[core] Protocol Action: 'CoAP: Echo, Request-Tag, and Token Processing' to Proposed Standard (draft-ietf-core-echo-request-tag-14.txt)
The IESG <iesg-secretary@ietf.org> Fri, 08 October 2021 16:17 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: core@ietf.org
Delivered-To: core@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id ECC813A05DE; Fri, 8 Oct 2021 09:17:35 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 7.38.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: Marco Tiloca <marco.tiloca@ri.se>, The IESG <iesg@ietf.org>, core-chairs@ietf.org, core@ietf.org, draft-ietf-core-echo-request-tag@ietf.org, francesca.palombini@ericsson.com, marco.tiloca@ri.se, rfc-editor@rfc-editor.org
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <163370985594.28895.16278536032772383866@ietfa.amsl.com>
Date: Fri, 08 Oct 2021 09:17:35 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/zs60eKB9eqoV-VsNMHcrkS8yZno>
Subject: [core] Protocol Action: 'CoAP: Echo, Request-Tag, and Token Processing' to Proposed Standard (draft-ietf-core-echo-request-tag-14.txt)
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Oct 2021 16:17:36 -0000
The IESG has approved the following document: - 'CoAP: Echo, Request-Tag, and Token Processing' (draft-ietf-core-echo-request-tag-14.txt) as Proposed Standard This document is the product of the Constrained RESTful Environments Working Group. The IESG contact persons are Murray Kucherawy and Francesca Palombini. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-core-echo-request-tag/ Technical Summary This document specifies enhancements to the Constrained Application Protocol (CoAP) that mitigate security issues in particular use cases. The Echo option enables a CoAP server to verify the freshness of a request or to force a client to demonstrate reachability at its claimed network address. The Request-Tag option allows the CoAP server to match block-wise message fragments belonging to the same request. This document updates RFC7252 with respect to the client Token processing requirements, forbidding non-secure reuse of Tokens to ensure binding of response to request when CoAP is used with security, and with respect to amplification mitigation, where the use of Echo is now recommended. Working Group Summary / Document Quality The document has been discussed in multiple IETF meetings, and has gone through multiple expert reviews. Consensus has been reached on the content of this document and its need. Personnel Document Shepherd: Marco Tiloca Area Director: Francesca Palombini