rfc9668.original.xml   rfc9668.xml 
<?xml version='1.0' encoding='utf-8'?> <?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE rfc [ <!DOCTYPE rfc [
<!ENTITY nbsp "&#160;"> <!ENTITY nbsp "&#160;">
<!ENTITY zwsp "&#8203;"> <!ENTITY zwsp "&#8203;">
<!ENTITY nbhy "&#8209;"> <!ENTITY nbhy "&#8209;">
<!ENTITY wj "&#8288;"> <!ENTITY wj "&#8288;">
]> ]>
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
<!-- generated by https://github.com/cabo/kramdown-rfc version (Ruby 3.1.2) --> <rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft -ietf-core-oscore-edhoc-11" number="9668" updates="" obsoletes="" category="std"
-ietf-core-oscore-edhoc-11" category="std" consensus="true" submissionType="IETF consensus="true" submissionType="IETF" tocInclude="true" sortRefs="true" symRef
" tocInclude="true" sortRefs="true" symRefs="true" version="3"> s="true" version="3" xml:lang="en">
<!-- xml2rfc v2v3 conversion 3.18.0 -->
<front> <front>
<title abbrev="Using EDHOC with CoAP and OSCORE">Using Ephemeral Diffie-Hell man Over COSE (EDHOC) with the Constrained Application Protocol (CoAP) and Objec t Security for Constrained RESTful Environments (OSCORE)</title> <title abbrev="Using EDHOC with CoAP and OSCORE">Using Ephemeral Diffie-Hell man Over COSE (EDHOC) with the Constrained Application Protocol (CoAP) and Objec t Security for Constrained RESTful Environments (OSCORE)</title>
<seriesInfo name="Internet-Draft" value="draft-ietf-core-oscore-edhoc-11"/> <seriesInfo name="RFC" value="9668"/>
<author initials="F." surname="Palombini" fullname="Francesca Palombini"> <author initials="F." surname="Palombini" fullname="Francesca Palombini">
<organization>Ericsson</organization> <organization>Ericsson AB</organization>
<address> <address>
<postal>
<street>Torshamnsgatan 23</street>
<city>Kista</city>
<code>164 40</code>
<country>Sweden</country>
</postal>
<email>francesca.palombini@ericsson.com</email> <email>francesca.palombini@ericsson.com</email>
</address> </address>
</author> </author>
<author initials="M." surname="Tiloca" fullname="Marco Tiloca"> <author initials="M." surname="Tiloca" fullname="Marco Tiloca">
<organization>RISE AB</organization> <organization>RISE AB</organization>
<address> <address>
<postal> <postal>
<street>Isafjordsgatan 22</street> <street>Isafjordsgatan 22</street>
<city>Kista</city> <city>Kista</city>
<code>16440 Stockholm</code> <code>164 40</code>
<country>Sweden</country> <country>Sweden</country>
</postal> </postal>
<email>marco.tiloca@ri.se</email> <email>marco.tiloca@ri.se</email>
</address> </address>
</author> </author>
<author initials="R." surname="Höglund" fullname="Rikard Höglund"> <author initials="R." surname="Höglund" fullname="Rikard Höglund">
<organization>RISE AB</organization> <organization>RISE AB</organization>
<address> <address>
<postal> <postal>
<street>Isafjordsgatan 22</street> <street>Isafjordsgatan 22</street>
<city>Kista</city> <city>Kista</city>
<code>16440 Stockholm</code> <code>164 40</code>
<country>Sweden</country> <country>Sweden</country>
</postal> </postal>
<email>rikard.hoglund@ri.se</email> <email>rikard.hoglund@ri.se</email>
</address> </address>
</author> </author>
<author initials="S." surname="Hristozov" fullname="Stefan Hristozov"> <author initials="S." surname="Hristozov" fullname="Stefan Hristozov">
<organization>Fraunhofer AISEC</organization> <organization>Eriptic</organization>
<address> <address>
<email>stefan.hristozov@eriptic.com</email> <email>stefan.hristozov@eriptic.com</email>
</address> </address>
</author> </author>
<author initials="G." surname="Selander" fullname="Göran Selander"> <author initials="G." surname="Selander" fullname="Göran Selander">
<organization>Ericsson</organization> <organization>Ericsson</organization>
<address> <address>
<email>goran.selander@ericsson.com</email> <email>goran.selander@ericsson.com</email>
</address> </address>
</author> </author>
<date year="2024" month="April" day="09"/> <date year="2024" month="November"/>
<area>Internet</area> <area>WIT</area>
<workgroup>CoRE Working Group</workgroup> <workgroup>core</workgroup>
<keyword>Internet-Draft</keyword> <keyword>Security</keyword>
<keyword>Key agreement; Secure communication</keyword>
<keyword>Constrained enviornments</keyword>
<keyword>AKE</keyword>
<keyword>lightweight authenticated key exchange</keyword>
<keyword>IoT security</keyword>
<abstract> <abstract>
<t>The lightweight authenticated key exchange protocol Ephemeral Diffie-He llman Over COSE (EDHOC) can be run over the Constrained Application Protocol (Co AP) and used by two peers to establish a Security Context for the security proto col Object Security for Constrained RESTful Environments (OSCORE). This document details this use of the EDHOC protocol, by specifying a number of additional an d optional mechanisms. These especially include an optimization approach for com bining the execution of EDHOC with the first OSCORE transaction. This combinatio n reduces the number of round trips required to set up an OSCORE Security Contex t and to complete an OSCORE transaction using that Security Context.</t> <t>The lightweight authenticated key exchange protocol Ephemeral Diffie-He llman Over COSE (EDHOC) can be run over the Constrained Application Protocol (Co AP) and used by two peers to establish a Security Context for the security proto col Object Security for Constrained RESTful Environments (OSCORE). This document details this use of the EDHOC protocol by specifying a number of additional and optional mechanisms, including an optimization approach for combining the execu tion of EDHOC with the first OSCORE transaction. This combination reduces the nu mber of round trips required to set up an OSCORE Security Context and to complet e an OSCORE transaction using that Security Context.</t>
</abstract> </abstract>
<note removeInRFC="true">
<name>Discussion Venues</name>
<t>Discussion of this document takes place on the
Constrained RESTful Environments Working Group mailing list (core@ietf.org),
which is archived at <eref target="https://mailarchive.ietf.org/arch/browse/co
re/"/>.</t>
<t>Source for this draft and an issue tracker can be found at
<eref target="https://github.com/core-wg/oscore-edhoc"/>.</t>
</note>
</front> </front>
<middle> <middle>
<section anchor="introduction"> <section anchor="introduction">
<name>Introduction</name> <name>Introduction</name>
<t>Ephemeral Diffie-Hellman Over COSE (EDHOC) <xref target="RFC9528"/> is <t>Ephemeral Diffie-Hellman Over COSE (EDHOC) <xref target="RFC9528"/> is
a lightweight authenticated key exchange protocol, especially intended for use i a lightweight authenticated key exchange protocol that is specifically intended
n constrained scenarios. In particular, EDHOC messages can be transported over t for use in constrained scenarios. In particular, EDHOC messages can be transport
he Constrained Application Protocol (CoAP) <xref target="RFC7252"/> and used for ed over the Constrained Application Protocol (CoAP) <xref target="RFC7252"/> and
establishing a Security Context for Object Security for Constrained RESTful Env used for establishing a Security Context for Object Security for Constrained RE
ironments (OSCORE) <xref target="RFC8613"/>.</t> STful Environments (OSCORE) <xref target="RFC8613"/>.</t>
<t>This document details the use of the EDHOC protocol with CoAP and OSCOR <t>This document details the use of the EDHOC protocol with CoAP and OSCOR
E, and specifies a number of additional and optional mechanisms. These especiall E and specifies a number of additional and optional mechanisms. These include an
y include an optimization approach that combines the EDHOC execution with the fi optimization approach that combines the EDHOC execution with the first OSCORE t
rst OSCORE transaction (see <xref target="edhoc-in-oscore"/>). This allows for a ransaction (see <xref target="edhoc-in-oscore"/>). This allows for a minimum num
minimum number of two round trips necessary to setup the OSCORE Security Contex ber of two round trips necessary to set up the OSCORE Security Context and compl
t and complete an OSCORE transaction, e.g., when an IoT device gets configured i ete an OSCORE transaction, e.g., when an Internet of Things (IoT) device gets co
n a network for the first time.</t> nfigured in a network for the first time.</t>
<t>This optimization is desirable, since the number of message exchanges c <t>This optimization is desirable since the number of message exchanges ca
an have a substantial impact on the latency of conveying the first OSCORE reques n have a substantial impact on the latency of conveying the first OSCORE request
t, when using certain radio technologies.</t> when using certain radio technologies.</t>
<t>Without this optimization, it is not possible to achieve the minimum nu <t>Without this optimization, it is not possible to achieve the minimum nu
mber of two round trips. This optimization makes it possible, since the message_ mber of two round trips. This optimization makes it possible since the message_3
3 of the EDHOC protocol can be made relatively small (see <xref section="1.2" se of the EDHOC protocol can be made relatively small (see <xref section="1.2" sec
ctionFormat="of" target="RFC9528"/>), thus allowing additional OSCORE-protected tionFormat="of" target="RFC9528"/>), thus allowing additional OSCORE-protected C
CoAP data within target MTU sizes.</t> oAP data within target MTU sizes.</t>
<t>The minimum number of two round trips can be achieved only if the defau
lt, forward message flow of EDHOC is used, i.e., when a CoAP client acts as EDHO <t>The minimum number of two round trips can be achieved only if the default for
C Initiator and a CoAP server acts as EDHOC Responder. The performance advantage ward message flow of EDHOC is used, i.e., when a CoAP client acts as EDHOC Initi
of using this optimization can be lost when used in combination with Block-wise ator and a CoAP server acts as EDHOC Responder. The performance advantage of usi
transfers <xref target="RFC7959"/> that rely on specific parameter values and b ng this optimization can be lost when used in combination with Block-wise transf
lock sizes.</t> ers <xref target="RFC7959"/> that rely on specific parameter values and block si
<t>Furthermore, this document defines a number of parameters corresponding zes.</t>
to different information elements of an EDHOC application profile (see <xref ta <t>Furthermore, this document defines a number of parameters corresponding to
rget="web-linking"/>). These can be specified as target attributes in the link t different information elements of an EDHOC application profile (see <xref target
o an EDHOC resource associated with that application profile, thus enabling an e ="web-linking"/>). These parameters can be specified as target attributes in the
nhanced discovery of such a resource for CoAP clients.</t> link to an
EDHOC resource associated with that application profile, thus enabling an
enhanced discovery of such a resource for CoAP clients.
