💾 Archived View for gemini.bortzmeyer.org › rfc-mirror › rfc9193.txt captured on 2023-03-20 at 18:30:53.

View Raw

More Information

⬅️ Previous capture (2022-06-11)

-=-=-=-=-=-=-





Internet Engineering Task Force (IETF)                        A. Keränen
Request for Comments: 9193                                      Ericsson
Category: Standards Track                                     C. Bormann
ISSN: 2070-1721                                   Universität Bremen TZI
                                                               June 2022


   Sensor Measurement Lists (SenML) Fields for Indicating Data Value
                             Content-Format

Abstract

   The Sensor Measurement Lists (SenML) media types support multiple
   types of values, from numbers to text strings and arbitrary binary
   Data Values.  In order to facilitate processing of binary Data
   Values, this document specifies a pair of new SenML fields for
   indicating the content format of those binary Data Values, i.e.,
   their Internet media type, including parameters as well as any
   content codings applied.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   Internet Standards is available in Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   https://www.rfc-editor.org/info/rfc9193.

Copyright Notice

   Copyright (c) 2022 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Revised BSD License text as described in Section 4.e of the
   Trust Legal Provisions and are provided without warranty as described
   in the Revised BSD License.

Table of Contents

   1.  Introduction
     1.1.  Evolution
   2.  Terminology
   3.  SenML Content-Format ("ct") Field
   4.  SenML Base Content-Format ("bct") Field
   5.  Examples
   6.  ABNF
   7.  Security Considerations
   8.  IANA Considerations
   9.  References
     9.1.  Normative References
     9.2.  Informative References
   Acknowledgments
   Authors' Addresses

1.  Introduction

   The Sensor Measurement Lists (SenML) media types [RFC8428] can be
   used to send various kinds of data.  In the example given in
   Figure 1, a temperature value, an indication whether a lock is open,
   and a Data Value (with SenML field "vd") read from a Near Field
   Communication (NFC) reader is sent in a single SenML Pack.  The
   example is given in SenML JSON representation, so the "vd" (Data
   Value) field is encoded as a base64url string (without padding), as
   per Section 5 of [RFC8428].

   [
     {"bn":"urn:dev:ow:10e2073a01080063:","n":"temp","u":"Cel","v":7.1},
     {"n":"open","vb":false},
     {"n":"nfc-reader","vd":"aGkgCg"}
   ]

             Figure 1: SenML Pack with Unidentified Binary Data

   The receiver is expected to know how to interpret the data in the
   "vd" field based on the context, e.g., the name of the data source
   and out-of-band knowledge of the application.  However, this context
   may not always be easily available to entities processing the SenML
   Pack, especially if the Pack is propagated over time and via multiple
   entities.  To facilitate automatic interpretation, it is useful to be
   able to indicate an Internet media type and, optionally, content
   codings right in the SenML Record.

   The Constrained Application Protocol (CoAP) Content-Format
   (Section 12.3 of [RFC7252]) provides this information in the form of
   a single unsigned integer.  For instance, [RFC8949] defines the
   Content-Format number 60 for Content-Type application/cbor.
   Enclosing this Content-Format number in the Record is illustrated in
   Figure 2.  All registered CoAP Content-Format numbers are listed in
   the "CoAP Content-Formats" registry [IANA.core-parameters], as
   specified by Section 12.3 of [RFC7252].  Note that, at the time of
   writing, the structure of this registry only provides for zero or one
   content coding; nothing in the present document needs to change if
   the registry is extended to allow sequences of content codings.

   {"n":"nfc-reader", "vd":"gmNmb28YKg", "ct":"60"}

         Figure 2: SenML Record with Binary Data Identified as CBOR

   In this example SenML Record, the Data Value contains a string "foo"
   and a number 42 encoded in a Concise Binary Object Representation
   (CBOR) [RFC8949] array.  Since the example above uses the JSON format
   of SenML, the Data Value containing the binary CBOR value is base64
   encoded (Section 5 of [RFC4648]).  The Data Value after base64
   decoding is shown with CBOR diagnostic notation in Figure 3.

   82           # array(2)
      63        # text(3)
         666F6F # "foo"
      18 2A     # unsigned(42)

          Figure 3: Example Data Value in CBOR Diagnostic Notation

1.1.  Evolution

   As with SenML in general, there is no expectation that the creator of
   a SenML Pack knows (or has negotiated with) each consumer of that
   Pack, which may be very remote in space and particularly in time.
   This means that the SenML creator in general has no way to know
   whether the consumer knows:

   *  each specific Media-Type-Name used,

   *  each parameter and each parameter value used,

   *  each content coding in use, and

   *  each Content-Format number in use for a combination of these.

