CoRE Working Group B. Silverajan Internet-Draft Tampere University Intended status: Standards Track M. Koster Expires: 13 June 2025 Dogtiger Labs A. Soloway Qualcomm Technologies, Inc. 10 December 2024 Conditional Attributes for Constrained RESTful Environments draft-ietf-core-conditional-attributes-10 Abstract This specification defines Conditional Notification and Control Attributes that work with CoAP Observe (RFC7641). About This Document This note is to be removed before publishing as an RFC. Status information for this document may be found at https://datatracker.ietf.org/doc/draft-ietf-core-conditional- attributes/. Discussion of this document takes place on the core Working Group mailing list (mailto:core@ietf.org), which is archived at https://mailarchive.ietf.org/arch/browse/core/. Subscribe at https://www.ietf.org/mailman/listinfo/core/. Source for this draft and an issue tracker can be found at https://github.com/core-wg/conditional-attributes. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." Silverajan, et al. Expires 13 June 2025 [Page 1] Internet-Draft Conditional Attributes for CoRE December 2024 This Internet-Draft will expire on 13 June 2025. Copyright Notice Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Conditional Attributes . . . . . . . . . . . . . . . . . . . 3 3.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 4 3.2. Registration . . . . . . . . . . . . . . . . . . . . . . 4 3.3. Operation . . . . . . . . . . . . . . . . . . . . . . . . 6 3.4. Cancellation . . . . . . . . . . . . . . . . . . . . . . 7 3.5. Conditional Notification Attributes . . . . . . . . . . . 8 3.5.1. Greater Than (c.gt) . . . . . . . . . . . . . . . . . 9 3.5.2. Less Than (c.lt) . . . . . . . . . . . . . . . . . . 9 3.5.3. Change Step (c.st) . . . . . . . . . . . . . . . . . 10 3.5.4. Notification Band (c.band) . . . . . . . . . . . . . 10 3.5.5. Edge (c.edge) . . . . . . . . . . . . . . . . . . . . 11 3.6. Conditional Control Attributes . . . . . . . . . . . . . 11 3.6.1. Minimum Period (c.pmin) . . . . . . . . . . . . . . . 12 3.6.2. Maximum Period (c.pmax) . . . . . . . . . . . . . . . 12 3.6.3. Minimum Evaluation Period (c.epmin) . . . . . . . . . 13 3.6.4. Maximum Evaluation Period (c.epmax) . . . . . . . . . 13 3.6.5. Confirmable Notification (c.con) . . . . . . . . . . 13 3.7. Server processing of Conditional Attributes . . . . . . . 13 4. Implementation Considerations . . . . . . . . . . . . . . . . 14 5. Security Considerations . . . . . . . . . . . . . . . . . . . 14 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 17 7.1. Normative References . . . . . . . . . . . . . . . . . . 17 7.2. Informative References . . . . . . . . . . . . . . . . . 17 Appendix A. Pseudocode: Processing Conditional Attributes . . . 18 Appendix B. Examples . . . . . . . . . . . . . . . . . . . . . . 19 B.1. Minimum Period (c.pmin) example . . . . . . . . . . . . . 20 B.2. Maximum Period (c.pmax) example . . . . . . . . . . . . . 20 Silverajan, et al. Expires 13 June 2025 [Page 2] Internet-Draft Conditional Attributes for CoRE December 2024 B.3. Greater Than (c.gt) example . . . . . . . . . . . . . . . 22 B.4. Greater Than (c.gt) and Period Max (c.pmax) example . . . 22 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 24 Changelog . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 26 1. Introduction IETF Standards for machine-to-machine communication in constrained environments describe the Constrained Application Protocol (CoAP) [RFC7252], a RESTful application protocol, as well as a set of related information standards that may be used to represent machine data and machine metadata in REST interfaces. This specification defines Conditional Notification and Control Attributes for use with CoAP Observe [RFC7641]. 2. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. This specification requires readers to be familiar with all the terms and concepts that are discussed in [RFC7252] and [RFC7641]. This specification makes use of the following additional terminology: Notification Band: A resource value range that may be bounded by a minimum and maximum value or may be unbounded having either a minimum or maximum value. 3. Conditional Attributes This specification defines conditional attributes for use with CoRE Observe [RFC7641]. Conditional attributes provide fine-grained control of notification and synchronization of resource states. A CoAP client conveys conditional attributes as metadata using the query component of a CoAP URI. A conditional attribute can be represented as a "name=value" query parameter or simply a "name" without a value. Multiple conditional attributes in a query component are separated with an ampersand "&". A resource marked as Observable in its link description SHOULD support these conditional attributes. Silverajan, et al. Expires 13 June 2025 [Page 3] Internet-Draft Conditional Attributes for CoRE December 2024 This specification assumes that there