</t>
<section anchor="terminology"> <section anchor="terminology">
<name>Terminology</name> <name>Terminology</name>
<t>The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp <t>The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>",
14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL
NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECO NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>",
MMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
"<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to be i "<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document
nterpreted as are to be interpreted as described in BCP 14 <xref target="RFC2119"/>
described in BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and <xref target="RFC8174"/> when, and only when, they appear in all
only when, they capitals, as shown here.</t>
appear in all capitals, as shown here.</t> <t>The reader is expected to be familiar with terms and concepts defined
<t>The reader is expected to be familiar with terms and concepts defined in CoAP <xref target="RFC7252"/>, Concise Binary Object Representation (CBOR) <
in CoAP <xref target="RFC7252"/>, CBOR <xref target="RFC8949"/>, OSCORE <xref t xref target="RFC8949"/>, OSCORE <xref target="RFC8613"/>, and EDHOC <xref target
arget="RFC8613"/>, and EDHOC <xref target="RFC9528"/>.</t> ="RFC9528"/>.</t>
</section> </section>
</section> </section>
<section anchor="overview"> <section anchor="overview">
<name>EDHOC Overview</name> <name>EDHOC Overview</name>
<t>This section is not normative and summarizes what is specified in <xref <t>This section is not normative and summarizes what is specified in <xref
target="RFC9528"/>, in particular its Appendix A.2. Thus, it provides a baselin target="RFC9528"/> (specifically <xref target="RFC9528" sectionFormat="of" sect
e for the enhancements in the subsequent sections.</t> ion="A.2"></xref>). Thus, it provides a baseline for the enhancements in the sub
<t>The EDHOC protocol specified in <xref target="RFC9528"/> allows two pee sequent sections.</t>
rs to agree on a cryptographic secret, in a mutually-authenticated way and by us <t>The EDHOC protocol specified in <xref target="RFC9528"/> allows two pee
ing Diffie-Hellman ephemeral keys to achieve forward secrecy. The two peers are rs to agree on a cryptographic secret in a mutually-authenticated way and achiev
denoted as Initiator and Responder, as the one sending or receiving the initial es forward secrecy by using Diffie-Hellman ephemeral keys. The two peers are den
EDHOC message_1, respectively.</t> oted as the "Initiator" and "Responder", as the one sending or receiving the ini
<t>After successful processing of EDHOC message_3, both peers agree on a c tial EDHOC message_1, respectively.</t>
ryptographic secret that can be used to derive further security material, and es <t>After successful processing of EDHOC message_3, both peers agree on a c
pecially to establish an OSCORE Security Context <xref target="RFC8613"/>. The R ryptographic secret that can be used to derive further security material and est
esponder can also send an optional EDHOC message_4 to achieve key confirmation, ablish an OSCORE Security Context <xref target="RFC8613"/>. The Responder can al
e.g., in deployments where no protected application message is sent from the Res so send an optional EDHOC message_4 in order for the Initiator to achieve key co
ponder to the Initiator.</t> nfirmation, e.g., in deployments where no protected application message is sent
<t><xref section="A.2" sectionFormat="of" target="RFC9528"/> specifies how from the Responder to the Initiator.</t>
to transfer EDHOC over CoAP. That is, the EDHOC data (i.e., the EDHOC message p <t><xref section="A.2" sectionFormat="of" target="RFC9528"/> specifies how
ossibly with a prepended connection identifier) are transported in the payload o to transfer EDHOC over CoAP. That is, the EDHOC data (i.e., the EDHOC message
f CoAP requests and responses. The default, forward message flow of EDHOC consis possibly with a prepended connection identifier) is transported in the payload o
ts in the CoAP client acting as Initiator and the CoAP server acting as Responde f CoAP requests and responses. The default forward message flow of EDHOC consist
r (see <xref section="A.2.1" sectionFormat="of" target="RFC9528"/>). Alternative s in the CoAP client acting as Initiator and the CoAP server acting as Responder
ly, the two roles can be reversed, as per the reverse message flow of EDHOC (see (see <xref section="A.2.1" sectionFormat="of" target="RFC9528"/>). Alternativel
<xref section="A.2.2" sectionFormat="of" target="RFC9528"/>). In the rest of th y, the two roles can be reversed as per the reverse message flow of EDHOC (see <
is document, EDHOC messages are considered to be transferred over CoAP.</t> xref section="A.2.2" sectionFormat="of" target="RFC9528"/>). In the rest of this
<t><xref target="fig-non-combined"/> shows a successful execution of EDHOC document, EDHOC messages are considered to be transferred over CoAP.</t>
, with a CoAP client and a CoAP server running EDHOC as Initiator and Responder, <t><xref target="fig-non-combined"/> shows a successful execution of EDHOC
respectively. In particular, it extends Figure 10 from <xref section="A.2.1" se , with a CoAP client and a CoAP server running EDHOC as Initiator and Responder,
ctionFormat="of" target="RFC9528"/>, by highlighting when the two peers perform respectively. In particular, it extends Figure 10 from <xref section="A.2.1" se
EDHOC verification and establish the OSCORE Security Context, and by adding an e ctionFormat="of" target="RFC9528"/> by highlighting when the two peers perform E
xchange of OSCORE-protected CoAP messages after completing the EDHOC execution.< DHOC verification and establish the OSCORE Security Context, and by adding an ex
/t> change of OSCORE-protected CoAP messages after completing the EDHOC execution.</
<t>That is, the client sends a POST request to a reserved <em>EDHOC resour t>
ce</em> at the server, by default at the Uri-Path "/.well-known/edhoc". The requ <t>That is, the client sends a POST request to a reserved EDHOC resource a
est payload consists of the CBOR simple value <tt>true</tt> (0xf5) concatenated t the server, by default at the Uri-Path "/.well-known/edhoc". The request paylo
with EDHOC message_1, which also includes the EDHOC connection identifier C_I of ad consists of the CBOR simple value <tt>true</tt> (0xf5) concatenated with EDHO
the client encoded as per <xref section="3.3" sectionFormat="of" target="RFC952 C message_1, which also includes the EDHOC connection identifier C_I of the clie
8"/>. The request has Content-Format application/cid-edhoc+cbor-seq.</t> nt encoded as per <xref section="3.3" sectionFormat="of" target="RFC9528"/>. The
request has Content-Format application/cid-edhoc+cbor-seq.</t>
<t>This triggers the EDHOC execution at the server, which replies with a 2 .04 (Changed) response. The response payload consists of EDHOC message_2, which also includes the EDHOC connection identifier C_R of the server encoded as per < xref section="3.3" sectionFormat="of" target="RFC9528"/>. The response has Conte nt-Format application/edhoc+cbor-seq.</t> <t>This triggers the EDHOC execution at the server, which replies with a 2 .04 (Changed) response. The response payload consists of EDHOC message_2, which also includes the EDHOC connection identifier C_R of the server encoded as per < xref section="3.3" sectionFormat="of" target="RFC9528"/>. The response has Conte nt-Format application/edhoc+cbor-seq.</t>
<t>Finally, the client sends a POST request to the same EDHOC resource use <t>Finally, the client sends a POST request to the same EDHOC resource use
d earlier when it sent EDHOC message_1. The request payload consists of the EDHO d earlier when it sent EDHOC message_1. The request payload consists of the EDHO
C connection identifier C_R encoded as per <xref section="3.3" sectionFormat="of C connection identifier C_R encoded as per <xref section="3.3" sectionFormat="of
" target="RFC9528"/>, concatenated with EDHOC message_3. The request has Content " target="RFC9528"/> concatenated with EDHOC message_3. The request has Content-
-Format application/cid-edhoc+cbor-seq.</t> Format application/cid-edhoc+cbor-seq.</t>
<t>After this exchange takes place, and after successful verifications as <t>After this exchange takes place, and after successful verifications as
specified in the EDHOC protocol, the client and server can derive an OSCORE Secu specified in the EDHOC protocol, the client and server can derive an OSCORE Secu
rity Context, as defined in <xref section="A.1" sectionFormat="of" target="RFC95 rity Context as defined in <xref section="A.1" sectionFormat="of" target="RFC952
28"/>. After that, they can use OSCORE to protect their communications as per <x 8"/>. After that, the client and server can use OSCORE to protect their communic
ref target="RFC8613"/>. Note that the EDHOC Connection Identifier C_R is used as ations as per <xref target="RFC8613"/>. Note that the EDHOC connection identifie
the OSCORE Sender ID of the client (see <xref section="A.1" sectionFormat="of" r C_R is used as the OSCORE Sender ID of the client (see <xref section="A.1" sec
target="RFC9528"/>). Therefore, C_R is transported in the 'kid' field of the OSC tionFormat="of" target="RFC9528"/>). Therefore, C_R is transported in the 'kid'
ORE Option of the OSCORE Request (see <xref section="6.1" sectionFormat="of" tar field of the OSCORE option of the OSCORE Request (see <xref section="6.1" sectio
get="RFC8613"/>).</t> nFormat="of" target="RFC8613"/>).</t>
<t>The client and server are required to agree in advance on certain infor <t>The client and server are required to agree in advance on certain infor
mation and parameters describing how they should use EDHOC. These are specified mation and parameters describing how they should use EDHOC. These are specified
in an application profile associated with the EDHOC resource addressed (see <xre in an application profile associated with the EDHOC resource addressed (see <xre
f section="3.9" sectionFormat="of" target="RFC9528"/>.</t> f section="3.9" sectionFormat="of" target="RFC9528"/>).</t>
<figure anchor="fig-non-combined"> <figure anchor="fig-non-combined">
<name>EDHOC and OSCORE run sequentially. The optional message_4 is inclu <name>Sequential Flow of EDHOC and OSCORE with the Optional message_4
ded in this example.</name> Included</name>
<artset> <artset>
<artwork type="svg" align="center"><svg xmlns="http://www.w3.org/2000/ svg" version="1.1" height="768" width="544" viewBox="0 0 544 768" class="diagram " text-anchor="middle" font-family="monospace" font-size="13px"> <artwork type="svg" align="center"><svg xmlns="http://www.w3.org/2000/ svg" version="1.1" height="768" width="544" viewBox="0 0 544 768" class="diagram " text-anchor="middle" font-family="monospace" font-size="13px">
