PATCH and FETCH Methods for the Constrained Application Protocol (CoAP)
draft-ietf-core-etch-04
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2017-03-31
|
04 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2017-03-20
|
04 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2017-03-08
|
04 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2017-02-13
|
04 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2017-02-13
|
04 | (System) | IANA Action state changed to Waiting on RFC Editor from Waiting on Authors |
2017-02-10
|
04 | (System) | IANA Action state changed to Waiting on Authors |
2017-02-06
|
04 | (System) | RFC Editor state changed to EDIT |
2017-02-06
|
04 | (System) | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2017-02-06
|
04 | (System) | Announcement was received by RFC Editor |
2017-02-06
|
04 | Amy Vezza | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
2017-02-06
|
04 | Amy Vezza | IESG has approved the document |
2017-02-06
|
04 | Amy Vezza | Closed "Approve" ballot |
2017-02-06
|
04 | Amy Vezza | Ballot approval text was generated |
2017-02-06
|
04 | Amy Vezza | IESG state changed to Approved-announcement to be sent from IESG Evaluation::AD Followup |
2016-11-30
|
04 | Alexey Melnikov | [Ballot comment] Check if further changes in response to Kathleen's comment is needed. |
2016-11-30
|
04 | Alexey Melnikov | Ballot comment text updated for Alexey Melnikov |
2016-11-30
|
04 | Alissa Cooper | [Ballot comment] Thank you for addressing my DISCUSS. OLD COMMENT: = Section 2 = "(However, while processing a search request, a server can be expected … [Ballot comment] Thank you for addressing my DISCUSS. OLD COMMENT: = Section 2 = "(However, while processing a search request, a server can be expected to allocate computing and memory resources or even create additional server resources through which the response to the search can be retrieved.)" s/search/fetch/ would be clearer I think = Section 3 = "If the Request-URI does not point to an existing resource, the server MAY create a new resource with that URI, depending on the patch document type (whether it can logically modify a null resource) and permissions, etc." I know this is the same text as in RFC 5789, but it's vague. What else might create the basis for the server's decision besides the document type and permissions? = Section 5 = It seems that FETCH does introduce a new security consideration, in that any observer of FETCH requests can potentially glean information about the specific portions of a resource of interest to the requester. This might factor into decisions about whether to use DTLS to secure a particular request so may be worth mentioning. |
2016-11-30
|
04 | Alissa Cooper | [Ballot Position Update] Position for Alissa Cooper has been changed to No Objection from Discuss |
2016-11-14
|
04 | Spencer Dawkins | [Ballot comment] Thanks for working with me (and Alexey) to resolve my Discuss, which was: I'm following most of your reasoning behind having the twin … [Ballot comment] Thanks for working with me (and Alexey) to resolve my Discuss, which was: I'm following most of your reasoning behind having the twin methods PATCH and iPATCH, but I'm struggling a bit that there's nothing that I saw that prevents a problem when the client implements only PATCH and the server implements only iPATCH. The only text I saw that provides guidance about which method to implement is A client can mark a request as idempotent by using the iPATCH method instead of the PATCH method. This is the only difference between the two. The indication of idempotence may enable the server to keep less state about the interaction; some constrained servers may only implement the iPATCH variant for this reason. Maybe I missed something? If not, I saw There is no guarantee that a resource can be modified with PATCH or iPATCH. so, maybe that mismatch isn't going to be a problem in practice, but it seems sad that you might have a patchable resource, that can't be patched because of that mismatch. I'm not asking for "clients MUST implement iPATCH if you implement PATCH" (which would accommodate servers that only implement iPATCH), but I wonder if the working group talked about a way to avoid this mismatch? (My previous comment was) I was a bit uneasy with the "nearly" in The security considerations for PATCH or iPATCH are nearly identical to the security considerations for PUT ([RFC7252]). with no explanation of any differences, but I'll leave that for the SEC ADs to pick up on if it matters. |