are finite quantization effects in the internal or external updates to the value representing the state of a resource; specifically, that a resource state may be updated at any time with any valid value. We therefore avoid any continuous-time assumptions in the description of the conditional attributes and instead use the phrase "sampled value" to refer to a member of a sequence of values that may be internally observed from the resource state over time. 3.1. Overview If a CoAP client is interested in obtaining all the state representations of a resource from a CoAP server as they change, the client is able to do so by using CoAP Observe. If a CoAP client is instead interested in receiving only state representations fulfilling certain constraints (such as a minimum/maximum value), it can do so by indicating conditional attributes as query paramets in its request to a CoAP server, when registering its interest in observing a resource. The usage of conditional attributes employs the notion of resource state projection, in which the client requests the server to project a new state from the current resource representation. When a server receives a request containing conditional attributes from a client, the server maintains a projected resource state separate from a resource state requested without conditional attributes. The mechanism can be explained in the following subsections in terms of registration, operation and cancellation. 3.2. Registration In this example, 3 CoAP endpoints are shown: Clients A and B are interested in obtaining updates to state representations describing the current CO2 level, provided by a CoAP Server. In Figure 1, Client A uses CoAP Observe to register its interest in receiving all updates to the CO2 resource state from the Server. Silverajan, et al. Expires 13 June 2025 [Page 4] Internet-Draft Conditional Attributes for CoRE December 2024 ClientA ClientB Server │ │ │ │ │ ( CO2 ) │ GET /CO2 │ │ │ Token: 0x42 │ │ │ Observe: 0 │ │ +───────────────┼───────────────────────>│ │ │ │ │ │ │ │ │ 2.05 Content │ │ │ Token: 0x42 │ │ │ Observe: 12 │ │ │ Payload: "600 ppm" │ │<──────────────┼────────────────────────+ │ │ │ │ │ │ │ │ 2.05 Content │ │ │ Token: 0x42 │ │ │ Observe: 23 │ │ │ Payload: "800 ppm" │ │<──────────────┼────────────────────────+ │ │ │ Figure 1: Client A registers and receives one notification of the current state and one state update. Client B, on the other hand is interested in receiving only a subset of updates from the Server. In Figure 2, Client B is depicted using CoAP Observe with a conditional attribute to register its interest in receiving specific updates to the C02 resource state from the Server. The Server provides a representation of the current state and creates a new state projection in which the interest of Client B is registered. Silverajan, et al. Expires 13 June 2025 [Page 5] Internet-Draft Conditional Attributes for CoRE December 2024 ClientA ClientB Server │ │ │ │ │ ( CO2 ) │ │ │ │ │ │ │ │ GET /CO2?c.gt=1000 │ │ │ Token: 0x66 │ │ │ Observe: 0 │ │ +───────────────────────>│ │ │ │ │ │ 2.05 Content │ │ │ Token: 0x66 │ │ │ Observe: 20 │ Resource State │ │ Payload: "800 ppm" │ Projection │ │<───────────────────────+ .................. │ │ +--->. /CO2?c.gt=1000 . │ │ │ .................. │ │ │ . │ │ │ . │ │ │ . Figure 2: Client B registers with conditional attributes, and receives one notification of the current state and a state projection is created. 3.3. Operation In subsequent interactions for providing state updates, the Server will continue to provide all state updates to Client A, while Client B receives state updates fulfilling the conditions specified by the conditional attribute. Silverajan, et al. Expires 13 June 2025 [Page 6] Internet-Draft Conditional Attributes for CoRE December 2024 ClientA ClientB Server │ │ │ │ │ ( CO2 ) │ │ │ │ │ │ Resource State │ │ │ Projection │ │ │ .................. │ │ +--->. /CO2?c.gt=1000 . │ │ │ .................. │ │ │ . │ │ 2.05 Content │ . │ │ Token: 0x42 │ . │ │ Observe: 29 │ . │ │ Payload: "1000 ppm" │ . │<──────────────┼────────────────────────+ . │ │ │ . │ │ 2.05 Content │ . │ │ Token: 0x66 │ . │ │ Observe: 23 │ . │ │ Payload: "1100 ppm" │ . │ │<───────────────────────┤-------------+ │ │ │ . │ │ 2.05 Content │ . │ │ Token: 0x42 │ . │ │ Observe: 33 │ . │ │ Payload: "1100 ppm" │ . │<──────────────┼────────────────────────+ . │ │ │ . Figure 3: Clients A and B receiving C02 state updates from the Server, without and with conditional attributes, respectively. 