<path d="M 64,64 L 64,256" fill="none" stroke="black"/> <path d="M 64,64 L 64,256" fill="none" stroke="black"/>
<path d="M 64,288 L 64,544" fill="none" stroke="black"/> <path d="M 64,288 L 64,544" fill="none" stroke="black"/>
<path d="M 64,592 L 64,752" fill="none" stroke="black"/> <path d="M 64,592 L 64,752" fill="none" stroke="black"/>
<path d="M 488,64 L 488,384" fill="none" stroke="black"/> <path d="M 488,64 L 488,384" fill="none" stroke="black"/>
<path d="M 488,464 L 488,752" fill="none" stroke="black"/> <path d="M 488,464 L 488,752" fill="none" stroke="black"/>
<path d="M 80,96 L 208,96" fill="none" stroke="black"/> <path d="M 80,96 L 208,96" fill="none" stroke="black"/>
<path d="M 336,96 L 472,96" fill="none" stroke="black"/> <path d="M 336,96 L 472,96" fill="none" stroke="black"/>
<path d="M 80,192 L 208,192" fill="none" stroke="black"/> <path d="M 80,192 L 208,192" fill="none" stroke="black"/>
skipping to change at line 279 skipping to change at line 291
| Payload: OSCORE-protected data | | Payload: OSCORE-protected data |
| | | |
| <--------------- OSCORE Response ----------------- | | <--------------- OSCORE Response ----------------- |
| Header: 2.04 (Changed) | | Header: 2.04 (Changed) |
| OSCORE: { ... } | | OSCORE: { ... } |
| Payload: OSCORE-protected data | | Payload: OSCORE-protected data |
| | | |
]]></artwork> ]]></artwork>
</artset> </artset>
</figure> </figure>
<t>As shown in <xref target="fig-non-combined"/>, this sequential flow whe <t> The sequential flow of EDHOC and OSCORE (where EDHOC runs first and
re EDHOC is run first and then OSCORE is used takes three round trips to complet OSCORE is used after) takes three round trips to complete, as shown in <xref t
e.</t> arget="fig-non-combined"/>.</t>
<t><xref target="edhoc-in-oscore"/> defines an optimization for combining <t><xref target="edhoc-in-oscore"/> defines an optimization for combining
EDHOC with the first OSCORE transaction. This reduces the number of round trips EDHOC with the first OSCORE transaction. This reduces the number of round trips
required to set up an OSCORE Security Context and to complete an OSCORE transact required to set up an OSCORE Security Context and complete an OSCORE transaction
ion using that Security Context.</t> using that Security Context.</t>
</section> </section>
<section anchor="edhoc-in-oscore"> <section anchor="edhoc-in-oscore">
<name>EDHOC Combined with OSCORE</name> <name>EDHOC Combined with OSCORE</name>
<t>This section defines an optimization for combining the EDHOC message ex change with the first OSCORE transaction, thus minimizing the number of round tr ips between the two peers to the absolute possible minimum of two round trips.</ t> <t>This section defines an optimization for combining the EDHOC message ex change with the first OSCORE transaction, thus minimizing the number of round tr ips between the two peers to the absolute possible minimum of two round trips.</ t>
<t>To this end, this approach can be used only if the default, forward mes sage flow of EDHOC is used, i.e., when the client acts as Initiator and the serv er acts as Responder. The same is not possible in the case with reversed roles a s per the reverse message flow of EDHOC.</t> <t>To this end, this approach can be used only if the default forward mess age flow of EDHOC is used, i.e., when the client acts as Initiator and the serve r acts as Responder. The same is not possible in the case with reversed roles as per the reverse message flow of EDHOC.</t>
<t>When running the sequential flow of <xref target="overview"/>, the clie nt has all the information to derive the OSCORE Security Context already after r eceiving EDHOC message_2 and before sending EDHOC message_3.</t> <t>When running the sequential flow of <xref target="overview"/>, the clie nt has all the information to derive the OSCORE Security Context already after r eceiving EDHOC message_2 and before sending EDHOC message_3.</t>
<t>Hence, the client can potentially send both EDHOC message_3 and the sub sequent OSCORE Request at the same time. On a semantic level, this requires send ing two REST requests at once, as in <xref target="fig-combined"/>.</t> <t>Hence, the client can potentially send both EDHOC message_3 and the sub sequent OSCORE Request at the same time. On a semantic level, this requires send ing two REST requests at once as shown in <xref target="fig-combined"/>.</t>
<figure anchor="fig-combined"> <figure anchor="fig-combined">
<name>EDHOC and OSCORE combined.</name> <name>EDHOC and OSCORE Combined</name>
<artset> <artset>
<artwork type="svg" align="center"><svg xmlns="http://www.w3.org/2000/ svg" version="1.1" height="576" width="552" viewBox="0 0 552 576" class="diagram " text-anchor="middle" font-family="monospace" font-size="13px"> <artwork type="svg" align="center"><svg xmlns="http://www.w3.org/2000/ svg" version="1.1" height="576" width="552" viewBox="0 0 552 576" class="diagram " text-anchor="middle" font-family="monospace" font-size="13px">
<path d="M 64,64 L 64,240" fill="none" stroke="black"/> <path d="M 64,64 L 64,240" fill="none" stroke="black"/>
<path d="M 64,320 L 64,560" fill="none" stroke="black"/> <path d="M 64,320 L 64,560" fill="none" stroke="black"/>
<path d="M 496,64 L 496,400" fill="none" stroke="black"/> <path d="M 496,64 L 496,400" fill="none" stroke="black"/>
<path d="M 496,480 L 496,560" fill="none" stroke="black"/> <path d="M 496,480 L 496,560" fill="none" stroke="black"/>
<path d="M 80,80 L 216,80" fill="none" stroke="black"/> <path d="M 80,80 L 216,80" fill="none" stroke="black"/>
<path d="M 344,80 L 480,80" fill="none" stroke="black"/> <path d="M 344,80 L 480,80" fill="none" stroke="black"/>
<path d="M 80,176 L 216,176" fill="none" stroke="black"/> <path d="M 80,176 L 216,176" fill="none" stroke="black"/>
<path d="M 344,176 L 480,176" fill="none" stroke="black"/> <path d="M 344,176 L 480,176" fill="none" stroke="black"/>
skipping to change at line 333 skipping to change at line 346
<text x="252" y="116">"/.well-known/edhoc"</text> <text x="252" y="116">"/.well-known/edhoc"</text>
<text x="152" y="132">Content-Format:</text> <text x="152" y="132">Content-Format:</text>
<text x="340" y="132">application/cid-edhoc+cbor-seq</text> <text x="340" y="132">application/cid-edhoc+cbor-seq</text>
<text x="124" y="148">Payload:</text> <text x="124" y="148">Payload:</text>
<text x="184" y="148">true,</text> <text x="184" y="148">true,</text>
<text x="232" y="148">EDHOC</text> <text x="232" y="148">EDHOC</text>
<text x="296" y="148">message_1</text> <text x="296" y="148">message_1</text>
<text x="248" y="180">EDHOC</text> <text x="248" y="180">EDHOC</text>
<text x="308" y="180">Response</text> <text x="308" y="180">Response</text>
<text x="160" y="196">Header:</text> <text x="160" y="196">Header:</text>
<text x="224" y="196">Changed</text> <text x="224" y="196">2.04</text>
<text x="284" y="196">(2.04)</text> <text x="284" y="196">(Changed)</text>
<text x="192" y="212">Content-Format:</text> <text x="192" y="212">Content-Format:</text>
<text x="364" y="212">application/edhoc+cbor-seq</text> <text x="364" y="212">application/edhoc+cbor-seq</text>
<text x="164" y="228">Payload:</text> <text x="164" y="228">Payload:</text>
<text x="224" y="228">EDHOC</text> <text x="224" y="228">EDHOC</text>
<text x="288" y="228">message_2</text> <text x="288" y="228">message_2</text>
<text x="24" y="260">EDHOC</text> <text x="24" y="260">EDHOC</text>
<text x="100" y="260">verification</text> <text x="100" y="260">verification</text>
<text x="64" y="276">+</text> <text x="64" y="276">+</text>
<text x="36" y="292">OSCORE</text> <text x="36" y="292">OSCORE</text>
<text x="80" y="292">Sec</text> <text x="80" y="292">Sec</text>
skipping to change at line 400 skipping to change at line 413
CoAP client CoAP server CoAP client CoAP server
(EDHOC Initiator) (EDHOC Responder) (EDHOC Initiator) (EDHOC Responder)
| | | |
| ------------------ EDHOC Request -----------------> | | ------------------ EDHOC Request -----------------> |
| Header: 0.02 (POST) | | Header: 0.02 (POST) |
| Uri-Path: "/.well-known/edhoc" | | Uri-Path: "/.well-known/edhoc" |
| Content-Format: application/cid-edhoc+cbor-seq | | Content-Format: application/cid-edhoc+cbor-seq |
| Payload: true, EDHOC message_1 | | Payload: true, EDHOC message_1 |
| | | |
| <----------------- EDHOC Response------------------ | | <----------------- EDHOC Response------------------ |
| Header: Changed (2.04) | | Header: 2.04 (Changed) |
| Content-Format: application/edhoc+cbor-seq | | Content-Format: application/edhoc+cbor-seq |
| Payload: EDHOC message_2 | | Payload: EDHOC message_2 |
| | | |
EDHOC verification | EDHOC verification |
+ | + |
OSCORE Sec Ctx | OSCORE Sec Ctx |
Derivation | Derivation |
| | | |
| -------------- EDHOC + OSCORE Request ------------> | | -------------- EDHOC + OSCORE Request ------------> |
| Header: 0.02 (POST) | | Header: 0.02 (POST) |
skipping to change at line 428 skipping to change at line 441
| | | |
| <--------------- OSCORE Response ------------------ | | <--------------- OSCORE Response ------------------ |
| Header: 2.04 (Changed) | | Header: 2.04 (Changed) |
| OSCORE: { ... } | | OSCORE: { ... } |
| Payload: OSCORE-protected data | | Payload: OSCORE-protected data |
| | | |
]]></artwork> ]]></artwork>
</artset> </artset>
</figure> </figure>
<t>To this end, the specific approach defined in this section consists of sending a single EDHOC + OSCORE request, which conveys the pair (C_R, EDHOC mess age_3) within an OSCORE-protected CoAP message.</t> <t>To this end, the specific approach defined in this section consists of sending a single EDHOC + OSCORE request, which conveys the pair (C_R, EDHOC mess age_3) within an OSCORE-protected CoAP message.</t>
<t>That is, the EDHOC + OSCORE request is composed of the following two pa <t>That is, the EDHOC + OSCORE request is composed of the following two
rts combined together in a single CoAP message. The steps for processing the EDH parts combined together in a single CoAP message. The steps for
OC + OSCORE request and the two parts combined in there are defined in <xref tar processing the EDHOC + OSCORE request and the two parts combined in the
get="client-processing"/> and <xref target="server-processing"/>.</t> request itself are defined in Sections <xref target="client-processing"
format="counter"/> and <xref target="server-processing"
format="counter"/>.</t>
<ul spacing="normal"> <ul spacing="normal">
<li>The OSCORE Request from <xref target="fig-non-combined"/>, which is also in this case sent to a protected resource, with the correct CoAP method and options intended for accessing that resource.</li> <li>The OSCORE Request from <xref target="fig-non-combined"/>, which, in this case, is also sent to a protected resource with the correct CoAP method an d options intended for accessing that resource.</li>
