Re: [core] Roman Danyliw's Discuss on draft-ietf-core-senml-etch-05: (with DISCUSS and COMMENT)

Ari Keränen <> Sun, 03 November 2019 23:04 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 6D598120074; Sun, 3 Nov 2019 15:04:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id O_9xoDkD61x0; Sun, 3 Nov 2019 15:04:16 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 5CB4912004D; Sun, 3 Nov 2019 15:04:12 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901;; cv=none; b=ACZxOUJuxQWUs8WnSbNo/tde28vWLVvkT2wSbzi3fBrlw64p/hDpw1LZwjeh3Gk7TRPVjoWx8tijlCWJOZzElFyb7pxHL9oTuroZoDNZXTbrPbvXDeQX5xghN/CorzrndnfX/Sfgsi+aa9I6CY7SHR4oXKeK0Hzie1snl14QqQFUBDDQRlbtUUFCFTpBkwD+3I9GCNNXQDWZK9m6SBy6SEhQFSOE/AmL+FDgTvlC+6j5x4dX4rlEmU6D9bWU5B4F5C/ksGeRCAhSm5694GvQ1jbrnJR0WUE1k9r1M3lcsjikQB/SjJvCnnUEirdfS22G4pJfjLkSfTbNq4JYcp4t/g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vdQXJmsQPd40ipU6+eXieMStmiT5MdtfN+JnBholtMw=; b=L7eV8mqFTVZhBZKNnrZZFPKFDzQDK7CeJ6d29z+R+Uil7dazToE6/0DHw1/fPf4a5pe3xL7ICCuTiF6FEL349D4/MPXWDtt+XoY0VSN4j4FfN2gDL01ttpQ6P316MGLaP7aiaaXo/FGR2Yzyz2WPmX+1nvZ5HlLTCfWdVCzpCk3wfEyE9JtGHyENpSalq38YBJaANe/evpVXFyVgeb38zTSEAPEFoPx8/Kj1fAp1+/wof+3LEBx9ur9Oha42RqhFUGcYg8ErhecNF2GTwoUYj9jo+f3RuVKqDRDp3hqCWM+R+76ahq3FeZ+8nN+L8+O9EQdS75kfhvBxfZVJikj5OA==
ARC-Authentication-Results: i=1; 1; spf=pass; dmarc=pass action=none; dkim=pass; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vdQXJmsQPd40ipU6+eXieMStmiT5MdtfN+JnBholtMw=; b=b3nVCT+pezz9u0MPKDbafeFH6aXAgOcMLMOYE6IIaRj+1DxBhUKSa+GlX20XU2fOgIijtQQVyWvlJBXeMOG2+qmYdKk5H+DtxwgFitgi6c9dnodH0sazYTMFsXNpAUy4vY2j93rV+mxz5LJ/Ipshv+EkBWFV6zwpEwCLxzvqm8A=
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2408.15; Sun, 3 Nov 2019 23:04:10 +0000
Received: from ([fe80::3840:ef4a:a3da:a6a6]) by ([fe80::3840:ef4a:a3da:a6a6%6]) with mapi id 15.20.2408.014; Sun, 3 Nov 2019 23:04:09 +0000
From: =?utf-8?B?QXJpIEtlcsOkbmVu?= <>
To: Roman Danyliw <>, The IESG <>
CC: "" <>, Carsten Bormann <>, "" <>, "" <>
Thread-Topic: Roman Danyliw's Discuss on draft-ietf-core-senml-etch-05: (with DISCUSS and COMMENT)
Thread-Index: AQHVY1D7tA+HnVveGEq7E6ao1Arl6qd6Td4A
Date: Sun, 3 Nov 2019 23:04:09 +0000
Message-ID: <>
References: <>
Accept-Language: en-US
Content-Language: en-GB
user-agent: Microsoft-MacOutlook/10.1d.0.190908
authentication-results: spf=none (sender IP is );
x-originating-ip: [2001:14bb:150:480b:d936:dbe1:5e5a:5c09]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 5652d6de-1333-4fe1-6729-08d760b222c3
x-ms-traffictypediagnostic: HE1PR07MB3353:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <>
x-ms-oob-tlc-oobclassifiers: OLM:7219;
x-forefront-prvs: 0210479ED8
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(346002)(376002)(396003)(136003)(366004)(189003)(199004)(43544003)(85182001)(486006)(446003)(85202003)(64756008)(2906002)(66476007)(66556008)(4326008)(14444005)(81156014)(66446008)(33656002)(5660300002)(229853002)(6246003)(7736002)(81166006)(71190400001)(6486002)(305945005)(66946007)(6306002)(76116006)(6436002)(71200400001)(36756003)(476003)(102836004)(99286004)(86362001)(478600001)(76176011)(186003)(2616005)(256004)(8676002)(8936002)(6512007)(6506007)(110136005)(6116002)(58126008)(14454004)(54906003)(25786009)(46003)(966005)(316002); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR07MB3353;; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None ( does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: o0N1GMzBcy3k9qSTqD6FFuSQH5KqWEfgYs83iEdKD13T8imipVKbRirPeO9OXaavsJIf9iLHM7LK4mewdRIXyUSuTvJo1+TUTMdQP5rfNFs/ZIVw1qzsYTH6zu/Rk5Q/xmye4NRQ/N28pN88oPBJAwjafmcrrVkQ69ShhN6KbX3re2E8f0ZumGZvAIxMtO1OZKXA4W+2fSjvhqv+JGuaPS2+DX67bwAlx8m9sDMTbu/dluwQjv0mcualV8QPHKWPuwcJlk1UOput+q2HstgolHgnJjDCDG/9WQ/rm8Hi3BEWokEWhsZ6C/GPAVowEdPVTZmghXt51cwdO3MHmbgvcdq8YHj/Po0ioqktmdHAHbrwSQRZoFCFdcRGkcyDpZJ1ftnYX9ctzzYAr53CcoNiBgI4VZD4CNBtVjZMePxgH1FJKinjbbGex9W1Io16KwmfjHcgt2I98V746II3CiNSs/GgtcOShSrvIpucv3ouXy4=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 5652d6de-1333-4fe1-6729-08d760b222c3
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Nov 2019 23:04:09.7672 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Nw+jjBQWRRzg8sGerNiCeBRVmsqhNugJPs0tGBenoXaMdZm9cLwhHS+XzZtQmx5wq5aXI2FaW27qfiGGGdnVPMuo+Kt9I8yU4RfeaBtTGi4=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB3353
Archived-At: <>
Subject: Re: [core] Roman Danyliw's Discuss on draft-ietf-core-senml-etch-05: (with DISCUSS and COMMENT)
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 03 Nov 2019 23:04:21 -0000