   What SenML, as well as the new fields defined here, guarantees is
   that a recipient implementation _knows_ when it needs to be updated
   to understand these field values and the values controlled by them;
   registries are used to evolve these name spaces in a controlled way.
   SenML Packs can be processed by a consumer while not understanding
   all the information in them, and information can generally be
   preserved in this processing such that it is useful for further
   consumers.

2.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in
   BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

   Media type:  A registered label for representations (byte strings)
      prepared for interchange [RFC1590] [RFC6838], identified by a
      Media-Type-Name.

   Media-Type-Name:  A combination of a type-name and a subtype-name
      registered in [IANA.media-types], as per [RFC6838], conventionally
      identified by the two names separated by a slash.

   Content-Type:  A Media-Type-Name, optionally associated with
      parameters (Section 5 of [RFC2045], separated from the Media-Type-
      Name and from each other by a semicolon).  In HTTP and many other
      protocols, it is used in a Content-Type header field.

   Content coding:  A name registered in the "HTTP Content Coding
      Registry" [IANA.http-parameters], as specified by Sections 16.6.1
      and 18.6 of [RFC9110], indicating an encoding transformation with
      semantics further specified in Section 8.4.1 of [RFC9110].
      Confusingly, in HTTP, content coding values are found in a header
      field called "Content-Encoding"; however, "content coding" is the
      correct term for the process and the registered values.

   Content format:  The combination of a Content-Type and zero or more
      content codings, identified by (1) a numeric identifier defined in
      the "CoAP Content-Formats" registry [IANA.core-parameters], as per
      Section 12.3 of [RFC7252] (referred to as Content-Format number),
      or (2) a Content-Format-String.

   Content-Format-String:  The string representation of the combination
      of a Content-Type and zero or more content codings.

   Content-Format-Spec:  The string representation of a content format;
      either a Content-Format-String or the (decimal) string
      representation of a Content-Format number.

   Readers should also be familiar with the terms and concepts discussed
   in [RFC8428].

3.  SenML Content-Format ("ct") Field

   When a SenML Record contains a Data Value field ("vd"), the Record
   MAY also include a Content-Format indication field, using label "ct".
   The value of this field is a Content-Format-Spec, i.e., one of the
   following:

   *  a CoAP Content-Format number in decimal form with no leading zeros
      (except for the value "0" itself).  This value represents an
      unsigned integer in the range of 0-65535, similar to the "ct"
      attribute defined in Section 7.2.1 of [RFC7252] for CoRE Link
      Format [RFC6690].

   *  a Content-Format-String containing a Content-Type and zero or more
      content codings (see below).

   The syntax of this field is formally defined in Section 6.

   The CoAP Content-Format number provides a simple and efficient way to
   indicate the type of the data.  Since some Internet media types and
   their content coding and parameter alternatives do not have assigned
   CoAP Content-Format numbers, using Content-Type and zero or more
   content codings is also allowed.  Both methods use a string value in
   the "ct" field to keep its data type consistent across uses.  When
   the "ct" field contains only digits, it is interpreted as a CoAP
   Content-Format number.

   To indicate that one or more content codings are used with a Content-
   Type, each of the content coding values is appended to the Content-
   Type value (media type and parameters, if any), separated by an "@"
   sign, in the order of when the content codings were applied (the same
   order as in Section 8.4 of [RFC9110]).  For example (using a content
   coding value of "deflate", as defined in Section 8.4.1.2 of
   [RFC9110]):

   text/plain; charset=utf-8@deflate

   If no "@" sign is present after the media type and parameters, then
   no content coding has been specified, and the "identity" content
   coding is used -- no encoding transformation is employed.

4.  SenML Base Content-Format ("bct") Field

   The Base Content-Format field, label "bct", provides a default value
   for the Content-Format field (label "ct") within its range.  The
   range of the base field includes the Record containing it, up to (but
   not including) the next Record containing a "bct" field, if any, or
   up to the end of the Pack otherwise.  The process of resolving
   (Section 4.6 of [RFC8428]) this base field is performed by adding its
   value with the label "ct" to all Records in this range that carry a
   "vd" field but do not already contain a Content-Format ("ct") field.

   Figure 4 shows a variation of Figure 2 with multiple records, with
   the "nfc-reader" records resolving to the base field value "60" and
   the "iris-photo" record overriding this with the "image/png" media
   type (actual data left out for brevity).

