Mark, I’m not sure what Gregg is referring to, but here’s a copy/paste of some inconsistencies between the OCF and IETF coap specs that I posted to the mailing list on 4/18/2018. I never got any acknowledgement/response on the issue, so hopefully you’re the right set of eyes to review this.
-The OCF core spec only mentions port 5683 for CoAP communication whereas RFC 8323 section 8.2 says that 5684 should be the default port for coaps+tcp. It also says “A TLS server MAY offer coaps+tcp endpoints on ports other than TCP port 5684, which MUST be ALPN enabled.” Yet ALPN has been explicitly disabled/commented out in our copy of mbedTLS (https://github.com/iotivity/iotivity/blob/master/extlibs/mbedtls/config-iotivity.h). -speaking of ALPN, section 12.3.4 of the OCF core spec states “For the ‘coaps+tcp’ URI scheme the ‘TLS Application Layer Protocol Negotiation Extension’ IETF RFC 7301 shall be used”. Is ALPN implemented somewhere outside of mbedTLS or is this an oversight in the implementation and CTT for not verifying this? For the record, it doesn’t appear at first glance like iotivity-constrained uses any custom config files for mbedTLS so this issue probably only applies to iotivity. -In a recent commit to iotivity-constrained which added TCP support, (https://github.com/iotivity/iotivity-constrained/commit/00d8baee002b658e7f34215bae01bf6d28047646) the code was set up such that when communicating via TCP, “blockwise transfer logic is not executed”. I assume this is because the blockwise transfer code is an implementation of RFC7959 which is focused on UDP. RFC8323 section 6 extends that spec in order to make it a good fit for TCP and it’s explicitly referenced in section 12.3.8 of the OCF core spec. While 12.3.8 only says how the implementation must work IF it’s implemented, section 12.2.8 of the OCF core spec says that blockwise transfer functionality should be present on all clients, as well as servers which, “generate a content payload that would exceed the size of a CoAP datagram as the result of handling any defined CRUDN operation”. I’m interpreting these two sections together as a requirement of the codebase to support RFC8323 compliant block-wise transfers over TCP, and I assume any device with OTA update support would need to deal with payloads larger than a CoAP datagram so this isn’t exactly an edge case. Should the CTT be testing for this? From: iotivity-dev@lists.iotivity.org [mailto:iotivity-dev@lists.iotivity.org] On Behalf Of Mark Trayer Sent: Wednesday, July 25, 2018 4:29 PM To: Gregg Reynolds <d...@mobileink.com> Cc: iotivity-dev <iotivity-dev@lists.iotivity.org>; Heldt-Sheller, Nathan <nathan.heldt-shel...@intel.com> Subject: Re: [dev] News Greetings, “Case in point: the 2.0 Cloud spec is incompatible with the core spec.” Could you expand on that some (if it’s broke, we’d like to fix it)? Best, Mark. From: iotivity-dev@lists.iotivity.org<mailto:iotivity-dev@lists.iotivity.org> [mailto:iotivity-dev@lists.iotivity.org] On Behalf Of Gregg Reynolds Sent: Wednesday, July 25, 2018 2:33 PM To: Heldt-Sheller, Nathan <nathan.heldt-shel...@intel.com<mailto:nathan.heldt-shel...@intel.com>> Cc: iotivity-dev <iotivity-dev@lists.iotivity.org<mailto:iotivity-dev@lists.iotivity.org>> Subject: Re: [dev] News On Wed, Jul 25, 2018, 2:29 PM Gregg Reynolds <d...@mobileink.com<mailto:d...@mobileink.com>> wrote: On Tue, Jul 24, 2018, 6:17 PM Heldt-Sheller, Nathan <nathan.heldt-shel...@intel.com<mailto:nathan.heldt-shel...@intel.com>> wrote: Yeah, but the OCF specification development and review process definitely requires OCF membership, no way around that for IP reasons etc… so we can’t take that to IoTivity Nobody is asking to change that. Deliberations and votes are members-only. That is compatible with community feedback at any time in the process. Please look at the way w3c works. Members settle on a final draft. You publish it as e.g. 2.0-RC1 and give the community a month or two to provide feedback. Members then decide whether feedback merits changes. Not complicated. Boils down to: do you want to catch bugs before or after Release? Case in point: the 2.0 Cloud spec is incompatible with the core spec. G -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#9812): https://lists.iotivity.org/g/iotivity-dev/message/9812 Mute This Topic: https://lists.iotivity.org/mt/23757849/21656 Group Owner: iotivity-dev+ow...@lists.iotivity.org Unsubscribe: https://lists.iotivity.org/g/iotivity-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
