Skip to main content

ALPN ID Specification for CoAP over DTLS
draft-ietf-core-coap-dtls-alpn-00

Document Type Active Internet-Draft (core WG)
Authors Martine Sophie Lenders , Christian Amsüss , Thomas C. Schmidt , Matthias Wählisch
Last updated 2024-09-05
Replaces draft-lenders-core-coap-dtls-svcb
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Formats
Additional resources Working Group Repo
Mailing list discussion
Stream WG state WG Document
Document shepherd (None)
IESG IESG state I-D Exists
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)
draft-ietf-core-coap-dtls-alpn-00
Constrained RESTful Environments                           M. S. Lenders
Internet-Draft                                                TU Dresden
Intended status: Standards Track                               C. Amsüss
Expires: 9 March 2025                                                   
                                                           T. C. Schmidt
                                                             HAW Hamburg
                                                             M. Wählisch
                                        TU Dresden & Barkhausen Institut
                                                        5 September 2024

                ALPN ID Specification for CoAP over DTLS
                   draft-ietf-core-coap-dtls-alpn-00

Abstract

   This document specifies an Application-Layer Protocol Negotiation
   (ALPN) ID for transport-layer-secured CoAP services.

About This Document

   This note is to be removed before publishing as an RFC.

   The latest revision of this draft can be found at https://anr-bmbf-
   pivot.github.io/draft-ietf-core-coap-dtls-alpn/draft-ietf-core-coap-
   dtls-alpn.html.  Status information for this document may be found at
   https://datatracker.ietf.org/doc/draft-ietf-core-coap-dtls-alpn/.

   Discussion of this document takes place on the Constrained RESTful
   Environments Working Group mailing list (mailto:core@ietf.org), which
   is archived at https://mailarchive.ietf.org/arch/browse/core/.
   Subscribe at https://www.ietf.org/mailman/listinfo/core/.

   Source for this draft and an issue tracker can be found at
   https://github.com/anr-bmbf-pivot/draft-ietf-core-coap-dtls-alpn.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

Lenders, et al.           Expires 9 March 2025                  [Page 1]
Internet-Draft                  CoRE ALPN                 September 2024

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 9 March 2025.

Copyright Notice

   Copyright (c) 2024 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info) in effect on the date of publication of this document.
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.  Code Components
   extracted from this document must include Revised BSD License text as
   described in Section 4.e of the Trust Legal Provisions and are
   provided without warranty as described in the Revised BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Application-Layer Protocol Negotiation (ALPN) IDs . . . . . .   3
   3.  Security Considerations . . . . . . . . . . . . . . . . . . .   3
   4.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   3
     4.1.  TLS ALPN for CoAP . . . . . . . . . . . . . . . . . . . .   3
   5.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   3
     5.1.  Normative References  . . . . . . . . . . . . . . . . . .   3
     5.2.  Informative References  . . . . . . . . . . . . . . . . .   4
   Appendix A.  Change Log . . . . . . . . . . . . . . . . . . . . .   4
   Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . .   4
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   4

1.  Introduction

   Application-Layer Protocol Negotiation (ALPN) enable communicating
   parties to agree on an application-layer protocol during a Transport
   Layer Security (TLS) handshake using an ALPN ID.  This ALPN ID can be
   discovered for services as part of Service Bindings (SVCB) via the
   DNS, using SVCB resource records with the "alpn" Service Parameter
   Keys.  As an example, this information can be obtained as part of the
   discovery of DNS over CoAP (DoC) servers (see
   [I-D.ietf-core-dns-over-coap]) that deploy TLS or DTLS to secure
   their messages.  This document specifies an ALPN ID for CoAP services
   that are secured by transport security using DTLS.  An ALPN ID for
   CoAP service secured by TLS has already been specified in [RFC8323].

Lenders, et al.           Expires 9 March 2025                  [Page 2]
Internet-Draft                  CoRE ALPN                 September 2024

2.  Application-Layer Protocol Negotiation (ALPN) IDs

   For CoAP over TLS an ALPN ID was defined as "coaps" in [RFC8323].  As
   it is not advisable to re-use the same ALPN ID for a different
   transport layer, an ALPN for CoAP over DTLS is registered in
   Section 4.

   ALPN ID values have variable length.  Here, a short value ("co") is
   allocated for CoAP over DTLS, as this can avoid fragmentation of
   Client Hello and Server Hello messages in constrained networks with
   link-layer fragmentation, such as 6LoWPAN [RFC4944].

