[core] Groupcomm-bis: proposed "groups" model updated based on IESG review
Esko Dijk <esko.dijk@iotconsultancy.nl> Tue, 09 December 2025 13:36 UTC
Return-Path: <esko.dijk@iotconsultancy.nl>
X-Original-To: core@mail2.ietf.org
Delivered-To: core@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 7326197F89F5 for <core@mail2.ietf.org>; Tue, 9 Dec 2025 05:36:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.799
X-Spam-Level:
X-Spam-Status: No, score=-2.799 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=iotconsultancy.nl
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1_a3l6TBUKH5 for <core@mail2.ietf.org>; Tue, 9 Dec 2025 05:36:37 -0800 (PST)
Received: from dane.soverin.net (dane.soverin.net [IPv6:2a10:de80:1:4092:b9e9:2296:0:1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 0EB5B97F89EE for <core@ietf.org>; Tue, 9 Dec 2025 05:36:36 -0800 (PST)
Received: from smtp.soverin.net (unknown [10.10.4.99]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by dane.soverin.net (Postfix) with ESMTPS id 4dQfyP1dF6zPF for <core@ietf.org>; Tue, 09 Dec 2025 13:36:29 +0000 (UTC)
Received: from smtp.soverin.net (smtp.soverin.net [10.10.4.99]) by soverin.net (Postfix) with ESMTPSA id 4dQfyN64ccz38 for <core@ietf.org>; Tue, 9 Dec 2025 13:36:28 +0000 (UTC)
Authentication-Results: smtp.soverin.net; dkim=pass (2048-bit key; unprotected) header.d=iotconsultancy.nl header.i=@iotconsultancy.nl header.a=rsa-sha256 header.s=soverin1 header.b=gyAO7KPe; dkim-atps=neutral
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iotconsultancy.nl; s=soverin1; t=1765287389; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type; bh=HUTGkUWA4hdoclf4+uQdAMWmSZ8o9WMCdA9EzlXaejk=; b=gyAO7KPemoKTDE02Mm3R5vsYZfmjyHkeqodWX0HXfd03st1jUmo4WiOVVWbuLtKaAsMtr+ s+KDYTkdq5R9JSQZebUVdgA3PWdCyWEBfg2YZ+jSwFgOK9mcXsD+qMy1kGu2jciA4LXfFK hmalo1jap8iNGkIMIcKIKQDX92waRyr+MHKjFsB2AfBdobeGlCUVUjJ1fKHlONy5AQAHb2 Uxo5mq9+6dGnqFY+x0wHXfI4nE8laM7IOPKF9hG4gPZN5qHYMQrBh2OHsee67X2VKzL5OA nIvomJ/grzJvyBvR2I0F9F7VdA04rB9ex/bTCwmnfGxTcD21UukYVxwW4pBS+g==
X-CM-Envelope: MS4xfH7IGvjENo659f2aHgWECPVQ2WkFvPKwM1OqZV5fJyouCMjvjh2yFYh1QlhgcjoORFP7fcNV1/vJef2ljZdlpYpc+t4oXFANGAIYUfOmDixfN29ZFP+5 CXWzEOQnzJTFp6CSdq6oTjjmo/n9Q0EsKo9kAtA4JuHw2z8pWDAm1pQt+RKBfGFDl1hMRrFwwn7gSw==
X-Soverin-Id: 019b0353-e748-733f-9a36-e9b4cdbb6103
Content-Type: multipart/alternative; boundary="------------Lvt0fow8myvXN3ZzuvYx1WKT"
Message-ID: <bf18264a-5813-4e6d-b4d4-cc3f73fadcd3@iotconsultancy.nl>
Date: Tue, 09 Dec 2025 14:36:27 +0100
MIME-Version: 1.0
Content-Language: en-US
From: Esko Dijk <esko.dijk@iotconsultancy.nl>
Organization: IoTconsultancy.nl
To: core <core@ietf.org>
X-Spampanel-Class: ham
Message-ID-Hash: VBM7XU2V5GQTKZJRPPMVZ6BZN2TBREJZ
X-Message-ID-Hash: VBM7XU2V5GQTKZJRPPMVZ6BZN2TBREJZ
X-MailFrom: esko.dijk@iotconsultancy.nl
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-core.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [core] Groupcomm-bis: proposed "groups" model updated based on IESG review
List-Id: "Constrained RESTful Environments (CoRE) Working Group list" <core.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/BIBTYia7EfYowmWXd9kjzunTjsw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Owner: <mailto:core-owner@ietf.org>
List-Post: <mailto:core@ietf.org>
List-Subscribe: <mailto:core-join@ietf.org>
List-Unsubscribe: <mailto:core-leave@ietf.org>