<li> <li>
<t>EDHOC data consisting of the pair (C_R, EDHOC message_3) required f or completing the EDHOC session, transported as follows: </t> <t>EDHOC data consisting of the pair (C_R, EDHOC message_3) required f or completing the EDHOC session transported as follows: </t>
<ul spacing="normal"> <ul spacing="normal">
<li>C_R is the OSCORE Sender ID of the client and hence transported <li>C_R is the OSCORE Sender ID of the client; hence, it is transpor
in the 'kid' field of the OSCORE Option (see <xref section="6.1" sectionFormat=" ted in the 'kid' field of the OSCORE option (see <xref section="6.1" sectionForm
of" target="RFC8613"/>). Unlike in the sequential workflow shown in <xref target at="of" target="RFC8613"/>). Unlike the sequential workflow shown in <xref targe
="fig-non-combined"/>, C_R is thus not transported in the payload of the EDHOC + t="fig-non-combined"/>, C_R is not transported in the payload of the EDHOC + OSC
OSCORE request.</li> ORE request.</li>
<li>EDHOC message_3 is transported in the payload of the EDHOC + OSC <li>EDHOC message_3 is transported in the payload of the EDHOC + OSC
ORE request, prepended to the payload of the OSCORE Request. This is because EDH ORE request and prepended to the payload of the OSCORE Request. This is because
OC message_3 may be too large to be included in a CoAP Option, e.g., when convey EDHOC message_3 may be too large to be included in a CoAP option, e.g., when con
ing a large public key certificate chain as ID_CRED_I (see <xref section="3.5.3" veying a large public key certificate chain in the ID_CRED_I field (see <xref se
sectionFormat="of" target="RFC9528"/>) or when conveying large External Authori ction="3.5.3" sectionFormat="of" target="RFC9528"/>), or when conveying large Ex
zation Data as EAD_3 (see <xref section="3.8" sectionFormat="of" target="RFC9528 ternal Authorization Data in the EAD_3 field (see <xref section="3.8" sectionFor
"/>).</li> mat="of" target="RFC9528"/>).</li>
</ul> </ul>
</li> </li>
</ul> </ul>
<t>The rest of this section specifies how to transport the data in the EDH OC + OSCORE request and their processing order. In particular, the use of this a pproach is explicitly signalled by including an EDHOC Option (see <xref target=" edhoc-option"/>) in the EDHOC + OSCORE request. The processing of the EDHOC + OS CORE request is specified in <xref target="client-processing-intro"/> for the cl ient side and in <xref target="server-processing-intro"/> for the server side.</ t> <t>The rest of this section specifies how to transport the data in the EDH OC + OSCORE request and their processing order. In particular, the use of this a pproach is explicitly signalled by including an EDHOC option (<xref target="edho c-option"/>) in the EDHOC + OSCORE request. The processing of the EDHOC + OSCORE request is specified in <xref target="client-processing-intro"/> for the client side and in <xref target="server-processing-intro"/> for the server side.</t>
<section anchor="edhoc-option"> <section anchor="edhoc-option">
<name>EDHOC Option</name> <name>EDHOC Option</name>
<t>This section defines the EDHOC Option. The option is used in a CoAP r <t>This section defines the EDHOC option. This option is used in a CoAP
equest, to signal that the request payload conveys both an EDHOC message_3 and O request to signal that the request payload conveys both an EDHOC message_3 and O
SCORE-protected data, combined together.</t> SCORE-protected data combined together.</t>
<t>The EDHOC Option has the properties summarized in <xref target="fig-e
dhoc-option"/>, which extends Table 4 of <xref target="RFC7252"/>. The option is <t>The EDHOC option has the properties summarized in <xref target="fig-e
Critical, Safe-to-Forward, and part of the Cache-Key. The option <bcp14>MUST</b dhoc-option"/>, which extends Table 4 of <xref target="RFC7252"/>.
cp14> occur at most once and <bcp14>MUST</bcp14> be empty. If any value is sent, The option is Critical, Safe-to-Forward, and part of the Cache-Key. The option
the recipient <bcp14>MUST</bcp14> ignore it. (Future documents may update the d <bcp14>MUST</bcp14> occur at most once and <bcp14>MUST</bcp14> be empty. If any
efinition of the option, by expanding its semantics and specifying admitted valu value is sent, the recipient <bcp14>MUST</bcp14> ignore it. (Future documents ma
es.) The option is intended only for CoAP requests and is of Class U for OSCORE y update the definition of the option by expanding its semantics and specifying
<xref target="RFC8613"/>.</t> admitted values.) The option is intended only for CoAP requests and is of Class
<table align="center" anchor="fig-edhoc-option"> U for OSCORE <xref target="RFC8613"/>.</t>
<name>The EDHOC Option. C=Critical, U=Unsafe, N=NoCacheKey, R=Repeata
ble</name> <table align="center" anchor="fig-edhoc-option">
<name>The EDHOC Option. C=Critical, U=Unsafe, N=NoCacheKey, R=Repeatab
le</name>
<thead> <thead>
<tr> <tr>
<th align="left">No.</th> <th align="left">No.</th>
<th align="left">C</th> <th align="left">C</th>
<th align="left">U</th> <th align="left">U</th>
<th align="left">N</th> <th align="left">N</th>
<th align="left">R</th> <th align="left">R</th>
<th align="left">Name</th> <th align="left">Name</th>
<th align="left">Format</th> <th align="left">Format</th>
<th align="left">Length</th> <th align="left">Length</th>
<th align="left">Default</th> <th align="left">Default</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<tr> <tr>
<td align="left">21</td> <td align="left">21</td>
<td align="left">x</td> <td align="left">x</td>
<td align="left"> </td> <td align="left"> </td>
<td align="left"> </td> <td align="left"> </td>
<td align="left"> </td> <td align="left"> </td>
<td align="left">EDHOC</td> <td align="left">EDHOC</td>
<td align="left">Empty</td> <td align="left">Empty</td>
<td align="left">0</td> <td align="left">0</td>
<td align="left">(none)</td> <td align="left">(none)</td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
<t>The presence of this option means that the message payload also conta <t>The presence of this option means that the message payload also conta
ins EDHOC data, which must be extracted and processed as defined in <xref target ins EDHOC data that must be extracted and processed as defined in <xref target="
="server-processing-intro"/>, before the rest of the message can be processed.</ server-processing-intro"/> before the rest of the message can be processed.</t>
t> <t><xref target="fig-edhoc-opt"/> shows an example of a CoAP message tha
<t><xref target="fig-edhoc-opt"/> shows an example of a CoAP message tra t is transported over UDP and that contains both the EDHOC data and the OSCORE c
nsported over UDP and containing both the EDHOC data and the OSCORE ciphertext, iphertext using the newly defined EDHOC option for signalling.</t>
using the newly defined EDHOC option for signalling.</t>
<figure anchor="fig-edhoc-opt"> <figure anchor="fig-edhoc-opt">
<name>Example of CoAP message transported over UDP, combining EDHOC da ta and OSCORE data as signalled with the EDHOC Option.</name> <name>Example of a CoAP Message Containing the Combined EDHOC and OSCO RE Data, Signalled by the EDHOC Option and Transported over UDP</name>
<artwork align="center"><![CDATA[ <artwork align="center"><![CDATA[
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Ver| T | TKL | Code | Message ID | |Ver| T | TKL | Code | Message ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Token (if any, TKL bytes) ... | Token (if any, TKL bytes) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Observe Option| OSCORE Option ... | Observe Option| OSCORE Option ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at line 500 skipping to change at line 521
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
]]></artwork> ]]></artwork>
</figure> </figure>
</section> </section>
<section anchor="client-processing-intro"> <section anchor="client-processing-intro">
<name>Client Processing</name> <name>Client Processing</name>
<t>This section describes the processing on the client side.</t> <t>This section describes the processing on the client side.</t>
<section anchor="client-processing"> <section anchor="client-processing">
<name>Processing of the EDHOC + OSCORE Request</name> <name>Processing of the EDHOC + OSCORE Request</name>
<t>The client prepares an EDHOC + OSCORE request as follows.</t> <t>The client prepares an EDHOC + OSCORE request as follows.</t>
<ol spacing="normal" type="1"><li>Compose EDHOC message_3 into EDHOC_M <ol spacing="normal" type="Step %d." indent="9">
SG_3, as per <xref section="5.4.2" sectionFormat="of" target="RFC9528"/>.</li> <li anchor="L1S1">Compose EDHOC message_3 into EDHOC_MSG_3 as per <xref section=
<li> "5.4.2" sectionFormat="of" target="RFC9528"/>.</li>
<li anchor="L1S2">
<t>Establish the new OSCORE Security Context and use it to encrypt the original CoAP request as per <xref section="8.1" sectionFormat="of" target= "RFC8613"/>. </t> <t>Establish the new OSCORE Security Context and use it to encrypt the original CoAP request as per <xref section="8.1" sectionFormat="of" target= "RFC8613"/>. </t>
<t> <t>
Note that the OSCORE ciphertext is not computed over EDHOC message_3, which is n ot protected by OSCORE. That is, the result of this step is the OSCORE Request a s in <xref target="fig-non-combined"/>.</t> Note that the OSCORE ciphertext is not computed over EDHOC message_3, which is n ot protected by OSCORE. That is, the result of this step is the OSCORE Request a s in <xref target="fig-non-combined"/>.</t>
</li> </li>
<li> <li anchor="L1S3">
<t>Build COMB_PAYLOAD as the concatenation of EDHOC_MSG_3 and OSCO
RE_PAYLOAD in this order: COMB_PAYLOAD = EDHOC_MSG_3 | OSCORE_PAYLOAD, where | d <t>Build COMB_PAYLOAD as the concatenation of EDHOC_MSG_3 and OSCO
enotes byte string concatenation and: </t> RE_PAYLOAD in the order of COMB_PAYLOAD = EDHOC_MSG_3 | OSCORE_PAYLOAD, where |
denotes byte string concatenation and: </t>
<ul spacing="normal"> <ul spacing="normal">
<li>EDHOC_MSG_3 is the binary encoding of EDHOC message_3 result <li>EDHOC_MSG_3 is the binary encoding of EDHOC message_3 result
ing from step 1. As per <xref section="5.4.1" sectionFormat="of" target="RFC9528 ing from <xref target="L1S1" format="none">Step 1</xref>. As per <xref section="
"/>, EDHOC message_3 consists of one CBOR data item CIPHERTEXT_3, which is a CBO 5.4.1" sectionFormat="of" target="RFC9528"/>, EDHOC message_3 consists of one CB
R byte string. Therefore, EDHOC_MSG_3 is the binary encoding of CIPHERTEXT_3.</l OR data item CIPHERTEXT_3, which is a CBOR byte string. Therefore, EDHOC_MSG_3 i
i> s the binary encoding of CIPHERTEXT_3.</li>
<li>OSCORE_PAYLOAD is the OSCORE ciphertext of the OSCORE-protec <li>OSCORE_PAYLOAD is the OSCORE ciphertext of the OSCORE-protec
ted CoAP request resulting from step 2.</li> ted CoAP request resulting from <xref target="L1S2" format="none">Step 2</xref>.