3.4. Cancellation A client that wishes to cancel an existing registration can do so in accordance with Section 3.6 of [RFC7641]. If a client wishes to explicitly cancel an existing registration by issuing a GET request, it MUST also additionally supply the original URI containing the conditional attributes that was conveyed to the server during the registration. This is depicted in Figure 4 for Client B. Silverajan, et al. Expires 13 June 2025 [Page 7] Internet-Draft Conditional Attributes for CoRE December 2024 ClientA ClientB Server │ │ │ │ │ ( CO2 ) │ │ │ │ │ │ Resource State │ │ │ Projection │ │ │ .................. │ │ +--->. /CO2?c.gt=1000 . │ │ │ .................. │ │ │ . │ │ │ . │ │ GET /CO2?c.gt=1000 │ . │ │ Token: 0x66 │ . │ │ Observe: 1 │ . │ +────────────────────────┤------------>. │ │ │ . │ │ │ . │ │ 2.05 Content │ . │ │ Token: 0x66 │ . │ │ Payload: "900 ppm" │ . │ │<───────────────────────┤-------------+ │ │ │ │ │ │ │ │ │ Figure 4: Client B explicitly cancelling an existing registration. 3.5. Conditional Notification Attributes Conditional Notification Attributes define the conditions that trigger a notification. Conditional Notification Attributes SHOULD be evaluated on all potential notifications from a resource, whether resulting from an internal server-driven sampling process or from external update requests to the server. The set of Conditional Notification Attributes defined here allows a client to control how often a notification is received and how much a representation state should change in order to trigger a notification. One or more Conditional Notification Attributes MAY be included in an Observe request. Conditional Notification Attributes are defined below: Silverajan, et al. Expires 13 June 2025 [Page 8] Internet-Draft Conditional Attributes for CoRE December 2024 +===================+========+=================+ | Attribute | Name | Value Type | +===================+========+=================+ | Greater Than | c.gt | xs:decimal | +-------------------+--------+-----------------+ | Less Than | c.lt | xs:decimal | +-------------------+--------+-----------------+ | Change Step | c.st | xs:decimal (>0) | +-------------------+--------+-----------------+ | Notification Band | c.band | (none) | +-------------------+--------+-----------------+ | Edge | c.edge | xs:boolean | +-------------------+--------+-----------------+ Table 1: Conditional Notification Attributes 3.5.1. Greater Than (c.gt) When present, Greater Than indicates the upper limit value the sampled value SHOULD cross before triggering a notification. A notification is sent whenever the sampled value crosses the specified upper limit value, relative to the last reported value, and the time for "c.pmin" has elapsed since the last notification. The sampled value is sent in the notification. If the value continues to rise, no notifications are generated as a result of "c.gt". If the value drops below the upper limit value then a notification is sent, subject again to the "c.pmin" time. The Greater Than parameter can only be supported on resources with a scalar numeric value. 3.5.2. Less Than (c.lt) When present, Less Than indicates the lower limit value the resource value SHOULD cross before triggering a notification. A notification is sent whenever the sampled value crosses the specified lower limit value, relative to the last reported value, and the time for "c.pmin" has elapsed since the last notification. The sampled value is sent in the notification. If the value continues to fall no notifications are generated as a result of "c.lt". If the value rises above the lower limit value then a new notification is sent, subject to the "c.pmin" time. The Less Than parameter can only be supported on resources with a scalar numeric value. Silverajan, et al. Expires 13 June 2025 [Page 9] Internet-Draft Conditional Attributes for CoRE December 2024 3.5.3. Change Step (c.st) When present, Change step indicates how much the value representing a resource state SHOULD change before triggering a notification, compared to the previous resource state. Upon reception of a query including the "c.st" attribute, the current resource state representing the most recently sampled value is reported, and then set as the last reported value (last_rep_v). When a subsequent sampled value or update of the resource state differs from the last reported state by an amount, positive or negative, greater than or equal to "c.st", and the time for "c.pmin" has elapsed since the last notification, a notification is sent and the last reported value is updated to the new resource state sent in the notification. The change step MUST be greater than zero, otherwise the receiver MUST return a CoAP error code 4.00 "Bad Request" (or equivalent). The Change Step parameter can only be supported on resources with a scalar numeric value. Note: due to sampling and other constraints, e.g., "c.pmin", the change in resource states received in two sequential notifications may differ by more than "c.st". 