   [
     {"n":"nfc-reader", "vd":"gmNmb28YKg",
      "bct":"60", "bt":1627430700},
     {"n":"nfc-reader", "vd":"gmNiYXIYKw", "t":10},
     {"n":"iris-photo", "vd":".....", "ct":"image/png", "t":10},
     {"n":"nfc-reader", "vd":"gmNiYXoYLA", "t":20}
   ]

                  Figure 4: SenML Pack with the bct Field

5.  Examples

   The following examples are valid values for the "ct" and "bct" fields
   (explanation/comments in parentheses):

   *  "60" (CoAP Content-Format number for "application/cbor")

   *  "0" (CoAP Content-Format number for "text/plain" with parameter
      "charset=utf-8")

   *  "application/json" (JSON Content-Type -- equivalent to "50" CoAP
      Content-Format number)

   *  "application/json@deflate" (JSON Content-Type with "deflate" as
      content coding -- equivalent to "11050" CoAP Content-Format
      number)

   *  "application/json@deflate@aes128gcm" (JSON Content-Type with
      "deflate" followed by "aes128gcm" as content codings)

   *  "text/csv" (Comma-Separated Values (CSV) [RFC4180] Content-Type)

   *  "text/csv;header=present@gzip" (CSV with header row, using "gzip"
      as content coding)

6.  ABNF

   This specification provides a formal definition of the syntax of
   Content-Format-Spec strings using ABNF notation [RFC5234], which
   contains three new rules and a number of rules collected and adapted
   from various RFCs [RFC9110] [RFC6838] [RFC5234] [RFC8866].

   ; New in this document

   Content-Format-Spec = Content-Format-Number / Content-Format-String

   Content-Format-Number = "0" / (POS-DIGIT *DIGIT)
   Content-Format-String   = Content-Type *("@" Content-Coding)

   ; Cleaned up from RFC 9110,
   ; leaving only SP as blank space,
   ; removing legacy 8-bit characters, and
   ; leaving the parameter as mandatory with each semicolon:

   Content-Type   = Media-Type-Name *( *SP ";" *SP parameter )
   parameter      = token "=" ( token / quoted-string )

   token          = 1*tchar
   tchar          = "!" / "#" / "$" / "%" / "&" / "'" / "*"
                  / "+" / "-" / "." / "^" / "_" / "`" / "|" / "~"
                  / DIGIT / ALPHA
   quoted-string  = %x22 *( qdtext / quoted-pair ) %x22
   qdtext         = SP / %x21 / %x23-5B / %x5D-7E
   quoted-pair    = "\" ( SP / VCHAR )

   ; Adapted from Section 8.4.1 of RFC 9110

   Content-Coding   = token

   ; Adapted from various specs

   Media-Type-Name = type-name "/" subtype-name

   ; From RFC 6838

   type-name = restricted-name
   subtype-name = restricted-name

   restricted-name = restricted-name-first *126restricted-name-chars
   restricted-name-first  = ALPHA / DIGIT
   restricted-name-chars  = ALPHA / DIGIT / "!" / "#" /
                            "$" / "&" / "-" / "^" / "_"
   restricted-name-chars =/ "." ; Characters before first dot always
                                ; specify a facet name
   restricted-name-chars =/ "+" ; Characters after last plus always
                                ; specify a structured syntax suffix


   ; Boilerplate from RFC 5234 and RFC 8866

   DIGIT     =  %x30-39           ; 0 - 9
   POS-DIGIT =  %x31-39           ; 1 - 9
   ALPHA     =  %x41-5A / %x61-7A ; A - Z / a - z
   SP        =  %x20
   VCHAR     =  %x21-7E           ; printable ASCII (no SP)

                Figure 5: ABNF Syntax of Content-Format-Spec

7.  Security Considerations

   The indication of a media type in the data does not exempt a
   consuming application from properly checking its inputs.  Also, the
   ability for an attacker to supply crafted SenML data that specifies
   media types chosen by the attacker may expose vulnerabilities of
   handlers for these media types to the attacker.  This includes
   "decompression bombs", compressed data that is crafted to decompress
   to extremely large data items.

8.  IANA Considerations

   IANA has assigned the following new labels in the "SenML Labels"
   subregistry of the "Sensor Measurement Lists (SenML)" registry
   [IANA.senml] (as defined in Section 12.2 of [RFC8428]) for the
   Content-Format indication, as per Table 1:

    +=====================+=======+===========+==========+===========+
    |                Name | Label | JSON Type | XML Type | Reference |
    +=====================+=======+===========+==========+===========+
    | Base Content-Format | bct   | String    | string   | RFC 9193  |
    +---------------------+-------+-----------+----------+-----------+
    |      Content-Format | ct    | String    | string   | RFC 9193  |
    +---------------------+-------+-----------+----------+-----------+

             Table 1: IANA Registration for New SenML Labels

   Note that, per Section 12.2 of [RFC8428], no CBOR labels nor
   Efficient XML Interchange (EXI) schemaId values (EXI ID column) are
   supplied.