2016-11-14
|
04 | Spencer Dawkins | [Ballot Position Update] Position for Spencer Dawkins has been changed to No Objection from Discuss |
2016-11-13
|
04 | Kathleen Moriarty | [Ballot comment] Thanks for the added text. It doesn't exactly cover my discuss and the attack mentioned, but I'll clear as the text is improved … [Ballot comment] Thanks for the added text. It doesn't exactly cover my discuss and the attack mentioned, but I'll clear as the text is improved and gets closer to what I think is needed. If a patch is corrupted or maliciously altered, there is no way to detect this and it can happen when stored (no hash or signature validation is performed). This is not explicitly stated in the revised draft, although similar considerations are now included. |
2016-11-13
|
04 | Kathleen Moriarty | [Ballot Position Update] Position for Kathleen Moriarty has been changed to No Objection from Discuss |
2016-11-13
|
04 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2016-11-13
|
04 | (System) | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
2016-11-13
|
04 | Carsten Bormann | New version available: draft-ietf-core-etch-04.txt |
2016-11-13
|
04 | (System) | New version approved |
2016-11-13
|
04 | (System) | Request for posting confirmation emailed to previous authors: "Peter Van der Stok" , "Carsten Bormann" , "Anuj Sehgal" , core-chairs@ietf.org |
2016-11-13
|
04 | Carsten Bormann | Uploaded new revision |
2016-10-13
|
03 | Cindy Morgan | IESG state changed to IESG Evaluation::Revised I-D Needed from IESG Evaluation |
2016-10-13
|
03 | Stephen Farrell | [Ballot Position Update] New position, No Objection, has been recorded for Stephen Farrell |
2016-10-13
|
03 | Benoît Claise | [Ballot comment] [reflections on core, as opposed to actionable items for the document] Coming back to Alissa's DISCUSS and Sheng Jiang's OPS DIR review: … [Ballot comment] [reflections on core, as opposed to actionable items for the document] Coming back to Alissa's DISCUSS and Sheng Jiang's OPS DIR review: This Standards Track document defines a new CoAP methods, FETCH, to perform the equivalent of a GET with a request body; and the twin methods PATCH and iPATCH, to modify parts of a CoAP resource. This document is well written. I don't see any major issues from the operations and management perspective. It is almost ready to be published. There are one of potential major (the word potential means I don’t really sure how serious it may be) comments from me: In section 2.5, it raises an issue that “a FETCH request cannot be generated from a link alone, but also needs a way to generate the request payload.” From the discussion text, I am not sure whether there are existing way to generate the request payload or not. And I am not sure whether the FECTCH method needs a standard such way to be able to work or not. If the answer for my first question is no, or the question for my second question is yes. Then we probably have an major issue here. I wish my suspecting is wrong. I would like to make sure I understand (with my OPS background,): - COAP (RFC7252) is about HTTP GET, POST, PUT, DELETE for constrained nodes and constrained environments - draft-ietf-core-etch specification specifies the new CoAP methods, FETCH, PATCH and iPATCH, which are used to access and update parts of a resource. - CBOR (RFC7049) is the binary encoding of JSON for COAP. And for draft-ietf-core-etch, I guess? - There are two data modeling language in CORE YANG: draft-ietf-core-yang-cbor-02 provides the mapping for YANG data models encoding: CBOR SenML: draft-ietf-core-senml-02 provides Media Types for Sensor Markup Language encodings: JSON, CBOR, XML, EXI Good so far? Coming to Alissa's DISCUSS: It seems that FETCH is not a useful operation unless the server is capable of understanding what it is supposed to fetch. So it's not true that "any" media type can be used, but rather only those media types for which a definition exists for what the fetch parameters indicate