3.5.4. Notification Band (c.band) The Notification Band attribute allows a bounded or unbounded (based on a minimum or maximum) value range that may trigger multiple notifications. This enables use cases where different ranges result in differing behaviour. For example, in monitoring the temperature of machinery, whilst the temperature is in the normal operating range, only periodic updates are needed. However as the temperature moves to more abnormal ranges, more frequent state updates may be sent to clients. Without a notification band, a transition across a Less Than (c.lt), or Greater Than (c.gt) limit only generates one notification. This means that it is not possible to describe a case where multiple notifications are sent so long as the limit is exceeded. The "c.band" attribute works as a modifier to the behaviour of "c.gt" and "c.lt". Its use is determined only by its presence, as this attribute takes no value. Therefore, if "c.band" is present in a query, "c.gt", "c.lt", or both, MUST be included. Silverajan, et al. Expires 13 June 2025 [Page 10] Internet-Draft Conditional Attributes for CoRE December 2024 When "c.band" is present with "c.lt" but without "c.gt", the lower bound for the notification band (notification band minimum) is defined. Notifications occur when the resource value is equal to or above the notification band minimum. No maximum values exist for the band. When "c.band" is present with "c.gt" but without "c.lt", the upper bound for the notification band (notification band maximum) is defined. Notifications occur when the resource value is equal to or below the notification band maximum. No minimum values exist for the band. If "c.band" is specified and the value of "c.gt" is less than that of "c.lt", in-band notification occurs. That is, notification occurs whenever the resource value is between the "c.gt" and "c.lt" values, including equal to "c.gt" or "c.lt". If "c.band" is specified and the value of "c.gt" is greater than that of "c.lt", out-of-band notification occurs. That is, notification occurs when the resource value is not between the "c.gt" and "c.lt" values, excluding equal to "c.gt" and "c.lt". The Notification Band parameter can only be supported on resources with a scalar numeric value. 3.5.5. Edge (c.edge) When present, the Edge attribute indicates interest for receiving notifications of either the falling edge or the rising edge transition of a boolean resource state. When the value of the "c.edge" attribute is 0 (False), the server notifies the client each time a resource state changes from True to False. When the value of the "c.edge" attribute is 1 (True), the server notifies the client each time a resource state changes from False to True. The "c.edge" attribute can only be supported on resources with a boolean value. 3.6. Conditional Control Attributes Conditional Control Attributes define the time intervals between consecutive notifications as well as the cadence of the evaluation of the conditions that trigger a notification. Conditional Control Attributes can be used to configure the internal server-driven sampling process for performing evaluations of the conditions of a resource. One or more Conditional Control Attributes MAY be included in an Observe request. Silverajan, et al. Expires 13 June 2025 [Page 11] Internet-Draft Conditional Attributes for CoRE December 2024 Conditional Control Attributes are defined below: +===============================+=========+=================+ | Attribute | Name | Value Type | +===============================+=========+=================+ | Minimum Period (s) | c.pmin | xs:decimal (>0) | +-------------------------------+---------+-----------------+ | Maximum Period (s) | c.pmax | xs:decimal (>0) | +-------------------------------+---------+-----------------+ | Minimum Evaluation Period (s) | c.epmin | xs:decimal (>0) | +-------------------------------+---------+-----------------+ | Maximum Evaluation Period (s) | c.epmax | xs:decimal (>0) | +-------------------------------+---------+-----------------+ | Confirmable Notification | c.con | xs:boolean | +-------------------------------+---------+-----------------+ Table 2: Conditional Control Attributes 3.6.1. Minimum Period (c.pmin) When present, Minimum Period indicates the minimum time, in seconds, between two consecutive notifications (whether or not the resource state has changed). In the absence of this parameter, the minimum period is up to the server. Minimum Period MUST be greater than zero, otherwise the receiver MUST return a CoAP error code 4.00 "Bad Request" (or equivalent). A server MAY update the resource state with the last sampled value that occurred during the "c.pmin" interval, after the "c.pmin" interval expires. Note: due to finite quantization effects, the time between notifications may be greater than "c.pmin" even when the sampled value changes within the "c.pmin" interval. "c.pmin" may or may not be used to drive the internal sampling process. 