9.  References

9.1.  Normative References

   [IANA.core-parameters]
              IANA, "Constrained RESTful Environments (CoRE)
              Parameters",
              <https://www.iana.org/assignments/core-parameters>.

   [IANA.http-parameters]
              IANA, "Hypertext Transfer Protocol (HTTP) Parameters",
              <https://www.iana.org/assignments/http-parameters>.

   [IANA.media-types]
              IANA, "Media Types",
              <https://www.iana.org/assignments/media-types>.

   [IANA.senml]
              IANA, "Sensor Measurement Lists (SenML)",
              <https://www.iana.org/assignments/senml>.

   [RFC2045]  Freed, N. and N. Borenstein, "Multipurpose Internet Mail
              Extensions (MIME) Part One: Format of Internet Message
              Bodies", RFC 2045, DOI 10.17487/RFC2045, November 1996,
              <https://www.rfc-editor.org/info/rfc2045>.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

   [RFC5234]  Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax
              Specifications: ABNF", STD 68, RFC 5234,
              DOI 10.17487/RFC5234, January 2008,
              <https://www.rfc-editor.org/info/rfc5234>.

   [RFC7252]  Shelby, Z., Hartke, K., and C. Bormann, "The Constrained
              Application Protocol (CoAP)", RFC 7252,
              DOI 10.17487/RFC7252, June 2014,
              <https://www.rfc-editor.org/info/rfc7252>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/info/rfc8174>.

   [RFC8428]  Jennings, C., Shelby, Z., Arkko, J., Keranen, A., and C.
              Bormann, "Sensor Measurement Lists (SenML)", RFC 8428,
              DOI 10.17487/RFC8428, August 2018,
              <https://www.rfc-editor.org/info/rfc8428>.

   [RFC9110]  Fielding, R., Nottingham, M., and J. Reschke, "HTTP
              Semantics", STD 97, RFC 9110, DOI 10.17487/RFC9110,
              February 2022, <https://www.rfc-editor.org/rfc/rfc9110>.

9.2.  Informative References

   [RFC1590]  Postel, J., "Media Type Registration Procedure", RFC 1590,
              DOI 10.17487/RFC1590, March 1994,
              <https://www.rfc-editor.org/info/rfc1590>.

   [RFC4180]  Shafranovich, Y., "Common Format and MIME Type for Comma-
              Separated Values (CSV) Files", RFC 4180,
              DOI 10.17487/RFC4180, October 2005,
              <https://www.rfc-editor.org/info/rfc4180>.

   [RFC4648]  Josefsson, S., "The Base16, Base32, and Base64 Data
              Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006,
              <https://www.rfc-editor.org/info/rfc4648>.

   [RFC6690]  Shelby, Z., "Constrained RESTful Environments (CoRE) Link
              Format", RFC 6690, DOI 10.17487/RFC6690, August 2012,
              <https://www.rfc-editor.org/info/rfc6690>.

   [RFC6838]  Freed, N., Klensin, J., and T. Hansen, "Media Type
              Specifications and Registration Procedures", BCP 13,
              RFC 6838, DOI 10.17487/RFC6838, January 2013,
              <https://www.rfc-editor.org/info/rfc6838>.

   [RFC8866]  Begen, A., Kyzivat, P., Perkins, C., and M. Handley, "SDP:
              Session Description Protocol", RFC 8866,
              DOI 10.17487/RFC8866, January 2021,
              <https://www.rfc-editor.org/info/rfc8866>.

   [RFC8949]  Bormann, C. and P. Hoffman, "Concise Binary Object
              Representation (CBOR)", STD 94, RFC 8949,
              DOI 10.17487/RFC8949, December 2020,
              <https://www.rfc-editor.org/info/rfc8949>.

Acknowledgments

   The authors would like to thank Sérgio Abreu for the discussions
   leading to the design of this extension and Isaac Rivera for reviews
   and feedback.  Klaus Hartke suggested not burdening this document
   with a separate mandatory-to-implement version of the fields.  Alexey
   Melnikov, Jim Schaad, and Thomas Fossati provided helpful comments at
   Working Group Last Call.  Marco Tiloca asked for clarifying and using
   the term Content-Format-Spec.

Authors' Addresses

   Ari Keränen
   Ericsson
   FI-02420 Jorvas
   Finland
   Email: ari.keranen@ericsson.com


   Carsten Bormann
   Universität Bremen TZI
   Postfach 330440
   D-28359 Bremen
   Germany
   Phone: +49-421-218-63921
   Email: cabo@tzi.org