Encoding Multipart encoding uses multiple adjacent frames each of which represents a single media. Every frame can be broken down into three Fossati Expires April 14, 2014 [Page 2] Internet-Draft Multipart Content-Format for CoAP October 2013 logical pieces: the type of the framed media (T), its length in bytes (L), and the media payload itself (V) as depicted in the following figure. ,------------------ Multipart ------------------. +------+------+------+ +------+------+------+ | T[1] | L[1] | V[1] | ... | T[n] | L[n] | V[n] | +------+------+------+ +------+------+------+ `------ part 1 ------' `------ part n ------' The syntax and semantics associated to the TLV frames is as follows: T: is one of the numeric content format identifiers defined in the CoAP Content-Format Registry (Section 12.3 of [I-D.ietf-core-coap]), and is encoded as a 16-bit unsigned integer. L: is the length in bytes of the following V frame, encoded as defined in Section 3. It determines the offset of the next part, or the end of the multipart representation when applied to the last part. V: is the media, encoded as implied by the preceding T field, yet opaquely to the Multipart encoder/decoder. The T and L fields are in network byte order. 3. Length Encoding Three different encodings are defined for the L value depending on the actual size of the corresponding V: Small for V whose size in bytes is in range [0, 127], Medium for sizes in [128, 16383], and Large to cover the [16384, 2^63 - 1] range. An encoder MUST always use the most compact encoding, i.e. Small for size less than 128 bytes, Medium for size less then 16384 bytes, and Large in all other cases. A decoder MAY discard a received Multipart payload if any of its L fields does not use the most compact encoding for the given size. 3.1. Small The Small encoding uses exactly one byte. The MSB is set to 0, and the next 7 bits are used to represent an unsigned integer in range [0, 127]. Fossati Expires April 14, 2014 [Page 3] Internet-Draft Multipart Content-Format for CoAP October 2013 0 1 2 3 4 5 6 7 +-+ +-+-+-+-+-+-+-+ |0| | 0x00 - 0x7F | +-+ +-+-+-+-+-+-+-+ 3.2. Medium The Medium encoding uses exactly two bytes. The two upper bits of the first byte are set to 1 and 0 respectively. The following 14 bits are used to represent an unsigned integer in range [128, 16383]. Values outside this range MUST not be encoded using the Medium format. 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |1 0| | 0x0080 - 0x3FFF | +-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 3.3. Large The Large encoding uses a variable number of bytes (at least three) and is logically split into two parts. The first part is exactly one byte with the two upper bits set to 1. The lower 6 bits of the first byte encode the length's length (LL) as an unsigned integer which MUST NOT be less than 2. 0 1 2 3 4 5 6 7 +-+-+ +-+-+-+-+-+-+ |1 1| |0x02 - 0x3F| +-+-+ +-+-+-+-+-+-+ The actual length of V -- which consumes at least 2 other bytes -- follows, encoded using as many bytes as declared by the preceding LL. When LL is 0x02, then the length MUST NOT be less than 0x4000. 4. IANA Considerations Applications using the Multipart Content-Format are supposed to define the internal structure of the Multipart representation, as well as registering its outermost type (typically one in range 10000-64999) in the "CoAP Content-Formats" sub-registry, within the "CoRE Parameters" registry. Fossati Expires April 14, 2014 [Page 4] Internet-Draft Multipart Content-Format for CoAP October 2013 5. Security Considerations The Large encoding may trigger insanely huge buffer allocations on the receiving party. Receivers of Multipart SHOULD put a cap on the maximum allowed size of the whole Multipart. A CoAP server MAY respond with a 4.13 (Request Entity Too Large) status code to such requests, and refuse to proceed further (i.e. processing remaining parts). A CoAP client can't tell whether a 4.15 (Unsupported Content-Format) status code applies to the whole Multipart or just to one of its sub- types. An attacker may leverage on this ambiguity to craft application specific attacks (e.g. to cause downgraded behaviour). Applications built on top of Multipart need to handle such eventuality in a safe way. 6. References 6.1. Normative References [I-D.ietf-core-coap] Shelby, Z., Hartke, K., and C. Bormann, "Constrained Application Protocol (CoAP)", draft-ietf-core-coap-18 (work in progress), June 2013. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. 6.2. Informative References [RFC4627] Crockford, D., "The application/json Media Type for JavaScript Object Notation (JSON)", RFC 4627, July 2006. Author's Address Thomas Fossati KoanLogic Email: tho@koanlogic.com Fossati Expires April 14, 2014 [Page 5]