3.6.2. Maximum Period (c.pmax) When present, Maximum Period indicates the maximum time, in seconds, between two consecutive notifications (regardless of whether or not the resource state has changed). In the absence of this parameter, the maximum period is up to the server. Maximum Period MUST be greater than zero and MUST be greater than or equal to Minimum Period (if present), otherwise the receiver MUST return a CoAP error code 4.00 "Bad Request" (or equivalent). Silverajan, et al. Expires 13 June 2025 [Page 12] Internet-Draft Conditional Attributes for CoRE December 2024 3.6.3. Minimum Evaluation Period (c.epmin) When present, Minimum Evaluation Period indicates the minimum time, in seconds, the client recommends to the server to wait between two consecutive evaluations of the conditions of a resource, since the client has no interest in the server doing more frequent evaluations. When the value of Minimum Evaluation Period expires after the previous evaluation, the server MAY immediately perform a new evaluation. In the absence of this parameter, the minimum evaluation period is not defined and thus not used by the server. The server MAY use "c.pmin", if defined, as a guidance on the desired evaluation cadence. Minimum Evaluation Period MUST be greater than zero, otherwise the receiver MUST return a CoAP error code 4.00 "Bad Request" (or equivalent). 3.6.4. Maximum Evaluation Period (c.epmax) When present, Maximum Evaluation Period indicates the maximum time, in seconds, the server MAY wait between two consecutive evaluations of the conditions of a resource. When the value of Maximum Evaluation Period expires after the previous evaluation, the server MUST immediately perform a new evaluation. In the absence of this parameter, the maximum evaluation period is not defined and thus not used by the server. Maximum Evaluation Period MUST be greater than zero and MUST be greater than Minimum Evaluation Period (if present), otherwise the receiver MUST return a CoAP error code 4.00 "Bad Request" (or equivalent). 3.6.5. Confirmable Notification (c.con) When present with a value of 1 (True), Confirmable Notification indicates that a notification MUST be confirmable, i.e., the server MUST send the notification in a confirmable CoAP message, to request an acknowledgement from the client. When present with a value of 0 (False), Confirmable Notification indicates a notification can be confirmable or non-confirmable, i.e., it can be sent in a confirmable or a non-confirmable CoAP message. 3.7. Server processing of Conditional Attributes Conditional Notification Attributes and Conditional Control Attributes may be present in the same query. However, they are not defined at multiple prioritization levels. The server sends a notification whenever any of the parameter conditions are met, upon which it updates its last notification value and time to prepare for the next notification. When Conditional Notification Attributes and Conditional Control Attributes are present in the same query, notifications may be subjected to the presence of a Conditional Silverajan, et al. Expires 13 June 2025 [Page 13] Internet-Draft Conditional Attributes for CoRE December 2024 Control Attribute such as "c.pmin" or "c.pmax". Only one notification occurs when there are multiple conditions being met at the same time. As a general example, the pseudocode illustrated in Appendix A shows one way to determine when a notification is to be sent. 4. Implementation Considerations When "c.pmax" and "c.pmin" are equal, the expected behaviour is that notifications will be sent every (c.pmin == c.pmax) seconds. However, these notifications can only be fulfilled by the server on a best effort basis. Because "c.pmin" and "c.pmax" are designed as acceptable tolerance bounds for sending state updates, a query from an interested client containing equal "c.pmin" and "c.pmax" values must not be seen as a hard real-time scheduling contract between the client and the server. The use of the notification band minimum and maximum allows for a synchronization whenever a change in the resource value occurs. Theoretically, this could occur in-line with the server internal sample period or as defined by the "c.epmin" and "c.epmax" values for determining the resource value. Implementors SHOULD consider the resolution needed before updating the resource, e.g., updating the resource when a temperature sensor value changes by 0.001 degree versus 1 degree. When a server has multiple observations with different measurement cadences as defined by the "c.epmin" and "c.epmax" values, the server MAY evaluate all observations when performing the measurement of any one observation. This specification defines conditional attributes that can be used with CoAP Observe relationships between CoAP clients and CoAP servers. However, it is recognised that the presence of one or more proxies between a client and a server can interfere with clients receiving resource updates, if a proxy does not supply resource representations when the value remains unchanged (e.g., if "c.pmax" is set, and the server sends multiple updates when the resource state contains the same value). A server SHOULD use the Max-Age option to mitigate this, by setting Max-Age to be less than or equal to "c.pmax". 