Re: [Ace] ace-coap-est-08: using /skg with Accept Option set to TBD287

Klaus Hartke <> Tue, 12 February 2019 21:36 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 913A4130DD3 for <>; Tue, 12 Feb 2019 13:36:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id dXLUmmUQbEvk for <>; Tue, 12 Feb 2019 13:36:05 -0800 (PST)
Received: from ( [IPv6:2a01:488:42:1000:50ed:8597::]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id BEAE1130DC2 for <>; Tue, 12 Feb 2019 13:36:05 -0800 (PST)
Received: from ([]); authenticated by running ExIM with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) id 1gtfik-00042x-MV; Tue, 12 Feb 2019 22:36:02 +0100
Received: by with SMTP id n32so202454qte.11 for <>; Tue, 12 Feb 2019 13:36:02 -0800 (PST)
X-Gm-Message-State: AHQUAuaznXiKtYFFI+Sx2wugFlk0bDqyx81nVfF7BTGz2SjUX6UonsM1 /jqvNu9i+rJ5pn2jwM+MO5qtttBcjG3ahT7ZEik=
X-Google-Smtp-Source: AHgI3IaVjNEe4VxotGFnlSLB9eMYZxgH8uMCJjdGawEb86eqn9Vgd9Pw0N0Pj0e42TcGPsUz+teJLhnrUyjrxqlwuyM=
X-Received: by 2002:ac8:445a:: with SMTP id m26mr4537777qtn.212.1550007361653; Tue, 12 Feb 2019 13:36:01 -0800 (PST)
MIME-Version: 1.0
References: <DB6P190MB0054313C1BA6E125FA07813BFD650@DB6P190MB0054.EURP190.PROD.OUTLOOK.COM> <> <>
In-Reply-To: <>
From: Klaus Hartke <>
Date: Tue, 12 Feb 2019 22:35:34 +0100
X-Gmail-Original-Message-ID: <>
Message-ID: <>
To: "Panos Kampanakis (pkampana)" <>
Cc: Esko Dijk <>, "" <>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-bounce-key:;; 1550007365; d829c634;
X-HE-SMSGID: 1gtfik-00042x-MV
Archived-At: <>
Subject: Re: [Ace] ace-coap-est-08: using /skg with Accept Option set to TBD287
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 12 Feb 2019 21:36:09 -0000

Panos Kampanakis wrote:
> Well, RFC7252 refers to a singular content format. In our case we are talking about a dual content format (286 or 281 and 280 or 284) returned in a 62 multipart-content. Would it be a violation of RFC7252, since RFC7252's text had single content format responses in mind only?

>From the point of view of CoAP, there is just a representation with
content-format 62. A client can indicate that it accepts a
representation with content-format 62; the server then is required to
return either a representation with content-format 62 or an error.
CoAP is not aware that the representation happens to contain embedded
representations and therefore the content negotiation mechanism cannot
be used directly to negotiate the formats of those.

>>  Maybe the draft-ietf-core-multipart-ct should extend the semantics of "Accept" to cover this case?

A content format is not a protocol extension and cannot override the
protocol definition.

> I think that is good idea. The simplest way to do that would be encode the 3 content formats (for example 62, 286 and 280) into a single CF included in the Accept option which tells the server what combination of content formats to send back. Would that violate RFC7252 because the Content-Formats needs to be actual CFs defined in the IANA registry and not a combination of them?

The value of the Accept option in the request needs to be registered
in the IANA registry and the value of the Content-Format option in the
response must be the same as Accept value.

Of course, one possible solution is to drop the use of content format
ID 62 entirely and just register one ID for each possible combination.
(But then the client can still only include at most one Accept option
in its request.)

> From a previous thread with Jim S., I was under the impression that In the virtual CoAP WG meeting a month back we went through in some explicit detail that both Content-Format and Max-Age have no meaning when appearing on a request and therefore should not be there.

Max-Age doesn't have a meaning in requests and therefore must not be
there. I'm not sure where that about the Content-Format option comes
from. If a POST request has a payload, then the format of that payload
is described by a Content-Format option. (A GET request doesn't have a
payload and therefore must not include a Content-Format option.)