Internet-Draft Multipart Content-Format for CoAP October 2013
Fossati Expires 4 May 2014 [Page]
Workgroup:
Internet Engineering Task Force
Internet-Draft:
draft-fossati-core-multipart-ct-02
Published:
Intended Status:
Standards Track
Expires:
Author:
T.F. Fossati
KoanLogic

Multipart Content-Format Encoding for CoAP

Abstract

This memo defines Multipart, an "anonymous" Content-Format that can be used to combine several different media types into a single CoAP message-body with minimal framing overhead.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on 4 April 2014.

Table of Contents

1. Introduction

This memo defines Multipart, an "anonymous" Content-Format that can be used to combine several different media types into a single CoAP message-body with minimal framing overhead.

This simple and pretty efficient binary framing mechanism can be employed as an alternative to fully fledged marshalling mechanisms (e.g. JSON [RFC4627]), to create application specific formats which build on already existing types by assigning to them individual semantics.

Applications using the Multipart Content-Format are supposed to define the internal structure of the Multipart representation, as well as registering its outermost type -- typically one in range 10000-64999.

Specific sub-types in a Multipart container are always found at the same fixed position corresponding to their implicit name. Thus, the way to allow for optional parts, is to carry them as zero-length values for their respective types.

1.1. Requirements Language

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].

2. Multipart Content-Format Encoding

Multipart encoding uses multiple adjacent frames each of which represents a single media. Every frame can be broken down into three logical pieces: the type of the framed media (T), its length in bytes (L), and the media payload itself (V) as depicted in the following figure.

,------------------ Multipart ------------------.
+------+------+------+     +------+------+------+
| T[1] | L[1] | V[1] | ... | T[n] | L[n] | V[n] |
+------+------+------+     +------+------+------+
`------ part 1 ------'     `------ part n ------'

The syntax and semantics associated to the TLV frames is as follows:

T:
is one of the numeric content format identifiers defined in the CoAP Content-Format Registry (Section 12.3 of [I-D.ietf-core-coap]), and is encoded as a 16-bit unsigned integer.
L:
is the length in bytes of the following V frame, encoded as defined in Section 3. It determines the offset of the next part, or the end of the multipart representation when applied to the last part.
V:
is the media, encoded as implied by the preceding T field, yet opaquely to the Multipart encoder/decoder.

The T and L fields are in network byte order.

3. Length Encoding

Three different encodings are defined for the L value depending on the actual size of the corresponding V: Small for V whose size in bytes is in range [0, 127], Medium for sizes in [128, 16383], and Large to cover the [16384, 2^63 - 1] range.

An encoder MUST always use the most compact encoding, i.e. Small for size less than 128 bytes, Medium for size less then 16384 bytes, and Large in all other cases. A decoder MAY discard a received Multipart payload if any of its L fields does not use the most compact encoding for the given size.

3.1. Small

The Small encoding uses exactly one byte. The MSB is set to 0, and the next 7 bits are used to represent an unsigned integer in range [0, 127].

 0   1 2 3 4 5 6 7
+-+ +-+-+-+-+-+-+-+
|0| | 0x00 - 0x7F |
+-+ +-+-+-+-+-+-+-+

3.2. Medium

The Medium encoding uses exactly two bytes. The two upper bits of the first byte are set to 1 and 0 respectively. The following 14 bits are used to represent an unsigned integer in range [128, 16383]. Values outside this range MUST not be encoded using the Medium format.

 0 1   2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|1 0| |      0x0080 - 0x3FFF      |
+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+

3.3. Large

The Large encoding uses a variable number of bytes (at least three) and is logically split into two parts. The first part is exactly one byte with the two upper bits set to 1. The lower 6 bits of the first byte encode the length's length (LL) as an unsigned integer which MUST NOT be less than 2.

 0 1   2 3 4 5 6 7
+-+-+ +-+-+-+-+-+-+
|1 1| |0x02 - 0x3F|
+-+-+ +-+-+-+-+-+-+

The actual length of V -- which consumes at least 2 other bytes -- follows, encoded using as many bytes as declared by the preceding LL.

When LL is 0x02, then the length MUST NOT be less than 0x4000.

4. IANA Considerations

Applications using the Multipart Content-Format are supposed to define the internal structure of the Multipart representation, as well as registering its outermost type (typically one in range 10000-64999) in the "CoAP Content-Formats" sub-registry, within the "CoRE Parameters" registry.

5. Security Considerations

The Large encoding may trigger insanely huge buffer allocations on the receiving party. Receivers of Multipart SHOULD put a cap on the maximum allowed size of the whole Multipart. A CoAP server MAY respond with a 4.13 (Request Entity Too Large) status code to such requests, and refuse to proceed further (i.e. processing remaining parts).

A CoAP client can't tell whether a 4.15 (Unsupported Content-Format) status code applies to the whole Multipart or just to one of its sub-types. An attacker may leverage on this ambiguity to craft application specific attacks (e.g. to cause downgraded behaviour). Applications built on top of Multipart need to handle such eventuality in a safe way.

6. References

6.1. Normative References

[I-D.ietf-core-coap]
Shelby, Z., Hartke, K., and C. Bormann, "Constrained Application Protocol (CoAP)", Work in Progress, Internet-Draft, draft-ietf-core-coap-18, , <http://www.ietf.org/internet-drafts/draft-ietf-core-coap-18.txt>.
[RFC2119]
Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, , <https://www.rfc-editor.org/info/rfc2119>.

6.2. Informative References

[RFC4627]
Crockford, D., "The application/json Media Type for JavaScript Object Notation (JSON)", RFC 4627, DOI 10.17487/RFC4627, , <https://www.rfc-editor.org/info/rfc4627>.

Author's Address

Thomas Fossati
KoanLogic