and which part of the resource they are intended to delineate. Shouldn't the use of FETCH be constrained to such media types? So what we're missing for this to work is the equivalent of RESTCONF for constrained nodes/networks - Either "CoAP Management Interface", draft-vanderstok-core-comi-09 (btw this draft expired...) - Or Constrained Objects Language, draft-veillette-core-cool-02 Note: COMI is mentioned in the draft, but not COOL Is this what is meant behind? it is outside the scope of this document how information about admissible media types is obtained by the client There is a clear parallel with RESTCONF (REST-like) and the CORE work: NETMOD/NETCONF CORE Data Modeling Language YANG YANG or SenML (*) Data Models YANG Module YANG Module or SenML (*) Encoding XML, JSON CBOR for YANG, JSON/CBOR/XML/EXI for SENML Protocol HTTP for RESTCONF COAP Mgmt Protocol RESTCONF/NETCONF COMI or COOL for YANG, for SenML?? (**) (*) not sure if SenML is a data modeling language or data models (**) not sure if a specific mgmt protocol for SenML Please let me know. Regards, Benoit |
2016-10-13
|
03 | Benoît Claise | [Ballot Position Update] New position, No Objection, has been recorded for Benoit Claise |
2016-10-13
|
03 | Mirja Kühlewind | [Ballot comment] Does this doc update RFC7252? Maybe not; just asking... |
2016-10-13
|
03 | Mirja Kühlewind | [Ballot Position Update] New position, No Objection, has been recorded for Mirja Kühlewind |
2016-10-12
|
03 | Alia Atlas | [Ballot Position Update] New position, No Objection, has been recorded for Alia Atlas |
2016-10-12
|
03 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko |
2016-10-12
|
03 | Ben Campbell | [Ballot comment] I share the concerns from Alissa's DISCUSS point and comment about section 5. |
2016-10-12
|
03 | Ben Campbell | [Ballot Position Update] New position, No Objection, has been recorded for Ben Campbell |
2016-10-12
|
03 | Alexey Melnikov | [Ballot comment] I agree with Alissa and Spencer. |
2016-10-12
|
03 | Alexey Melnikov | Ballot comment text updated for Alexey Melnikov |
2016-10-12
|
03 | Kathleen Moriarty | [Ballot discuss] I'd like to see more of the actual requirements for this draft in the security considerations as the pointers include all of the … [Ballot discuss] I'd like to see more of the actual requirements for this draft in the security considerations as the pointers include all of the configuration options for DTLS, including the "nosec" option. I would think this operation would require authentication to prevent unauthorized access by devices that are clones. This is a real problem in the non-IoT space for firmware updates and will be a problem in this space if it isn't already - knock off hardware that installs the firmware of a popular product. In In section 5 of RFC5789, I see this: These include authorizing requests (possibly through access control and/or authentication) and ensuring that data is not corrupted through transport errors or through accidental overwrites. And would like to see something similar in this section to at least list some of the requirements and reasoning. For patch and fetch, I think the reason outlined above needs to be included as well so it is top of mind for implementers and they are aware of this very real threat. It is important they understand why they need authentication and encryption to prevent attacks against their brand. If someone buys knock-off hardware that is faulty and uses their firmware, they have multiple problems to deal with, not just the loss of sales. |
2016-10-12
|
03 | Kathleen Moriarty | [Ballot Position Update] New position, Discuss, has been recorded for Kathleen Moriarty |
2016-10-12
|