Hi Roman,

Thank you for your review! And apologies for late reply. Here's a PR to address your comments:

See comments and questions inline below.


> On 4. Sep 2019, at 21.45, Roman Danyliw via Datatracker <> wrote:
> ----------------------------------------------------------------------
> ----------------------------------------------------------------------
> (1) Section 5.  It’s helpful that this document notes the relevance of SenML’s
> security and privacy considerations (i.e., Section 13 of RFC8428).  However,
> this references seems circular.  RFC8428 says, “SenML formats alone do not
> provide any security and instead rely on the protocol that carries them to
> provide security.”  This document seems to be that “protocol that carries them”
> implying it  should cover the security mechanisms.  Is it not appropriate to
> suggest that CoAPs can address the (per RFC8428) “confidentiality, data
> integrity, and authentication as appropriate for the usage.”? If not, what
> additional guidance can be provided?

Yes, secure CoAP would be addressing the security requirements in this case. I can make this explicit by adding to the first paragraph:

  CoAP's security mechanisms are used to provide security for the FETCH and (i)PATCH methods.

> (2) Section 5.  It seems like it would be appropriate for the server to support
> access control to restrict the client’s ability access and modify a resource
> with FETCH and (i)PATCH.  My read of “Per “In FETCH and (i)PATCH requests, the
> client can pass arbitrary names to the target resource for manipulation.  The
> resource implementer must take care to only allow access to names that are
> actually part of (or accessible through) the target resource”, doesn’t suggest
> that type of access control.

Yes, access control should be OK here. Do you have any suggestion how to make this more clear here? Note that each SenML name may or may not map to a separate resource (hence the wording "are actually part of (or accessible through) the target resource").

> ----------------------------------------------------------------------
> ----------------------------------------------------------------------
> (3) Section 3.1.  A few questions about how general purpose of a query language
> is possible with the FETCH:
> -- (To confirm based on the text “The SenML Records are selected by giving a
> set of names that …”) Does a name always have to be in the Fetch Request (i.e.,
> ‘at least one “n” MUST be in the Fetch Request’)?

Yes. I clarified this with:

A Fetch Pack MUST contain at least one Fetch Record. A Fetch Record MUST
contain a name and/or base name field(s).

> Using the third example in Section 5.1.2 of RFC8428 as a source:
> -- The current text mentions that names and time can be in the Fetch Pack
> request.  Can other fields also be used as part of the criteria, say “v”?  For
> example, would ‘{“n”:” urn:dev:ow:10e2073a01080063”, “v”:”21.5”}’ return the
> three name+time records where the value is 21.5?

The intention was that only name and time could be used to select records; the last paragraph says that all others must be ignored. But looking at this closer I realized now that we probably need to add Unit to the selection criteria to support cases where same sensor name is used with multiple units for different types of measurements. 

But since this would be new functionality, I'll put this into a separate PR (needs likely more work):

> (4) Section 3.1. If there is no match for a Fetch, how is that signaled back in
> the response?  Is there any guidance to provide on error handling via CoAP
> error codes?

Good catch. Clarified this with:

If no SenML Records match, empty SenML Pack (i.e., array with no
elements) is returned as a response.

> (5) Editorial Nits:
> -- Section 3.1.   s/When SenML Records contain also time values/When SenML
> Records also contain time values/

I realized this was not fully correct and rewrote that part into:
The SenML time field can be used in a Fetch Record to further narrow the
selection of matched SenML Records.