[core] CoAP Option for Authentication Token
Patrick Barrett <patrickbarrett@exosite.com> Thu, 10 July 2014 22:04 UTC
Return-Path: <patrickbarrett@exosite.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7AF521B27CA for <core@ietfa.amsl.com>; Thu, 10 Jul 2014 15:04:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.979
X-Spam-Level:
X-Spam-Status: No, score=-1.979 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ew920S6zAGhE for <core@ietfa.amsl.com>; Thu, 10 Jul 2014 15:04:04 -0700 (PDT)
Received: from mail-wi0-f177.google.com (mail-wi0-f177.google.com [209.85.212.177]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 93C0E1A000E for <core@ietf.org>; Thu, 10 Jul 2014 15:04:04 -0700 (PDT)
Received: by mail-wi0-f177.google.com with SMTP id ho1so420859wib.16 for <core@ietf.org>; Thu, 10 Jul 2014 15:04:03 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to :content-type; bh=RIyAD/QKbjesFcH0H5ynpEEGv0mx+Gx1zjqLtuVpl9E=; b=T3PHKqhCq7i/vrXNFAyEjW/5o53k0pSBnOlL82qJvX7NNA7fGfZ4s6dnMEIyKzhwut KwU1ryQbCOxIjoNFdRdBKzn1uivZvgvtyyvNpflHuy36g8g2W4DIp+GiWvQywhnHXbxS Zf9vMCM/vAE/aAHZ4fP/SlOT05xhduCBfZGEG2puQG/6mmqan6SGh/YOlBjsL93/ABE4 NvCj/PIqg4GKrQ+hldwk5G+NWBn84BP9iaY1iQbIKI37wDLzeKcuciAwtJ0+RVpxK/Yk ReGwWOlVnCxM6d1oUoJeDQoMJIJwb4bx9kl2i7niFGA/DtIPTb/TaOIuO2JhU495drGZ xfog==
X-Gm-Message-State: ALoCoQmMGpl1WzEQtM7AqgBNBiIQXTI1OfNQ4sNa7Z6zl3ejhs/jAzHZY+ggLZQKdhqDzZYrocIW
X-Received: by 10.180.78.74 with SMTP id z10mr18546396wiw.14.1405029843158; Thu, 10 Jul 2014 15:04:03 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.194.58.134 with HTTP; Thu, 10 Jul 2014 15:03:43 -0700 (PDT)
From: Patrick Barrett <patrickbarrett@exosite.com>
Date: Thu, 10 Jul 2014 17:03:43 -0500
Message-ID: <CAPg5dWc3S-X3Gu4_KqSjRx4JpMPdQp0uqc6n31vVbPUtMEjXAw@mail.gmail.com>
To: core@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/core/Wnr3G_2sTpErDP4XoQ0o0HPmk5c
Subject: [core] CoAP Option for Authentication Token
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Jul 2014 22:04:06 -0000
Our company is currently in the process of porting our HTTP API over to CoAP. With our current API we use an HTTP header (X-Exosite-CIK) for sending an auth token and in our current CoAP implementation we're just sending this as a query parameter. Since we'd like the option of sending it in a raw binary value from to save bytes, it's my understanding that this actually violates the protocol since it isn't guaranteed to be valid UTF-8. The only two options in the main RFC that allow opaque byte strings (If-Match and ETag) don't seem appropriate and don't allow long enough values. I looked through the other drafts and didn't see any that added options that seemed more appropriate. I also looked at the IANA registry, but that seems to only have the options from the RFC. Is there an existing option that would be appropriate for this use? If not what is the process for proposing one? I'm not fimilar with what the terms "IETF Review or IESG Approval", "Specification Required", or "Expert Review" mean. I'm willing to help in any way I can. Thanks -- Patrick Barrett // E X O S I T E // Minneapolis, MN // www.exosite.com
- [core] CoAP Option for Authentication Token Patrick Barrett
- Re: [core] CoAP Option for Authentication Token Carsten Bormann
- Re: [core] CoAP Option for Authentication Token Patrick Barrett
- Re: [core] CoAP Option for Authentication Token Ludwig Seitz