03 | Spencer Dawkins | [Ballot discuss] I'm following most of your reasoning behind having the twin methods PATCH and iPATCH, but I'm struggling a bit that there's nothing that … [Ballot discuss] I'm following most of your reasoning behind having the twin methods PATCH and iPATCH, but I'm struggling a bit that there's nothing that I saw that prevents a problem when the client implements only PATCH and the server implements only iPATCH. The only text I saw that provides guidance about which method to implement is A client can mark a request as idempotent by using the iPATCH method instead of the PATCH method. This is the only difference between the two. The indication of idempotence may enable the server to keep less state about the interaction; some constrained servers may only implement the iPATCH variant for this reason. Maybe I missed something? If not, I saw There is no guarantee that a resource can be modified with PATCH or iPATCH. so, maybe that mismatch isn't going to be a problem in practice, but it seems sad that you might have a patchable resource, that can't be patched because of that mismatch. I'm not asking for "clients MUST implement iPATCH if you implement PATCH" (which would accommodate servers that only implement iPATCH), but I wonder if the working group talked about a way to avoid this mismatch? |
2016-10-12
|
03 | Spencer Dawkins | [Ballot comment] I was a bit uneasy with the "nearly" in The security considerations for PATCH or iPATCH are nearly identical to the … [Ballot comment] I was a bit uneasy with the "nearly" in The security considerations for PATCH or iPATCH are nearly identical to the security considerations for PUT ([RFC7252]). with no explanation of any differences, but I'll leave that for the SEC ADs to pick up on if it matters. |
2016-10-12
|
03 | Spencer Dawkins | [Ballot Position Update] New position, Discuss, has been recorded for Spencer Dawkins |
2016-10-11
|
03 | Suresh Krishnan | [Ballot Position Update] New position, No Objection, has been recorded for Suresh Krishnan |
2016-10-11
|
03 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
2016-10-11
|
03 | (System) | IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed |
2016-10-11
|
03 | Joel Jaeggli | [Ballot comment] Sheng Jiang performed the opsdir review notable discussion Hi, Carsten, Thanks for clarification. I took it as that the answer for my second … [Ballot comment] Sheng Jiang performed the opsdir review notable discussion Hi, Carsten, Thanks for clarification. I took it as that the answer for my second question is no. Then, I have no further concern. Good work. Regards, Sheng ________________________________________ From: Carsten Bormann [cabo@tzi.org] Sent: 09 October 2016 4:29 To: Sheng Jiang Cc: ops-dir@ietf.org; draft-ietf-core-etch.all@tools.ietf.org Subject: Re: OPS-DIR review of draft-ietf-core-etch Hi Sheng, thank you for your review. We don't believe there needs to be a single "standard" for the FETCH request payload media type. As the media type is somewhat specific to the kind of selection or search to be performed, as well as to the structure of the resource, more specific standards will define these media types. Please see application/cool-instance-id-list+cbor defined in https://tools.ietf.org/html/draft-veillette-core-cool-02 for just one example of such a specific definition. We have added a short note to 2.1.1 in the editors' draft to make the fact more prominent that FETCH media types are typically specifically defined. Please see https://core-wg.github.io/etch/ for the current editor's draft, to become -03 soon. Grüße, Carsten |
2016-10-11
|
03 | Joel Jaeggli | Ballot comment text updated for Joel Jaeggli |
2016-10-11
|
03 | Joel Jaeggli | [Ballot comment] Sheng Jiang performed the opsdir review |
2016-10-11
|
03 | Joel Jaeggli | [Ballot Position Update] New position, No Objection, has been recorded for Joel Jaeggli |
2016-10-10
|
03 | Alissa Cooper | [Ballot discuss] I agree with the comment made by the ops-dir reviewer, and I don't think the parenthetical in 2.2.1 addresses the problem. It seems … [Ballot discuss] I agree with the comment made by the ops-dir reviewer, and I don't think the parenthetical in 2.2.1 addresses the problem. It seems that FETCH is not a useful operation unless the server is capable of understanding what it is supposed to fetch. So it's not true that "any" media type can be used, but rather only those media types for which a definition exists for what the fetch parameters indicate and which part of the resource they are intended to delineate. Shouldn't the use of FETCH be constrained to such media types? |
2016-10-10
|