</li>
</ul> </ul>
</li> </li>
<li> <li anchor="L1S4">
<t>Compose the EDHOC + OSCORE request, as the OSCORE-protected CoA
P request resulting from step 2, where the payload is replaced with COMB_PAYLOAD <t>Compose the EDHOC + OSCORE request, as the OSCORE-protected CoA
built at step 3. </t> P request resulting from <xref target="L1S2" format="none">Step 2</xref>, where
the payload is replaced with COMB_PAYLOAD built at <xref target="L1S3" format="n
one">Step 3</xref>.</t>
<t> <t>
Note that the new payload includes EDHOC message_3, but it does not include the Note that the new payload includes EDHOC message_3, but it does n
EDHOC connection identifier C_R. As the client is the EDHOC Initiator, C_R is th ot include the EDHOC connection identifier C_R.
e OSCORE Sender ID of the client, which is already specified as 'kid' in the OSC As the client is the EDHOC Initiator, C_R is the OSCORE Sender ID of
ORE Option of the request from step 2, hence of the EDHOC + OSCORE request.</t> the client, which is already specified as the value of the 'kid' field in the
OSCORE option of the
request from <xref target="L1S2" format="none">Step 2</xref>; hence, C_R is s
pecified as the value of the 'kid' field of the EDHOC + OSCORE request.</t>
</li> </li>
<li> <li anchor="L1S5">
<t>Include the new EDHOC Option defined in <xref target="edhoc-opt <t>Include the new EDHOC option defined in <xref target="edhoc-opt
ion"/> into the EDHOC + OSCORE request. </t> ion"/> into the EDHOC + OSCORE request. </t>
<t> <t>
The application/cid-edhoc+cbor-seq media type does not apply to this message, wh ose media type is unnamed.</t> The application/cid-edhoc+cbor-seq media type does not apply to this message, wh ose media type is unnamed.</t>
</li> </li>
<li>Send the EDHOC + OSCORE request to the server.</li> <li anchor="L1S6">Send the EDHOC + OSCORE request to the server.</li >
</ol> </ol>
<t>With the same server, the client <bcp14>SHOULD NOT</bcp14> have mul <t>With the same server, the client <bcp14>SHOULD NOT</bcp14> have mul
tiple simultaneous outstanding interactions (see <xref section="4.7" sectionForm tiple simultaneous outstanding interactions (see <xref section="4.7" sectionForm
at="of" target="RFC7252"/>) such that: they consist of an EDHOC + OSCORE request at="of" target="RFC7252"/>), such that they consist of an EDHOC + OSCORE request
; and their EDHOC data pertain to the EDHOC session with the same connection ide and their EDHOC data pertains to the EDHOC session with the same connection ide
ntifier C_R.</t> ntifier C_R.</t>
<t>(An exception might apply for clients that operate under particular <t>An exception might apply for clients that operate under particular
time constraints over particularly unreliable networks, thus raising the chance time constraints over particularly unreliable networks, thus raising the chances
s to promptly complete the EDHOC execution with the server through multiple, sim to promptly complete the EDHOC execution with the server through multiple simul
ultaneous EDHOC + OSCORE requests. As discussed in <xref target="security-consid taneous EDHOC + OSCORE requests. As discussed in <xref target="security-consider
erations"/>, this does not have any impact in terms of security.)</t> ations"/>, this does not have any impact in terms of security.</t>
</section> </section>
<section anchor="client-blockwise"> <section anchor="client-blockwise">
<name>Supporting Block-wise</name> <name>Supporting Block-Wise Transfers</name>
<t>If Block-wise <xref target="RFC7959"/> is supported, the client may <t>If Block-wise transfers <xref target="RFC7959"/> are supported, the
fragment the first application CoAP request before protecting it as an original client may fragment the first CoAP application request before protecting it as
message with OSCORE, as defined in <xref section="4.1.3.4.1" sectionFormat="of" an original message with OSCORE as defined in <xref section="4.1.3.4.1" sectionF
target="RFC8613"/>.</t> ormat="of" target="RFC8613"/>.</t>
<t>In such a case, the OSCORE processing in step 2 of <xref target="cl <t>In such a case, the OSCORE processing in <xref target="L1S2" format
ient-processing"/> is performed on each inner block of the first application CoA ="none">Step 2</xref> of <xref target="client-processing"/> is performed on each
P request, and the following also applies.</t> inner block of the first CoAP application request. The following also applies.<
/t>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>The client takes the additional following step between steps 2 <t>The client takes the following additional step between Steps <x
and 3 of <xref target="client-processing"/>. </t> ref target="L1S2" format="none">2</xref> and <xref target="L1S3" format="none">3
<t> </xref> of <xref target="client-processing"/>. </t>
A. If the OSCORE-protected request from step 2 conveys a non-first inner block o <ol spacing='normal' type='Step 2.%d.' indent="10">
f the first application CoAP request (i.e., the Block1 Option processed at step <li>If the OSCORE-protected request from <xref target="L1S2" format="none">Step
2 had NUM different than 0), then the client skips the following steps and sends 2</xref> conveys a non-first inner block of the first CoAP application request (
the OSCORE-protected request to the server. In particular, the client <bcp14>MU i.e., the Block1 option processed at Step 2 had NUM different than 0), then the
ST NOT</bcp14> include the EDHOC Option in the OSCORE-protected request.</t> client skips the following steps and sends the OSCORE-protected request to the s
erver. In particular, the client <bcp14>MUST NOT</bcp14> include the EDHOC optio
n in the OSCORE-protected request.</li></ol>
</li> </li>
<li> <li>
<t>The client takes the additional following step between steps 3 <t>The client takes the following additional step between Steps <x
and 4 of <xref target="client-processing"/>. </t> ref target="L1S3" format="none">3</xref> and <xref target="L1S4" format="none">4
<t> </xref> of <xref target="client-processing"/>. </t>
B. If the size of COMB_PAYLOAD exceeds MAX_UNFRAGMENTED_SIZE (see <xref section= <ol spacing='normal' type='Step 3.%d.' indent="10"><li>
"4.1.3.4.2" sectionFormat="of" target="RFC8613"/>), the client <bcp14>MUST</bcp1 If the size of COMB_PAYLOAD exceeds MAX_UNFRAGMENTED_SIZE (see <xref section="4.
4> stop processing the request and <bcp14>MUST</bcp14> abandon the Block-wise tr 1.3.4.2" sectionFormat="of" target="RFC8613"/>), the client <bcp14>MUST</bcp14>
ansfer. Then, the client can continue by switching to the sequential workflow sh stop processing the request and <bcp14>MUST</bcp14> abandon the Block-wise trans
own in <xref target="fig-non-combined"/>. That is, the client first sends EDHOC fer. Then, the client can continue by switching to the sequential workflow shown
message_3 prepended by the EDHOC Connection Identifier C_R encoded as per <xref in <xref target="fig-non-combined"/>. That is, the client first sends EDHOC mes
section="3.3" sectionFormat="of" target="RFC9528"/>, and then sends the OSCORE-p sage_3 prepended by the EDHOC connection identifier C_R encoded as per <xref sec
rotected CoAP request once the EDHOC execution is completed.</t> tion="3.3" sectionFormat="of" target="RFC9528"/>. Then, the client sends the OSC
ORE-protected CoAP request once the EDHOC execution is completed.
