Skip to main content

Constrained Application Protocol (CoAP): Echo, Request-Tag, and Token Processing

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: Marco Tiloca <>, The IESG <>,,,,,,
Subject: Protocol Action: 'CoAP: Echo, Request-Tag, and Token Processing' to Proposed Standard (draft-ietf-core-echo-request-tag-14.txt)

The IESG has approved the following document:
- 'CoAP: Echo, Request-Tag, and Token Processing'
  (draft-ietf-core-echo-request-tag-14.txt) as Proposed Standard

This document is the product of the Constrained RESTful Environments Working

The IESG contact persons are Murray Kucherawy and Francesca Palombini.

A URL of this Internet Draft is:

Ballot Text

Technical Summary
   This document specifies enhancements to the Constrained Application
   Protocol (CoAP) that mitigate security issues in particular use
   cases.  The Echo option enables a CoAP server to verify the freshness
   of a request or to force a client to demonstrate reachability at its
   claimed network address.  The Request-Tag option allows the CoAP
   server to match block-wise message fragments belonging to the same
   request.  This document updates RFC7252 with respect to the client
   Token processing requirements, forbidding non-secure reuse of Tokens
   to ensure binding of response to request when CoAP is used with
   security, and with respect to amplification mitigation, where the use
   of Echo is now recommended.

Working Group Summary / Document Quality
The document has been discussed in multiple IETF meetings, and has
gone through multiple expert reviews. Consensus has been reached on
the content of this document and its need.

Document Shepherd: Marco Tiloca
Area Director: Francesca Palombini

RFC Editor Note