03 | Alissa Cooper | [Ballot comment] = Section 2 = "(However, while processing a search request, a server can be expected to allocate computing and memory resources or … [Ballot comment] = Section 2 = "(However, while processing a search request, a server can be expected to allocate computing and memory resources or even create additional server resources through which the response to the search can be retrieved.)" s/search/fetch/ would be clearer I think = Section 3 = "If the Request-URI does not point to an existing resource, the server MAY create a new resource with that URI, depending on the patch document type (whether it can logically modify a null resource) and permissions, etc." I know this is the same text as in RFC 5789, but it's vague. What else might create the basis for the server's decision besides the document type and permissions? = Section 5 = It seems that FETCH does introduce a new security consideration, in that any observer of FETCH requests can potentially glean information about the specific portions of a resource of interest to the requester. This might factor into decisions about whether to use DTLS to secure a particular request so may be worth mentioning. |
2016-10-10
|
03 | Alissa Cooper | [Ballot Position Update] New position, Discuss, has been recorded for Alissa Cooper |
2016-10-10
|
03 | Alexey Melnikov | AD review comments were responded to. |
2016-10-10
|
03 | Alexey Melnikov | IESG state changed to IESG Evaluation from Waiting for Writeup::AD Followup |
2016-10-10
|
03 | Alexey Melnikov | Ballot has been issued |
2016-10-10
|
03 | Alexey Melnikov | [Ballot Position Update] New position, Yes, has been recorded for Alexey Melnikov |
2016-10-10
|
03 | Alexey Melnikov | Created "Approve" ballot |
2016-10-10
|
03 | Alexey Melnikov | Ballot writeup was changed |
2016-10-09
|
03 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2016-10-09
|
03 | (System) | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
2016-10-09
|
03 | Carsten Bormann | New version available: draft-ietf-core-etch-03.txt |
2016-10-09
|
03 | (System) | New version approved |
2016-10-09
|
02 | (System) | Request for posting confirmation emailed to previous authors: "Peter Van der Stok" , "Carsten Bormann" , "Anuj Sehgal" , core-chairs@ietf.org |
2016-10-09
|
02 | Carsten Bormann | Uploaded new revision |
2016-09-20
|
02 | Christer Holmberg | Request for Last Call review by GENART Completed: Almost Ready. Reviewer: Christer Holmberg. |
2016-09-18
|
02 | Alexey Melnikov | Ballot writeup was changed |
2016-09-12
|
02 | Gunter Van de Velde | Request for Last Call review by OPSDIR Completed: Has Nits. Reviewer: Sheng Jiang. |
2016-09-08
|
02 | Tero Kivinen | Request for Last Call review by SECDIR Completed: Has Issues. Reviewer: Phillip Hallam-Baker. |
2016-09-08
|
02 | Alexey Melnikov | Placed on agenda for telechat - 2016-10-13 |
2016-09-08
|
02 | Alexey Melnikov | A revision to address my agreed points in my AD review is needed. Also a reply to SecDir review. |
2016-09-08
|
02 | Alexey Melnikov | IESG state changed to Waiting for Writeup::Revised I-D Needed from Waiting for Writeup |
2016-09-07
|
02 | Sabrina Tanamal | IANA Review state changed to IANA OK - Actions Needed from IANA - Not OK |
2016-09-07
|
02 | (System) | IESG state changed to Waiting for Writeup from In Last Call |
2016-09-06
|
02 | (System) | IANA Review state changed to IANA - Not OK from IANA - Review Needed |
2016-09-06
|
02 | Sabrina Tanamal | (Via drafts-lastcall-comment@iana.org): IESG/Authors/WG Chairs: IANA has completed its review of draft-ietf-core-etch-02.txt. If any part of this review is inaccurate, please let us know. IANA … (Via drafts-lastcall-comment@iana.org): IESG/Authors/WG Chairs: IANA has completed its review of draft-ietf-core-etch-02.txt. If any part of this review is inaccurate, please let us know. IANA understands that, upon approval of this document, there are three actions which IANA must complete. First, in the CoAP Method Codes subregistry of the Constrained RESTful Environments (CoRE) Parameters registry located at: http://www.iana.org/assignments/core-parameters/ three new method codes are to be added to the registry as follows: Code: 0.05 Name: FETCH Reference: [ RFC-to-be ] Code: 0.06 Name: PATCH Reference: [ RFC-to-be ] Code: 0.07 Name: iPATCH Reference: [ RFC-to-be ] Second, in the CoAP Response Codes subregistry also in the Constrained RESTful Environments (CoRE) Parameters registry