</li> </li>
</ul> </ol>
<t>The performance advantage of using the EDHOC + OSCORE request can b </li>
e lost when used in combination with Block-wise transfers that rely on specific </ul>
parameter values and block sizes. Application policies at the CoAP client can de <t>The performance advantage of using the EDHOC + OSCORE request can b
fine when and how to detect whether the performance advantage is lost, and, if t e lost when used in combination with Block-wise transfers that rely on specific
hat is the case, whether to appropriately adjust the parameter values and block parameter values and block sizes. Application policies at the CoAP client can de
sizes, or instead to fall back on the sequential workflow of EDHOC.</t> fine when and how to detect whether the performance advantage is lost. If that i
s the case, they can also define whether to appropriately adjust the parameter v
alues and block sizes or to fall back on the sequential workflow of EDHOC.</t>
</section> </section>
</section> </section>
<section anchor="server-processing-intro"> <section anchor="server-processing-intro">
<name>Server Processing</name> <name>Server Processing</name>
<t>This section describes the processing on the server side.</t> <t>This section describes the processing on the server side.</t>
<section anchor="server-processing"> <section anchor="server-processing">
<name>Processing of the EDHOC + OSCORE Request</name> <name>Processing of the EDHOC + OSCORE Request</name>
<t>In order to process a request containing the EDHOC option, i.e., an EDHOC + OSCORE request, the server <bcp14>MUST</bcp14> perform the following st eps.</t> <t>In order to process a request containing the EDHOC option, i.e., an EDHOC + OSCORE request, the server <bcp14>MUST</bcp14> perform the following st eps.</t>
<ol spacing="normal" type="1"><li>Check that the EDHOC + OSCORE reques <ol spacing="normal" type="Step %d." indent="9">
t includes the OSCORE option and that the request payload has the format defined <li anchor="L2S1">Check that the EDHOC + OSCORE request includes the OSCORE opti
at step 3 of <xref target="client-processing"/> for COMB_PAYLOAD. If this is no on and that the request payload has the format defined at <xref target="L1S3" fo
t the case, the server <bcp14>MUST</bcp14> stop processing the request and <bcp1 rmat="none">Step 3</xref> of <xref target="client-processing"/> for COMB_PAYLOAD
4>MUST</bcp14> reply with a 4.00 (Bad Request) error response.</li> . If this is not the case, the server <bcp14>MUST</bcp14> stop processing the re
<li>Extract EDHOC message_3 from the payload COMB_PAYLOAD of the EDH quest and <bcp14>MUST</bcp14> reply with a 4.00 (Bad Request) error response.</l
OC + OSCORE request, as the first element EDHOC_MSG_3 (see step 3 of <xref targe i>
t="client-processing"/>).</li> <li anchor="L2S2">Extract EDHOC message_3 from the payload COMB_PAYL
<li>Take the value of 'kid' from the OSCORE option of the EDHOC + OS OAD of the EDHOC + OSCORE request as the first element EDHOC_MSG_3 (see <xref ta
CORE request (i.e., the OSCORE Sender ID of the client), and use it as the EDHOC rget="L1S3" format="none">Step 3</xref> of <xref target="client-processing"/>).<
connection identifier C_R.</li> /li>
<li> <li anchor="L2S3">Take the value of the 'kid' field from the OSCORE
<t>Retrieve the correct EDHOC session by using the connection iden option of the EDHOC + OSCORE request (i.e., the OSCORE Sender ID of the client),
tifier C_R from step 3. </t> and use it as the EDHOC connection identifier C_R.</li>
<li anchor="L2S4">
<t>Retrieve the correct EDHOC session by using the connection iden
tifier C_R from <xref target="L2S3" format="none">Step 3</xref>. </t>
<t> <t>
If the application profile used in the EDHOC session specifies that EDHOC messag e_4 shall be sent, the server <bcp14>MUST</bcp14> stop the EDHOC processing and consider it failed, as due to a client error. </t> If the application profile used in the EDHOC session specifies that EDHOC messag e_4 shall be sent, the server <bcp14>MUST</bcp14> stop the EDHOC processing and consider it failed due to a client error. </t>
<t> <t>
Otherwise, perform the EDHOC processing on the EDHOC message_3 extracted at step 2 as per <xref section="5.4.3" sectionFormat="of" target="RFC9528"/>, based on the protocol state of the retrieved EDHOC session. </t> Otherwise, perform the EDHOC processing on the EDHOC message_3 extracted at <xre f target="L2S2" format="none">Step 2</xref> as per <xref section="5.4.3" section Format="of" target="RFC9528"/> based on the protocol state of the retrieved EDHO C session. </t>
<t> <t>
The application profile used in the EDHOC session is the same one associated wit h the EDHOC resource where the server received the request conveying EDHOC messa ge_1 that started the session. This is relevant in case the server provides mult iple EDHOC resources, which may generally refer to different application profile s.</t> The application profile used in the EDHOC session is the same one associated wit h the EDHOC resource where the server received the request conveying EDHOC messa ge_1 that started the session. This is relevant in case the server provides mult iple EDHOC resources that may generally refer to different application profiles .</t>
</li> </li>
<li>Establish a new OSCORE Security Context associated with the clie <li anchor="L2S5">Establish a new OSCORE Security Context associated
nt as per <xref section="A.1" sectionFormat="of" target="RFC9528"/>, using the E with the client as per <xref section="A.1" sectionFormat="of" target="RFC9528"/
DHOC output from step 4.</li> > using the EDHOC output from <xref target="L2S4" format="none">Step 4</xref>.</
<li>Extract the OSCORE ciphertext from the payload COMB_PAYLOAD of t li>
he EDHOC + OSCORE request, as the second element OSCORE_PAYLOAD (see step 3 of < <li anchor="L2S6">Extract the OSCORE ciphertext from the payload COM
xref target="client-processing"/>).</li> B_PAYLOAD of the EDHOC + OSCORE request as the second element OSCORE_PAYLOAD (se
<li>Rebuild the OSCORE-protected CoAP request, as the EDHOC + OSCORE e <xref target="L1S3" format="none">Step 3</xref> of <xref target="client-proces
request where the payload is replaced with the OSCORE ciphertext extracted at s sing"/>).</li>
tep 6. Then, remove the EDHOC option.</li> <li anchor="L2S7">Rebuild the OSCORE-protected CoAP request as the E
<li> DHOC + OSCORE request, where the payload is replaced with the OSCORE ciphertext
<t>Decrypt and verify the OSCORE-protected CoAP request rebuilt at extracted at <xref target="L2S6" format="none">Step 6</xref>. Then, remove the E
step 7, as per <xref section="8.2" sectionFormat="of" target="RFC8613"/>, by us DHOC option.</li>
ing the OSCORE Security Context established at step 5. </t> <li anchor="L2S8">
<t>Decrypt and verify the OSCORE-protected CoAP request rebuilt at
<xref target="L2S7" format="none">Step 7</xref> as per <xref section="8.2" sect
ionFormat="of" target="RFC8613"/> by using the OSCORE Security Context establish
ed at <xref target="L2S5" format="none">Step 5.</xref></t>
<t> <t>
When the decrypted request is checked for any critical CoAP options (as it is du ring regular CoAP processing), the presence of an EDHOC option <bcp14>MUST</bcp1 4> be regarded as an unprocessed critical option, unless it is processed by some further mechanism.</t> When the decrypted request is checked for any critical CoAP options (as it is du ring regular CoAP processing), the presence of an EDHOC option <bcp14>MUST</bcp1 4> be regarded as an unprocessed critical option unless it is processed by some further mechanism.</t>
</li> </li>
<li>Deliver the CoAP request resulting from step 8 to the applicatio n.</li> <li anchor="L2S9">Deliver the CoAP request resulting from <xref targ et="L2S8" format="none">Step 8</xref> to the application.</li>
</ol> </ol>
<t>If steps 4 (EDHOC processing) and 8 (OSCORE processing) are both su <t>If Steps <xref target="L2S4" format="none">4</xref> (EDHOC processi
ccessfully completed, the server <bcp14>MUST</bcp14> reply with an OSCORE-protec ng) and <xref target="L2S8" format="none">8</xref> (OSCORE processing) are both
ted response (see <xref section="5.4.3" sectionFormat="of" target="RFC9528"/>). successfully completed, the server <bcp14>MUST</bcp14> reply with an OSCORE-prot
The usage of EDHOC message_4 as defined in <xref section="5.5" sectionFormat="of ected response (see <xref section="5.4.3" sectionFormat="of" target="RFC9528"/>)
" target="RFC9528"/> is not applicable to the approach defined in this document. . The usage of EDHOC message_4 as defined in <xref section="5.5" sectionFormat="
</t> of" target="RFC9528"/> is not applicable to the approach defined in this documen
<t>If step 4 (EDHOC processing) fails, the server aborts the session a t.</t>
s per <xref section="5.4.3" sectionFormat="of" target="RFC9528"/> and responds w <t>If <xref target="L2S4" format="none">Step 4</xref> (EDHOC processin
ith an EDHOC error message with error code 1, formatted as defined in <xref sect g) fails, the server aborts the session as per <xref section="5.4.3" sectionForm
ion="6.2" sectionFormat="of" target="RFC9528"/>. The server <bcp14>MUST NOT</bcp at="of" target="RFC9528"/> and responds with an EDHOC error message with error c
14> establish a new OSCORE Security Context from the present EDHOC session with ode 1, which is formatted as defined in <xref section="6.2" sectionFormat="of" t
the client. The CoAP response conveying the EDHOC error message is not protected arget="RFC9528"/>. The server <bcp14>MUST NOT</bcp14> establish a new OSCORE Sec
with OSCORE. As per <xref section="9.5" sectionFormat="of" target="RFC9528"/>, urity Context from the present EDHOC session with the client. The CoAP response
the server has to make sure that the error message does not reveal sensitive inf conveying the EDHOC error message is not protected with OSCORE. As per <xref sec
ormation. The CoAP response conveying the EDHOC error message <bcp14>MUST</bcp14 tion="9.5" sectionFormat="of" target="RFC9528"/>, the server has to make sure th
> have Content-Format set to application/edhoc+cbor-seq registered in <xref sect at the error message does not reveal sensitive information. The CoAP response co
ion="10.9" sectionFormat="of" target="RFC9528"/>.</t> nveying the EDHOC error message <bcp14>MUST</bcp14> have Content-Format set to a
<t>If step 4 (EDHOC processing) is successfully completed but step 8 ( pplication/edhoc+cbor-seq registered in <xref section="10.9" sectionFormat="of"
OSCORE processing) fails, the same OSCORE error handling as defined in <xref sec target="RFC9528"/>.</t>
tion="8.2" sectionFormat="of" target="RFC8613"/> applies.</t> <t>If <xref target="L2S4" format="none">Step 4</xref> (EDHOC processin
g) is successfully completed but <xref target="L2S8" format="none">Step 8</xref>