   To discover CoAP services that secure their messages with TLS or
   DTLS, ALPN IDs "coaps" and "co" can be used respectively in the same
   manner as for any other service secured with transport layer
   security, as described in [RFC9460].  Other authentication mechanisms
   are currently out of scope.

3.  Security Considerations

   Any security considerations on ALPN (see [RFC7301]) and SVCB resource
   records (see [RFC9460]), also apply to this document.

4.  IANA Considerations

4.1.  TLS ALPN for CoAP

   The following entry has been added to the "TLS Application-Layer
   Protocol Negotiation (ALPN) Protocol IDs" registry, which is part of
   the "Transport Layer Security (TLS) Extensions" group.

   *  Protocol: CoAP (over DTLS)

   *  Identification sequence: 0x63 0x6f ("co")

   *  Reference: [RFC7252] and [this document]

   Note that [RFC7252] does not define the use of the ALPN TLS extension
   during the DTLS connection handshake.  This document does not change
   this behavior, and thus does not establish any rules like those in
   Section 8.2 of [RFC8323].

5.  References

5.1.  Normative References

Lenders, et al.           Expires 9 March 2025                  [Page 3]
Internet-Draft                  CoRE ALPN                 September 2024

   [RFC7252]  Shelby, Z., Hartke, K., and C. Bormann, "The Constrained
              Application Protocol (CoAP)", RFC 7252,
              DOI 10.17487/RFC7252, June 2014,
              <https://www.rfc-editor.org/rfc/rfc7252>.

   [RFC7301]  Friedl, S., Popov, A., Langley, A., and E. Stephan,
              "Transport Layer Security (TLS) Application-Layer Protocol
              Negotiation Extension", RFC 7301, DOI 10.17487/RFC7301,
              July 2014, <https://www.rfc-editor.org/rfc/rfc7301>.

   [RFC9460]  Schwartz, B., Bishop, M., and E. Nygren, "Service Binding
              and Parameter Specification via the DNS (SVCB and HTTPS
              Resource Records)", RFC 9460, DOI 10.17487/RFC9460,
              November 2023, <https://www.rfc-editor.org/rfc/rfc9460>.

5.2.  Informative References

   [I-D.ietf-core-dns-over-coap]
              Lenders, M. S., Amsüss, C., Gündoğan, C., Schmidt, T. C.,
              and M. Wählisch, "DNS over CoAP (DoC)", Work in Progress,
              Internet-Draft, draft-ietf-core-dns-over-coap-07, 28 June
              2024, <https://datatracker.ietf.org/doc/html/draft-ietf-
              core-dns-over-coap-07>.

   [RFC4944]  Montenegro, G., Kushalnagar, N., Hui, J., and D. Culler,
              "Transmission of IPv6 Packets over IEEE 802.15.4
              Networks", RFC 4944, DOI 10.17487/RFC4944, September 2007,
              <https://www.rfc-editor.org/rfc/rfc4944>.

   [RFC8323]  Bormann, C., Lemay, S., Tschofenig, H., Hartke, K.,
              Silverajan, B., and B. Raymor, Ed., "CoAP (Constrained
              Application Protocol) over TCP, TLS, and WebSockets",
              RFC 8323, DOI 10.17487/RFC8323, February 2018,
              <https://www.rfc-editor.org/rfc/rfc8323>.

Appendix A.  Change Log

Acknowledgments

   We like to thank Rich Salz for the expert review on the "co" ALPN ID
   allocation.  We also like to thank Mohamed Boucadair and Ben Schwartz
   for their early review before WG adoption of this draft.

Authors' Addresses

Lenders, et al.           Expires 9 March 2025                  [Page 4]
Internet-Draft                  CoRE ALPN                 September 2024

   Martine Sophie Lenders
   TUD Dresden University of Technology
   Helmholtzstr. 10
   D-01069 Dresden
   Germany
   Email: martine.lenders@tu-dresden.de

   Christian Amsüss
   Email: christian@amsuess.com

   Thomas C. Schmidt
   HAW Hamburg
   Berliner Tor 7
   D-20099 Hamburg
   Germany
   Email: t.schmidt@haw-hamburg.de

   Matthias Wählisch
   TUD Dresden University of Technology & Barkhausen Institut
   Helmholtzstr. 10
   D-01069 Dresden
   Germany
   Email: m.waehlisch@tu-dresden.de

Lenders, et al.           Expires 9 March 2025                  [Page 5]