located at: http://www.iana.org/assignments/core-parameters/ two new response codes are to be registered as follows: Code: 4.09 Name: Conflict Reference: [ RFC-to-be ] Code: 4.22 Name: Unprocessable Entity Reference: [ RFC-to-be ] Third, in the CoAP Content-Formats subregistry also in the Constrained RESTful Environments (CoRE) Parameters registry located at: http://www.iana.org/assignments/core-parameters/ two new content formats are to be registered as follows: Media Type: application/json-patch+json Encoding: ID: 51 Reference: [ RFC-to-be ] Media Type: application/merge-patch+json Encoding: ID: 52 Reference: [ RFC-to-be ] As this document requests registrations in an Expert Review or Specification Required (see RFC 5226) registry, we will initiate the required Expert Review via a separate request. Expert review will need to be completed before your document can be approved for publication as an RFC. IANA understands that the three actions above are the only ones required to be completed upon approval of this document. Note: The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is only to confirm what actions will be performed. Thank you, Sabrina Tanamal IANA Specialist ICANN |
2016-09-01
|
02 | Alexey Melnikov | Double check: https://www.ietf.org/mail-archive/web/core/current/msg07801.html |
2016-08-25
|
02 | Jean Mahoney | Request for Last Call review by GENART is assigned to Christer Holmberg |
2016-08-25
|
02 | Jean Mahoney | Request for Last Call review by GENART is assigned to Christer Holmberg |
2016-08-25
|
02 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Phillip Hallam-Baker |
2016-08-25
|
02 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Phillip Hallam-Baker |
2016-08-24
|
02 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Sheng Jiang |
2016-08-24
|
02 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Sheng Jiang |
2016-08-24
|
02 | Amy Vezza | IANA Review state changed to IANA - Review Needed |
2016-08-24
|
02 | Amy Vezza | The following Last Call announcement was sent out: From: The IESG To: "IETF-Announce" CC: jaime.jimenez@ericsson.com, core-chairs@ietf.org, draft-ietf-core-etch@ietf.org, core@ietf.org, alexey.melnikov@isode.com, "Jaime … The following Last Call announcement was sent out: From: The IESG To: "IETF-Announce" CC: jaime.jimenez@ericsson.com, core-chairs@ietf.org, draft-ietf-core-etch@ietf.org, core@ietf.org, alexey.melnikov@isode.com, "Jaime Jimenez" Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Patch and Fetch Methods for Constrained Application Protocol (CoAP)) to Proposed Standard The IESG has received a request from the Constrained RESTful Environments WG (core) to consider the following document: - 'Patch and Fetch Methods for Constrained Application Protocol (CoAP)' as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2016-09-07. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract The existing Constrained Application Protocol (CoAP) methods only allow access to a complete resource, not to parts of a resource. In case of resources with larger or complex data, or in situations where a resource continuity is required, replacing or requesting the whole resource is undesirable. Several applications using CoAP will need to perform partial resource accesses. Similar to HTTP, the existing Constrained Application Protocol (CoAP) GET method only allows the specification of a URI and request parameters in CoAP options, not the transfer of a request payload detailing the request. This leads to some applications to using POST where actually a cacheable, idempotent, safe request is desired. Again similar to HTTP, the existing Constrained Application Protocol (CoAP) PUT method only allows to replace a complete resource. This also leads applications to use POST where actually a cacheable, possibly idempotent request is desired. This specification adds new CoAP methods, FETCH, to perform the equivalent of a GET with a request body; and the twin methods PATCH and iPATCH, to modify parts of a CoAP resource. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-core-etch/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-core-etch/ballot/ No IPR declarations have been submitted directly on this I-D. The document has a reference to obsolete RFC 2616, this is intentional. |