(OSCORE processing) fails, the same OSCORE error handling as defined in <xref s
ection="8.2" sectionFormat="of" target="RFC8613"/> applies.</t>
</section> </section>
<section anchor="server-blockwise"> <section anchor="server-blockwise">
<name>Supporting Block-wise</name> <name>Supporting Block-Wise Transfers</name>
<t>If Block-wise <xref target="RFC7959"/> is supported, the server tak <t>If Block-wise transfers <xref target="RFC7959"/> are supported, the
es the additional following step before any other in <xref target="server-proces server takes the additional following step before any other in <xref target="se
sing"/>.</t> rver-processing"/>.</t>
<t>A. If Block-wise is present in the request, then process the Outer <ol spacing='normal' type='Step %d.' start='0' indent="9">
Block options according to <xref target="RFC7959"/>, until all blocks of the req <li>If a Block option is present in the request, then process the Oute
uest have been received (see <xref section="4.1.3.4" sectionFormat="of" target=" r Block options according to <xref target="RFC7959"/> until all blocks of the re
RFC8613"/>).</t> quest have been received (see <xref section="4.1.3.4" sectionFormat="of" target=
"RFC8613"/>).</li></ol>
</section> </section>
</section> </section>
<section anchor="example"> <section anchor="example">
<name>Example of EDHOC + OSCORE Request</name> <name>Example of the EDHOC + OSCORE Request</name>
<t><xref target="fig-edhoc-opt-2"/> shows an example of EDHOC + OSCORE R <t><xref target="fig-edhoc-opt-2"/> shows an example of an EDHOC + OSCOR
equest transported over UDP. In particular, the example assumes that:</t> E request transported over UDP. In particular, the example assumes that:</t>
<ul spacing="normal"> <ul spacing="normal">
<li>The OSCORE Partial IV in use is 0, consistently with the first req uest protected with the new OSCORE Security Context.</li> <li>The OSCORE Partial IV in use is 0 consistently with the first requ est protected with the new OSCORE Security Context.</li>
<li> <li>
<t>The OSCORE Sender ID of the client is 0x01. </t> <t>The OSCORE Sender ID of the client is 0x01. </t>
<t> <t>
As per <xref section="3.3.3" sectionFormat="of" target="RFC9528"/>, this straigh tforwardly corresponds to the EDHOC connection identifier C_R 0x01. </t> As per <xref section="3.3.3" sectionFormat="of" target="RFC9528"/>, this straigh tforwardly corresponds to the EDHOC connection identifier C_R 0x01. </t>
<t> <t>
As per <xref section="3.3.2" sectionFormat="of" target="RFC9528"/>, when using t he sequential flow shown in <xref target="fig-non-combined"/>, the same C_R with value 0x01 would be encoded on the wire as the CBOR integer 1 (0x01 in CBOR enc oding), and prepended to EDHOC message_3 in the payload of the second EDHOC requ est.</t> As per <xref section="3.3.2" sectionFormat="of" target="RFC9528"/>, when using t he sequential flow shown in <xref target="fig-non-combined"/>, the same C_R with a value of 0x01 would be encoded on the wire as the CBOR integer 1 (0x01 in CBO R encoding) and prepended to EDHOC message_3 in the payload of the second EDHOC request.</t>
</li> </li>
<li>The EDHOC option is registered with CoAP option number 21.</li>
</ul> </ul>
<t>Note to RFC Editor: Please delete the last bullet point in the previo us list, since, at the time of publication, the CoAP option number will be in fa ct registered.</t>
<t>This results in the following components shown in <xref target="fig-e dhoc-opt-2"/>:</t> <t>This results in the following components shown in <xref target="fig-e dhoc-opt-2"/>:</t>
<ul spacing="normal"> <dl spacing="normal">
<li>OSCORE option value: 0x090001 (3 bytes)</li> <dt>OSCORE option value:</dt><dd>0x090001 (3 bytes)</dd>
<li>EDHOC option value: - (0 bytes)</li> <dt>EDHOC option value:</dt><dd>- (0 bytes)</dd>
<li>EDHOC message_3: 0x52d5535f3147e85f1cfacd9e78abf9e0a81bbf (19 byte <dt>EDHOC message_3:</dt><dd>0x52d5535f3147e85f1cfacd9e78abf9e0a81bbf
s)</li> (19 bytes)</dd>
<li>OSCORE ciphertext: 0x612f1092f1776f1c1668b3825e (13 bytes)</li> <dt>OSCORE ciphertext:</dt><dd>0x612f1092f1776f1c1668b3825e (13 bytes)
</ul> </dd></dl>
<figure anchor="fig-edhoc-opt-2"> <figure anchor="fig-edhoc-opt-2">
<name>Example of CoAP message transported over UDP, combining EDHOC da <name>Example of a Protected CoAP Request Combining EDHOC and OSCORE D
ta and OSCORE data as signalled with the EDHOC Option.</name> ata</name>
<artwork type="~" align="center"><![CDATA[ <sourcecode type="coap"><![CDATA[
Protected CoAP request (OSCORE message): 0x44025d1f ; CoAP 4-byte Header
0x44025d1f ; CoAP 4-byte header
00003974 ; Token 00003974 ; Token
93 090001 ; OSCORE Option 93 090001 ; OSCORE Option
c0 ; EDHOC Option c0 ; EDHOC Option
ff 52d5535f3147e85f1cfacd9e78abf9e0a81bbf ff 52d5535f3147e85f1cfacd9e78abf9e0a81bbf
612f1092f1776f1c1668b3825e 612f1092f1776f1c1668b3825e
(46 bytes) (46 bytes)
]]></artwork> ]]></sourcecode>
</figure> </figure>
</section> </section>
</section> </section>
<section anchor="use-of-ids"> <section anchor="use-of-ids">
<name>Use of EDHOC Connection Identifiers with OSCORE</name> <name>Use of EDHOC Connection Identifiers with OSCORE</name>
<t>The OSCORE Sender/Recipient IDs are the EDHOC connection identifiers (s ee <xref section="3.3.3" sectionFormat="of" target="RFC9528"/>). This applies al so to the optimized workflow defined in <xref target="edhoc-in-oscore"/> of this document.</t> <t>The OSCORE Sender/Recipient IDs are the EDHOC connection identifiers (s ee <xref section="3.3.3" sectionFormat="of" target="RFC9528"/>). This applies al so to the optimized workflow defined in <xref target="edhoc-in-oscore"/> of this document.</t>
<t>Note that, at step 3 of <xref target="server-processing"/>, the value o f 'kid' in the OSCORE Option of the EDHOC + OSCORE request is both the server's Recipient ID (i.e., the client's Sender ID) and the EDHOC Connection Identifier C_R of the server.</t> <t>Note that the value of the 'kid' field in the OSCORE option of the EDHO C + OSCORE request is both the server's Recipient ID (i.e., the client's Sender ID) and the EDHOC connection identifier C_R of the server at <xref target="L2S3" format="none">Step 3</xref> of <xref target="server-processing"/>.</t>
<section anchor="oscore-edhoc-message-processing"> <section anchor="oscore-edhoc-message-processing">
<name>Additional Processing of EDHOC Messages</name> <name>Additional Processing of EDHOC Messages</name>
<t>When using EDHOC to establish an OSCORE Security Context, the client and server <bcp14>MUST</bcp14> perform the following additional steps during an EDHOC execution, thus extending <xref section="5" sectionFormat="of" target="RFC 9528"/>.</t> <t>When using EDHOC to establish an OSCORE Security Context, the client and server <bcp14>MUST</bcp14> perform the following additional steps during an EDHOC execution, thus extending <xref section="5" sectionFormat="of" target="RFC 9528"/>.</t>
<section anchor="initiator-processing-of-message-1"> <section anchor="initiator-processing-of-message-1">
<name>Initiator Processing of Message 1</name> <name>Initiator Processing of Message 1</name>
<t>The Initiator selects an EDHOC Connection Identifier C_I as follows <t>The Initiator selects an EDHOC connection identifier C_I as follows
.</t> .</t>
<t>The Initiator <bcp14>MUST</bcp14> choose a C_I that is neither used <t>The Initiator <bcp14>MUST</bcp14> choose a C_I that is neither used
in any current EDHOC session as this peer's EDHOC Connection Identifier, nor th in any current EDHOC session as this peer's EDHOC connection identifier nor the
e Recipient ID in a current OSCORE Security Context where the ID Context is not Recipient ID in a current OSCORE Security Context where the ID Context is not p
present.</t> resent.</t>
<t>The chosen C_I <bcp14>SHOULD NOT</bcp14> be the Recipient ID of any <t>The chosen C_I <bcp14>SHOULD NOT</bcp14> be the Recipient ID of any
current OSCORE Security Context. Note that, unless the two peers concurrently u current OSCORE Security Context. Note that, unless the two peers concurrently u
se alternative methods to establish OSCORE Security Contexts, this allows the Re se alternative methods to establish OSCORE Security Contexts, this allows the Re
sponder to always omit the 'kid context' in the OSCORE Option of its messages se sponder to always omit the 'kid context' in the OSCORE option of its messages se
nt to the Initiator, when protecting those with an OSCORE Security Context where nt to the Initiator when protecting those with an OSCORE Security Context where
C_I is the Responder's OSCORE Sender ID (see <xref section="6.1" sectionFormat= C_I is the Responder's OSCORE Sender ID (see <xref section="6.1" sectionFormat="
"of" target="RFC8613"/>).</t> of" target="RFC8613"/>).</t>
</section> </section>
<section anchor="responder-processing-of-message-2"> <section anchor="responder-processing-of-message-2">
<name>Responder Processing of Message 2</name> <name>Responder Processing of Message 2</name>
<t>The Responder selects an EDHOC Connection Identifier C_R as follows <t>The Responder selects an EDHOC connection identifier C_R as follows
.</t> .</t>
<t>The Responder <bcp14>MUST</bcp14> choose a C_R that is neither used <t>The Responder <bcp14>MUST</bcp14> choose a C_R that is none of the
in any current EDHOC session as this peer's EDHOC Connection Identifier, nor is following:</t>
equal to the EDHOC Connection Identifier C_I specified in the EDHOC message_1 o
f the present EDHOC session, nor is the Recipient ID in a current OSCORE Securit <ul><li>used in any current EDHOC session as this peer's EDHOC connecti
y Context where the ID Context is not present.</t> on identifier,</li>
<t>The chosen C_R <bcp14>SHOULD NOT</bcp14> be the Recipient ID of any <li>equal to the EDHOC connection identifier C_I specified in the EDHOC
current OSCORE Security Context. Note that, for a reason analogous to the one g message_1 of the present EDHOC session, or</li>
iven above with C_I, this allows the Initiator to always omit the 'kid context' <li>the Recipient ID in a current OSCORE Security Context where the ID
in the OSCORE Option of its messages sent to the Responder, when protecting thos Context is not present.</li></ul>
e with an OSCORE Security Context where C_R is the Initiator's OSCORE Sender ID <t>The chosen C_R <bcp14>SHOULD NOT</bcp14> be the Recipient ID of any
(see <xref section="6.1" sectionFormat="of" target="RFC8613"/>).</t> current OSCORE Security Context. Note that, for a reason analogous to the one g
iven in <xref target="initiator-processing-of-message-1"/> with C_I, this allows
the Initiator to always omit the 'kid context' in the OSCORE option of its mess
ages sent to the Responder when protecting those with an OSCORE Security Context
where C_R is the Initiator's OSCORE Sender ID (see <xref section="6.1" sectionF
ormat="of" target="RFC8613"/>).</t>
