Re: [core] Interest in defining CoAP over Unix Domain sockets?

Carsten Bormann <> Wed, 14 December 2022 12:24 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 7606EC152594 for <>; Wed, 14 Dec 2022 04:24:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.896
X-Spam-Status: No, score=-6.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 9_GFjG_FXGuR for <>; Wed, 14 Dec 2022 04:24:49 -0800 (PST)
Received: from ( []) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by (Postfix) with ESMTPS id 988F5C14F74F for <>; Wed, 14 Dec 2022 04:24:46 -0800 (PST)
Received: from [] ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id 4NXF1625FlzDCcy; Wed, 14 Dec 2022 13:24:42 +0100 (CET)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.\))
From: Carsten Bormann <>
In-Reply-To: <004601d90ee3$dd59df80$980d9e80$>
Date: Wed, 14 Dec 2022 13:24:41 +0100
X-Mao-Original-Outgoing-Id: 692713481.7831399-f507ae52e5fd75741471d6f0f870df4a
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <004601d90ee3$dd59df80$980d9e80$>
To: Jon Shallow <>
X-Mailer: Apple Mail (2.3608.
Archived-At: <>
Subject: Re: [core] Interest in defining CoAP over Unix Domain sockets?
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 14 Dec 2022 12:24:53 -0000

Hi Jon,

> There has been a request for supporting CoAP over Unix Domain sockets – primarily for a reverse proxy which is secured to the outside world but wants to distribute the CoAP traffic internally within the appliance to various server applications.  See .

I agree that this would be useful practical addition.
While interoperability would be limited to a single system, different software does need to interact on a system, so having a common specification for doing this is useful.
> With libcoap, I have found that only minimal changes are required to the library to support Unix Domain sockets (mainly additions of some ‘case AF_UNIX:’ when handling the sockets) which then supports CoAP over datagram, CoAP over stream, CoAP over DTLS over datagram and CoAP over TLS over stream.

With the approach proposed, we would add another four URI-schemes to coap:, coaps:, coap+tcp:, coaps+tcp.  I’m not thrilled, but this probably can be done.

> Defining what a Unix Domain CoAP URI looks like for a client to parse is the more contentious area.  There is a fairly full discussion about this for http in with no major conclusions reached.  It all hinges on how best to embed the Unix Domain path into the URI.

The important consideration is that this needs to be compatible with the URI standard RFC 3986 (STD 66 [1]), so various libraries that might process the URI before it gets to the CoAP implementation are not confused.  (This will also enable compatibility with draft-ietf-core-href [2].)
> For me, something like “coap+unix//[/unix/domain/path]/some/path” makes some sort of sense, but that does not work for all.

For one useful analogy, Jupyter seems to allow http+unix://%2Ftmp%2Ftest.sock/ [3].

I think Jupyter’s syntax is compatible with STD 66, while brackets are not (these are used for IPv6 or IPvFuture, and we probably don’t want to declare UNIX domain sockets as IPv4711).
> Worth pursuing further?

I think so.

I’m thinking about a way to shoe this into the existing URI-schemes, e.g., by saying that an initial / (percent-encoded %2F) in a reg-name triggers a switch to UNIX domain.
This would save adding four more URI schemes, but does smell a bit hacky.

Grüße, Carsten