2016-08-24
|
02 | Amy Vezza | IESG state changed to In Last Call from Last Call Requested |
2016-08-24
|
02 | Alexey Melnikov | Last call announcement was changed |
2016-08-24
|
02 | Alexey Melnikov | Last call was requested |
2016-08-24
|
02 | Alexey Melnikov | Last call announcement was generated |
2016-08-24
|
02 | Alexey Melnikov | Ballot approval text was generated |
2016-08-24
|
02 | Alexey Melnikov | Ballot writeup was generated |
2016-08-24
|
02 | Alexey Melnikov | IESG state changed to Last Call Requested from AD Evaluation |
2016-08-24
|
02 | Alexey Melnikov | My AD review: I think response code 4.15 should be mentioned in Section 2 and not just in the IANA Considerations section. I am generally … My AD review: I think response code 4.15 should be mentioned in Section 2 and not just in the IANA Considerations section. I am generally missing Error handling section for the FETCH method, similarly to what you have for PATCH/iPATCH. draft-hartke-core-apps-03 is mentioned several times in the document. It is currently expired. What is the plan with getting it finished? Nit: It looks like RFC 6902 and RFC 7396 should be Normative (IANA Registrations). Obsolete reference: RFC 2616. You also need to update section references you use when referencing RFC 2616 to point to the correct section and RFC from the latest HTTP/1.1 set of RFCs. |
2016-08-24
|
02 | Alexey Melnikov | IESG state changed to AD Evaluation from Publication Requested |
2016-08-24
|
02 | Jaime Jimenez | ## Shepherd Writeup Full HTML version can be found at: http://jaimejim.github.io/temp/draft-ietf-core-etch#shepherd-writeup ###Summary Document Shepherd: [Jaime Jiménez](jaime.jimenez@ericsson.com) Area Director: [Alexey Melnikov](aamelnikov@fastmail.fm) The … ## Shepherd Writeup Full HTML version can be found at: http://jaimejim.github.io/temp/draft-ietf-core-etch#shepherd-writeup ###Summary Document Shepherd: [Jaime Jiménez](jaime.jimenez@ericsson.com) Area Director: [Alexey Melnikov](aamelnikov@fastmail.fm) The existing Constrained Application Protocol (CoAP) methods only allow access to a complete resource. This does not permit applications to access parts of a resource. In case of resources with larger or complex data, or in situations where a resource continuity is required, replacing or requesting the whole resource is undesirable. Several applications using CoAP will need to perform partial resource accesses. Similar to HTTP, the existing Constrained Application Protocol (CoAP) GET method only allows the specification of a URI and request parameters in CoAP options, not the transfer of a request payload detailing the request. This leads to some applications to using POST where actually a cacheable, idempotent, safe request is desired. Again similar to HTTP, the existing Constrained Application Protocol (CoAP) PUT method only allows to replace a complete resource. This also leads applications to use POST where actually a cacheable, possibly idempotent request is desired. This specification adds new CoAP methods, FETCH, to perform the equivalent of a GET with a request body; and the twin methods PATCH and iPATCH, to modify parts of an existing CoAP resource. The document is intended as an Standards Track RFC. ###Review and Consensus The document has gone through multiple expert reviews and has been discussed on multiple IETF meetings. Before the last IETF the WGLC was completed. There are no known implementations available. ###Intellectual Property Each author has stated that they do not have direct, personal knowledge of any IPR related to this document. I am not aware of any IPR discussion about this document on the CoRE WG. ###Other Points > There is a downref to RFC 2616: This is in there because the security considerations of RFC 7252 reference (the now obsoleted) RFC 2616. The authors are not aware of someone having done the work to collect the relevant security considerations from the splinters of RFC 2616 (RFC 7230 and following). ###Checklist * [x] Does the shepherd stand behind the document and think the document is ready for publication? * [x] Is the correct RFC type indicated in the title page header? * [x] Is the abstract both brief and sufficient, and does it stand alone as a