Hi all, Me and Marco (authors of draft-ietf-core-groupcomm-bis) are processing the IESG reviews. One particular comment by Med triggered us to review the current "groups" model again (summarized in Figure 1). We believe that this model would benefit from an update, as specified below. This mail is to inform the CoRE WG about this coming update so that people have an opportunity to react/agree/disagree. The intended change will be on the group relation multiplicity: we currently say that an application group is always associated to exactly 1 CoAP group; and it's implied by the text that this CoAP group has 1 multicast IP address. (Not multiple.) And we say a CoAP group can be identified by a hostname plus port, where the hostname would resolve to the 1 multicast IP address. Now the comment was about dual-stack usage: what if the hostname resolves to an IPv6 address and an IPv4 address - then we would need 2 CoAP groups; but our text suggests it would be treated as 1 CoAP group only. (See for the original comments: https://mailarchive.ietf.org/arch/msg/core/6bjFRbSwzAvfdQqupIn9hCxB_OA/ ) More generally, indeed a single hostname can resolve to multiple addresses (IPv6 and/or IPv4), for example when DNS is used to resolve names to addresses. So we would need a text update to include this possibility. Even when hostname resolution is not considered, there are still use cases for addressing a single application group through multiple IP addresses. A good example here is RFC 7252 / 6690 CoAP discovery. There's a single application group targeted, as defined by the URI path: /.well-known/core. The CoAP group may differ based on the selected discovery scope: for example ff02::fd to discover link-local, ff03::fd to discover mesh-local e.g. on a 6LoWPAN network, or ff05::fd for site-local discovery. So there are multiple potential CoAP groups associated to the same application group here. The same mechanism one might want to use for other use cases, such as IoT device control. Example: query a sensor status in application group "ag1". The request could be sent to different CoAP groups based on desired scope. - send to "all.west.bldg6.example" - all nodes in the west wing of building 6. - send to "all.bu036.floor1.west.bldg6.example" - all nodes in office bu036 in that same west wing. - send to "ff03::fd" - all CoAP nodes in the same mesh network as the sender. Nodes that aren't part of the application group ag1 would ignore the request. Any ag1 members would respond. All the above can be incorporated into our model if we make the following changes: 1) An application group can use one or more CoAP groups, instead of only one. 2) A CoAP group corresponds to exactly one pair (multicast IP address, port number). 3) A group URI can identify multiple CoAP groups at once. That's the case when the authority component is a registered name, which resolves to multiple IP addresses (irrespective of them being IPv4 and/or IPv6). 4) A CoAP client sending a group request can choose the target CoAP group based on implementation-specific rules in case it is configured with multiple CoAP groups, or in case it uses name resolution which yields multiple CoAP groups. It may be just "pick the first one". It may be "prefer IPv6". Or it may be something else. We don't plan to go into details here. One thing to keep in mind is that in certain corner cases the number of associated CoAP groups could differ per node/server. For example, a server for which the IPv4 stack was just disabled would not be associated anymore to an IPv4 CoAP group, while another server in the same (application) group would still be. Similar cases arise when e.g. an operator accidentally configures 3 multicast IPv6 addresses (AAAA records) on the same hostname, while some constrained server nodes in the group only have a capability to listen on at most 2 multicast IPv6 addresses for a given application group. Such cases seem all related to technical limitations, failures, or misconfigurations - but nevertheless they can occur. From a high level viewpoint, the application group is still associated to multiple CoAP groups, when taking the union of such information across all group members. A PR with text for this change will follow later. Meanwhile any inputs are welcome! best regards Esko & Marco -- *IoTconsultancy.nl* | Email/Teams: esko.dijk@iotconsultancy.nl | +31 6 2385 8339