5. Security Considerations The security considerations in Section 11 of [RFC7252] apply. Additionally, the security considerations in Section 7 of [RFC7641] also apply, particularly towards mitigating amplification attacks. Silverajan, et al. Expires 13 June 2025 [Page 14] Internet-Draft Conditional Attributes for CoRE December 2024 As noted in Section 2.2 of [I-D.irtf-t2trg-amplification-attacks], an attacker might choose to craft GET requests, in which observations are requested together with conditional attributes such as c.pmax or c.epmax with values that are below a minimum implementation-specific threshold. If a server receives such a request and is unwilling to register the observer client, the server MAY silently ignore the registration request and process the GET request as usual. The resulting response MUST NOT include an Observe Option, the absence of which signals to the client that it will not be added to the list of observers by the server. 6. IANA Considerations This document has the following actions for IANA: Note to RFC Editor: Please replace all occurrences of "[RFC-XXXX]" with the RFC number of this specification and delete this paragraph. This document establishes the "Conditional Attributes" registry within the "Constrained RESTful Environments (CoRE) Parameters" registry group, in order to ensure that attributes map uniquely to query parameter names. Each entry in the registry must include: * Attribute: This is the human-readable name and description of the attribute, * Parameter: This is the short name, as used in query parameters, * Value Type: The value type of the attribute (if any), * Reference: The link to reference documentation, which must give details describing the conditional notification or control attribute and how it is to be processed. Initial entries in this subregistry are as follows: Silverajan, et al. Expires 13 June 2025 [Page 15] Internet-Draft Conditional Attributes for CoRE December 2024 +==============+===========+============+============+===========+ | Attribute | Parameter | Value Type | Change | Reference | | | | | Controller | | +==============+===========+============+============+===========+ | Minimum | c.pmin | xs:decimal | IETF | RFC XXXX | | Period (s) | | (>0) | | | +--------------+-----------+------------+------------+-----------+ | Maximum | c.pmax | xs:decimal | IETF | RFC XXXX | | Period (s) | | (>0) | | | +--------------+-----------+------------+------------+-----------+ | Minimum | c.epmin | xs:decimal | IETF | RFC XXXX | | Evaluation | | (>0) | | | | Period (s) | | | | | +--------------+-----------+------------+------------+-----------+ | Maximum | c.epmax | xs:decimal | IETF | RFC XXXX | | Evaluation | | (>0) | | | | Period (s) | | | | | +--------------+-----------+------------+------------+-----------+ | Confirmable | c.con | xs:boolean | IETF | RFC XXXX | | Notification | | | | | +--------------+-----------+------------+------------+-----------+ | Greater Than | c.gt | xs:decimal | IETF | RFC XXXX | +--------------+-----------+------------+------------+-----------+ | Less Than | c.lt | xs:decimal | IETF | RFC XXXX | +--------------+-----------+------------+------------+-----------+ | Change Step | c.st | xs:decimal | IETF | RFC XXXX | | | | (>0) | | | +--------------+-----------+------------+------------+-----------+ | Notification | c.band | (none) | IETF | RFC XXXX | | Band | | | | | +--------------+-----------+------------+------------+-----------+ | Edge | c.edge | xs:boolean | IETF | RFC XXXX | +--------------+-----------+------------+------------+-----------+ Table 3: New Conditional Attributes registry The IANA policy for future additions to the subregistry is Expert Review, as described in [RFC8126]. The evaluation of a registration request should consider the following points: * Clarity and correctness of registrations. Experts are expected to check the clarity of purpose and use of the new conditional attributes and associated query parameters, which have to be clearly defined in the corresponding reference documentation. Conditional attributes that do not meet these objectives of clarity and completeness must not be registered. Silverajan, et al. Expires 13 June 2025 [Page 16] Internet-Draft Conditional Attributes for CoRE December 2024 * Point squatting should be discouraged. Reviewers are encouraged to get sufficient information for registration requests to ensure that a new conditional attribute is likely to be used in deployments and is not going to duplicate one that is already registered. To reduce the potential for conflict with commonly used query parameter names, it is strongly recommended that new entry names be prepended with "c." (such as entries described in Table 3). 7. References 7.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC7252] Shelby, Z., Hartke, K., and C. Bormann, "The Constrained Application Protocol (CoAP)", RFC 7252, DOI 10.17487/RFC7252, June 2014, . [RFC7641] Hartke, K., "Observing Resources in the Constrained Application Protocol (CoAP)", RFC 7641, DOI 10.17487/RFC7641, September 2015, . [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 8126, DOI 10.17487/RFC8126, June 2017, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . 7.2. Informative References [I-D.irtf-t2trg-amplification-attacks] Mattsson, J. P., Selander, G., and C. Amsüss, "Amplification Attacks Using the Constrained Application Protocol (CoAP)", Work in Progress, Internet-Draft, draft- irtf-t2trg-amplification-attacks-04, 8 December 2024, . Silverajan, et al. Expires 13 June 2025 [Page 17] Internet-Draft Conditional Attributes for CoRE December 2024 Appendix A. Pseudocode: Processing Conditional Attributes This appendix is informative. It describes the possible logic of how a server processes conditional attributes to determine when to send a notification to a client. Note: The pseudocode is not exhaustive nor should it be treated as reference code. It depicts a subset of the conditional attributes described in this specification. // struct Resource { // // bool band; // int pmin; // int pmax; // int epmin; // int epmax; // int st; // int gt; // int lt; // // time_t last_sampled_time; // time_t last_rep_time; // int curr_state; // int prev_state; // // ... // // }; boolean is_notifiable( Resource * r ) { time_t curr_time = get_current_time(); #define BAND_EXISTS ( r->band ) #define LT_EXISTS ( r->lt ) #define GT_EXISTS ( r->gt ) #define EPMIN_TRUE ( curr_time - r->last_sampled_time >= r->epmin ) #define EPMAX_TRUE ( curr_time - r->last_sampled_time > r->epmax ) #define PMIN_TRUE ( curr_time - r->last_reported_time >= r->pmin ) #define PMAX_TRUE ( curr_time - r->last_reported_time > r->pmax ) #define LT_TRUE ( r->curr_state < r->lt ^ r->prev_state < r->lt ) Silverajan, et al. Expires 13 June 2025 [Page 18] Internet-Draft Conditional Attributes for CoRE December 2024 #define GT_TRUE ( r->curr_state > r->gt ^ r->prev_state > r->gt ) #define ST_TRUE ( abs( r->curr_state - r->prev_state ) >= r->st ) #define INBAND_TRUE ( gt < lt && \\ (gt <= curr_state && curr_state <= lt )) #define OUTOFBAND_TRUE ( lt < gt && \\ (gt < curr_state || curr_state < lt )) #define BANDMIN_TRUE ( r->lt <= r->curr_state) #define BANDMAX_TRUE (r->curr_state <= r->gt) if PMAX_TRUE { return true; } if PMIN_TRUE { if !BAND_EXISTS { if LT_TRUE || GT_TRUE || ST_TRUE { return true; } } else { if ( (BANDMIN_TRUE && !GT_EXISTS) || \ (BANDMAX_TRUE && !LT_EXISTS) || \ INBAND_TRUE || \ OUTOFBAND_TRUE ) { return true; } } } return false; } Figure 5: Pseudocode showing the logic for processing conditional attributes Appendix B. Examples This appendix is informative. It provides some examples of the use of Conditional Attributes. Note: For brevity, only the method or response code is shown in the header field. Silverajan, et al. Expires 13 June 2025 [Page 19] Internet-Draft Conditional Attributes for CoRE December 2024 B.1. Minimum Period (c.pmin) example Observed CLIENT SERVER Actual t State | | State ____________ | | ____________ 1 | | 2 unknown | | 18.5 Cel 3 +----->| Header: GET 4 | GET | Token: 0x4a 5 | | Uri-Path: temperature 6 | | Uri-Query: c.pmin="10" 7 | | Observe: 0 (register) 8 | | 9 ____________ |<-----+ Header: 2.05 10 | 2.05 | Token: 0x4a 11 18.5 Cel | | Observe: 9 12 | | Payload: "18.5 Cel" 13 | | ____________ 14 | | 15 | | 23 Cel 16 | | 17 | | 18 | | 19 | | ____________ 20 ____________ |<-----+ Header: 2.05 21 | 2.05 | 26 Cel Token: 0x4a 22 26 Cel | | Observe: 20 23 | | Payload: "26 Cel" 24 | | 25 | | Figure 6: Client registers and receives one notification of the current state and one of a new state state when c.pmin time expires. B.2. Maximum Period (c.pmax) example Silverajan, et al. Expires 13 June 2025 [Page 20] Internet-Draft Conditional Attributes for CoRE December 2024 Observed CLIENT SERVER Actual t State | | State ____________ | | ____________ 1 | | 2 unknown | | 18.5 Cel 3 +----->| Header: GET 4 | GET | Token: 0x4a 5 | | Uri-Path: temperature 6 | | Uri-Query: c.pmax="20" 7 | | Observe: 0 (register) 8 | | 9 ____________ |<-----+ Header: 2.05 10 | 2.05 | Token: 0x4a 11 18.5 Cel | | Observe: 9 12 | | Payload: "18.5 Cel" 13 | | 14 | | 15 | | ____________ 16 ____________ |<-----+ Header: 2.05 17 | 2.05 | 23 Cel Token: 0x4a 18 23 Cel | | Observe: 16 19 | | Payload: "23 Cel" 20 | | 21 | | 22 | | 23 | | 24 | | 25 | | 26 | | 27 | | 28 | | 29 | | 30 | | 31 | | 32 | | 33 | | 34 | | 35 | | 36 | | ____________ 37 ____________ |<-----+ Header: 2.05 38 | 2.05 | 23 Cel Token: 0x4a 39 23 Cel | | Observe: 37 40 | | Payload: "23 Cel" 41 | | 42 | | Silverajan, et al. Expires 13 June 2025 [Page 21] Internet-Draft Conditional Attributes for CoRE December 2024 Figure 7: Client registers and receives one notification of the current state, one of a new state and one of an unchanged state when c.pmax time expires. B.3. Greater Than (c.gt) example Observed CLIENT SERVER Actual t State | | State ____________ | | ____________ 1 | | 2 unknown | | 18.5 Cel 3 +----->| Header: GET 4 | GET | Token: 0x4a 5 | | Uri-Path: temperature 6 | | Uri-Query: c.gt=25 7 | | Observe: 0 (register) 8 | | 9 ____________ |<-----+ Header: 2.05 10 | 2.05 | Token: 0x4a 11 18.5 Cel | | Observe: 9 12 | | Payload: "18.5 Cel" 13 | | 14 | | 15 | | ____________ 16 ____________ |<-----+ Header: 2.05 17 | 2.05 | 26 Cel Token: 0x4a 18 26 Cel | | Observe: 16 29 | | Payload: "26 Cel" 20 | | 21 | | Figure 8: Client registers and receives one notification of the current state and one of a new state when it passes through the greater than threshold of 25. B.4. Greater Than (c.gt) and Period Max (c.pmax) example Silverajan, et al. Expires 13 June 2025 [Page 22] Internet-Draft Conditional Attributes for CoRE December 2024 Observed CLIENT SERVER Actual t State | | State ____________ | | ____________ 1 | | 2 unknown | | 18.5 Cel 3 +----->| Header: GET 4 | GET | Token: 0x4a 5 | | Uri-Path: temperature 6 | | Uri-Query: c.pmax=20&c.gt=25 7 | | Observe: 0 (register) 8 | | 9 ____________ |<-----+ Header: 2.05 10 | 2.05 | Token: 0x4a 11 18.5 Cel | | Observe: 9 12 | | Payload: "18.5 Cel" 13 | | 14 | | 15 | | 16 | | 17 | | 18 | | 19 | | 20 | | 21 | | 22 | | 23 | | 24 | | 25 | | 26 | | 27 | | 28 | | 29 | | ____________ 30 ____________ |<-----+ Header: 2.05 31 | 2.05 | 23 Cel Token: 0x4a 32 23 Cel | | Observe: 30 33 | | Payload: "23 Cel" 34 | | 35 | | 36 | | ____________ 37 ____________ |<-----+ Header: 2.05 38 | 2.05 | 26 Cel Token: 0x4a 39 26 Cel | | Observe: 37 40 | | Payload: "26 Cel" 41 | | 42 | | Silverajan, et al. Expires 13 June 2025 [Page 23] Internet-Draft Conditional Attributes for CoRE December 2024 Figure 9: Client registers and receives one notification of the current state, one when c.pmax time expires, and one of a new state when it passes through the greater than threshold of 25. Acknowledgements Hannes Tschofenig and Mert Ocak highlighted syntactical corrections in the usage of pmax and pmin in a query. David Navarro proposed allowing for pmax to be equal to pmin. Marco Tiloca and Ines Robles provided extensive reviews. Suggestions from Klaus Hartke aided greatly in clarifying how conditional attributes work with CoAP Observe. Security considerations were improved based on authors' observations in Section 2.2 of [I-D.irtf-t2trg-amplification-attacks]. Changelog This section is to be removed before publishing as an RFC. draft-ietf-core-conditional-attributes-10 * Rectifying text and a table column in IANA Considerations, that version -09 erroneously omitted. draft-ietf-core-conditional-attributes-09 * IANA Considerations section updated * Editorial and formatting fixes draft-ietf-core-conditional-attributes-08 * Various editorial fixes and corrections based on review comments on mailing list from Marco Tiloca. draft-ietf-core-conditional-attributes-07 * Expanded how conditional attributes work with Observe in sections 3.1 to 3.4 * Addressed early review from IoT Directorate * Security Considerations section expanded draft-ietf-core-conditional-attributes-06 * Removed code block from Section 3.5 Silverajan, et al. Expires 13 June 2025 [Page 24] Internet-Draft Conditional Attributes for CoRE December 2024 * Added an appendix containing pseudocode for server processing. draft-ietf-core-conditional-attributes-05 * Multiple (mostly editorial) clarifications and updates based on review comments on mailing list from Marco Tiloca. draft-ietf-core-conditional-attributes-04 * Reference code updated to include behaviour for edge attribute. draft-ietf-core-conditional-attributes-03 * Attribute names updated to create uniqueness for use as conditional observe attributes. draft-ietf-core-conditional-attributes-02 * Clarifications on usage and value of the band parameter * Implementation considerations for proxies added * Security considerations added * IANA considerations added draft-ietf-core-conditional-attributes-01 * Clarifications on True and False values for Edge and Con Attributes * Alan Soloway added as author draft-ietf-core-conditional-attributes-00 * Conditional Atttributes section from draft-ietf-core-dynlink-13 separated into own WG draft Contributors Christian Groves Australia Email: cngroves.std@gmail.com Silverajan, et al. Expires 13 June 2025 [Page 25] Internet-Draft Conditional Attributes for CoRE December 2024 Zach Shelby ARM FI- Vuokatti Finland Email: zach.shelby@arm.com Matthieu Vial Schneider-Electric Grenoble France Email: matthieu.vial@schneider-electric.com Jintao Zhu Huawei Xi’an, Shaanxi Province China Email: jintao.zhu@huawei.com Authors' Addresses Bilhanan Silverajan Tampere University Kalevantie 4 FI-33100 Tampere Finland Email: bilhanan.silverajan@tuni.fi Michael Koster Dogtiger Labs 524 H Street Antioch, CA, 94509 United States of America Email: michaeljohnkoster@gmail.com Alan Soloway Qualcomm Technologies, Inc. 5775 Morehouse Drive San Diego, 92121 United States of America Email: asoloway@qti.qualcomm.com Silverajan, et al. Expires 13 June 2025 [Page 26]