brief summary? * [x] Is the intent of the document accurately and adequately explained in the introduction? * [x] Have all required formal reviews (MIB Doctor, Media Type, URI, etc.) been requested and/or completed? * [x] Has the shepherd performed automated checks -- idnits (see http://www.ietf.org/tools/idnits/ and the Internet-Drafts Checklist), checks of BNF rules, XML code and schemas, MIB definitions, and so on -- and determined that the document passes the tests? ` There is no ABNF in this draft` * [x] Has each author stated that their direct, personal knowledge of any IPR related to this document has already been disclosed, in conformance with BCPs 78 and 79? * [x] Have all references within this document been identified as either normative or informative, and does the shepherd agree with how they have been classified? `There is a normative reference to [I-D.ietf-core-block] but that shouldn't be a problem as it is in late stages` * [x] Are all normative references made to documents that are ready for advancement and are otherwise in a clear state? * [x] If publication of this document changes the status of any existing RFCs, are those RFCs listed on the title page header, and are the changes listed in the abstract and discussed (explained, not just mentioned) in the introduction? `Does not apply` * [x] If this is a "bis" document, have all of the errata been considered? `Does not apply` * **IANA** Considerations: * [x] Are the IANA Considerations clear and complete? Remember that IANA have to understand unambiguously what's being requested, so they can perform the required actions. `I wonder if adding a link to the CoRE Parameters registry could help, but it looks OK to me. ` `http://www.iana.org/assignments/core-parameters/core-parameters.xhtml#method-codes` * [x] Are all protocol extensions that the document makes associated with the appropriate reservations in IANA registries? * [x] Are all IANA registries referred to by their exact names (check them in http://www.iana.org/protocols/ to be sure)? `The two new entries to the content format registry (51 and 52) require expert review and a request has been SENT to that list.` * [x] Have you checked that any registrations made by this document correctly follow the policies and procedures for the appropriate registries? * [x] For registrations that require expert review (policies of Expert Review or Specification Required), have you or the working group had any early review done, to make sure the requests are ready for last call? * [x] For any new registries that this document creates, has the working group actively chosen the allocation procedures and policies and discussed the alternatives? `no new registries` * [x] Have reasonable registry names been chosen (that will not be confused with those of other registries), and have the initial contents and valid value ranges been clearly specified? |
2016-08-24
|
02 | Jaime Jimenez | Responsible AD changed to Alexey Melnikov |
2016-08-24
|
02 | Jaime Jimenez | IETF WG state changed to Submitted to IESG for Publication from In WG Last Call |
2016-08-24
|
02 | Jaime Jimenez | IESG state changed to Publication Requested |
2016-08-24
|
02 | Jaime Jimenez | IESG process started in state Publication Requested |
2016-08-24
|
02 | Jaime Jimenez | Changed consensus to Yes from Unknown |
2016-08-24
|
02 | Jaime Jimenez | Intended Status changed to Proposed Standard from None |
2016-08-24
|
02 | Jaime Jimenez | Changed document writeup |
2016-08-23
|
02 | Jaime Jimenez | Changed document writeup |
2016-08-23
|
02 | Jaime Jimenez | Changed document writeup |
2016-08-10
|
02 | Carsten Bormann | New version available: draft-ietf-core-etch-02.txt |
2016-07-11
|
01 | Jaime Jimenez | IETF WG state changed to In WG Last Call from WG Document |
2016-06-23
|
01 | Carsten Bormann | New version available: draft-ietf-core-etch-01.txt |
2016-06-11
|
00 | Alexey Melnikov | Notification list changed to "Jaime Jimenez" <jaime.jimenez@ericsson.com> |
2016-06-11
|
00 | Alexey Melnikov | Document shepherd changed to Jaime Jimenez |
2016-05-08
|
00 | Jaime Jimenez | This document now replaces draft-vanderstok-core-etch instead of None |
2016-05-08
|
00 | Carsten Bormann | New version available: draft-ietf-core-etch-00.txt |