</section> </section>
<section anchor="initiator-processing-of-message-2"> <section anchor="initiator-processing-of-message-2">
<name>Initiator Processing of Message 2</name> <name>Initiator Processing of Message 2</name>
<t>If the EDHOC Connection Identifier C_I is equal to the EDHOC Connec tion Identifier C_R specified in EDHOC message_2, then the Initiator <bcp14>MUST </bcp14> abort the session and reply with an EDHOC error message with error code 1, formatted as defined in <xref section="6.2" sectionFormat="of" target="RFC95 28"/>.</t> <t>If the EDHOC connection identifier C_I is equal to the EDHOC connec tion identifier C_R specified in EDHOC message_2, then the Initiator <bcp14>MUST </bcp14> abort the session and reply with an EDHOC error message with error code 1 formatted as defined in <xref section="6.2" sectionFormat="of" target="RFC952 8"/>.</t>
</section> </section>
</section> </section>
</section> </section>
<section anchor="app-statements"> <section anchor="app-statements">
<name>Extension and Consistency of Application Profiles</name> <name>Extension and Consistency of Application Profiles</name>
<t>It is possible to include the information below in the application prof ile referred by the client and server, according to the specified consistency ru les.</t> <t>It is possible to include the information below in the application prof ile referred by the client and server according to the specified consistency rul es.</t>
<t>If the server supports the EDHOC + OSCORE request within an EDHOC execu tion started at a certain EDHOC resource, then the application profile associate d with that resource <bcp14>SHOULD</bcp14> explicitly specify support for the ED HOC + OSCORE request.</t> <t>If the server supports the EDHOC + OSCORE request within an EDHOC execu tion started at a certain EDHOC resource, then the application profile associate d with that resource <bcp14>SHOULD</bcp14> explicitly specify support for the ED HOC + OSCORE request.</t>
<t>In case the application profile indicates that the server supports the <t>In the case where the application profile indicates that the server sup
optional EDHOC message_4 (see <xref section="5.5" sectionFormat="of" target="RFC ports the optional EDHOC message_4 (see <xref section="5.5" sectionFormat="of" t
9528"/>), it is still possible to use the optimized workflow based on the EDHOC arget="RFC9528"/>), it is still possible to use the optimized workflow based on
+ OSCORE request. However, this means the server is not going to send EDHOC mess the EDHOC + OSCORE request. However, this means that the server is not going to
age_4, since it is not applicable to the optimized workflow (see <xref target="s send EDHOC message_4 since it is not applicable to the optimized workflow (see <
erver-processing"/>).</t> xref target="server-processing"/>).</t>
<t>Also, in case the application profile indicates that the server shall s <t>Also, in the case where the application profile indicates that the serv
end EDHOC message_4, then the application profile <bcp14>MUST NOT</bcp14> specif er shall send EDHOC message_4, the application profile <bcp14>MUST NOT</bcp14> s
y support for the EDHOC + OSCORE request, and there is no point for the client t pecify support for the EDHOC + OSCORE request. There is no point for the client
o use the optimized workflow, which is bound to fail (see <xref target="server-p to use the optimized workflow that is bound to fail (see <xref target="server-pr
rocessing"/>).</t> ocessing"/>).</t>
</section> </section>
<section anchor="web-linking"> <section anchor="web-linking">
<name>Web Linking</name> <name>Web Linking</name>
<t><xref section="10.10" sectionFormat="of" target="RFC9528"/> registers t <t><xref section="10.10" sectionFormat="of" target="RFC9528"/> registers t
he resource type "core.edhoc", which can be used as target attribute in a web li he resource type "core.edhoc", which can be used as target attribute in a web li
nk <xref target="RFC8288"/> to an EDHOC resource, e.g., using a link-format docu nk <xref target="RFC8288"/> to an EDHOC resource, e.g., using a link-format docu
ment <xref target="RFC6690"/>. This enables clients to discover the presence of ment <xref target="RFC6690"/>. This enables clients to discover the presence of
EDHOC resources at a server, possibly using the resource type as filter criterio EDHOC resources at a server, possibly using the resource type as a filter criter
n.</t> ion.</t>
<t>At the same time, the application profile associated with an EDHOC reso <t>At the same time, the application profile associated with an EDHOC reso
urce provides information describing how the EDHOC protocol can be used through urce provides information describing how the EDHOC protocol can be used through
that resource. A client may become aware of the application profile, e.g., by ob that resource. A client may become aware of the application profile, e.g., by ob
taining its information elements upon discovering the EDHOC resources at the ser taining its information elements upon discovering the EDHOC resources at the ser
ver. This allows the client to discover especially the EDHOC resources whose ass ver.
ociated application profile denotes a way of using EDHOC which is most suitable This allows the client to discover the EDHOC resources whose associated applicat
to the client, e.g., with EDHOC cipher suites or authentication methods that the ion profile denotes a way of using EDHOC that is most suitable to the client, e.
client also supports or prefers.</t> g., with EDHOC cipher suites or authentication methods that the client also supp
<t>That is, while discovering an EDHOC resource, a client can contextually orts or prefers.</t>
obtain relevant pieces of information from the application profile associated w <t>That is, while discovering an EDHOC resource, a client can contextually
ith that resource. The resource discovery can occur by means of a direct interac obtain relevant pieces of information from the application profile associated w
tion with the server, or instead by means of the CoRE Resource Directory <xref t ith that resource. The resource discovery can occur by means of a direct interac
arget="RFC9176"/>, where the server may have registered the links to its resourc tion with the server or by means of the CoRE Resource Directory <xref target="RF
es.</t> C9176"/> where the server may have registered the links to its resources.</t>
<t>In order to enable the above, this section defines a number of paramete <t>In order to enable the above, this section defines a number of paramete
rs, each of which can be optionally specified as a target attribute with the sam rs, each of which can be optionally specified as a target attribute with the sam
e name in the link to the respective EDHOC resource, or as filter criteria in a e name in the link to the respective EDHOC resource or as filter criterion in a
discovery request from the client. When specifying these parameters in a link to discovery request from the client. When specifying these parameters in a link to
an EDHOC resource, the target attribute rt="core.edhoc" <bcp14>MUST</bcp14> be an EDHOC resource, the target attribute rt="core.edhoc" <bcp14>MUST</bcp14> be
included, and the same consistency rules defined in <xref target="app-statements included and the same consistency rules defined in <xref target="app-statements"
"/> for the corresponding information elements of an application profile <bcp14> /> for the corresponding information elements of an application profile <bcp14>M
MUST</bcp14> be followed.</t> UST</bcp14> be followed.</t>
<t>The following parameters are defined.</t> <t>The following parameters are defined.</t>
<ul spacing="normal"> <dl spacing="normal">
<li>'ed-i', specifying, if present, that the server supports the EDHOC I <dt>'ed-i':</dt><dd>If present, specifies that the server supports the E
nitiator role, hence the reverse message flow of EDHOC. A value <bcp14>MUST NOT< DHOC Initiator role, hence the reverse message flow of EDHOC. A value <bcp14>MUS
/bcp14> be given to this parameter and any present value <bcp14>MUST</bcp14> be T NOT</bcp14> be given to this parameter and any present value <bcp14>MUST</bcp1
ignored by the recipient.</li> 4> be ignored by the recipient.</dd>
<li>'ed-r', specifying, if present, that the server supports the EDHOC R <dt>'ed-r':</dt><dd>If present, specifies that the server supports the E
esponder role, hence the forward message flow of EDHOC. A value <bcp14>MUST NOT< DHOC Responder role, hence the forward message flow of EDHOC. A value <bcp14>MUS
/bcp14> be given to this parameter and any present value <bcp14>MUST</bcp14> be T NOT</bcp14> be given to this parameter and any present value <bcp14>MUST</bcp1
ignored by the recipient.</li> 4> be ignored by the recipient.</dd>
<li>'ed-method', specifying an authentication method supported by the se <dt>'ed-method':</dt><dd>Specifies an authentication method supported by
rver. This parameter <bcp14>MUST</bcp14> specify a single value, which is taken the server. This parameter <bcp14>MUST</bcp14> specify a single value, which is
from the 'Value' column of the "EDHOC Method Type" registry defined in <xref sec taken from the 'Value' column of the "EDHOC Method Type" registry defined in <x
tion="10.3" sectionFormat="of" target="RFC9528"/>. This parameter <bcp14>MAY</bc ref section="10.3" sectionFormat="of" target="RFC9528"/>. This parameter <bcp14>
p14> occur multiple times, with each occurrence specifying an authentication met MAY</bcp14> occur multiple times, with each occurrence specifying an authenticat
hod.</li> ion method.</dd>
<li>'ed-csuite', specifying an EDHOC cipher suite supported by the serve <dt>'ed-csuite':</dt><dd>Specifies an EDHOC cipher suite supported by th
r. This parameter <bcp14>MUST</bcp14> specify a single value, which is taken fro e server. This parameter <bcp14>MUST</bcp14> specify a single value, which is ta
m the 'Value' column of the "EDHOC Cipher Suites" registry defined in <xref sect ken from the 'Value' column of the "EDHOC Cipher Suites" registry defined in <xr
ion="10.2" sectionFormat="of" target="RFC9528"/>. This parameter <bcp14>MAY</bcp ef section="10.2" sectionFormat="of" target="RFC9528"/>. This parameter <bcp14>M
14> occur multiple times, with each occurrence specifying a cipher suite.</li> AY</bcp14> occur multiple times, with each occurrence specifying a cipher suite.
<li>'ed-cred-t', specifying a type of authentication credential supporte </dd>
d by the server. This parameter <bcp14>MUST</bcp14> specify a single value, whic <dt>'ed-cred-t':</dt><dd>Specifies a type of authentication credential s
h is taken from the 'Value' column of the "EDHOC Authentication Credential Types upported by the server. This parameter <bcp14>MUST</bcp14> specify a single valu
" Registry defined in <xref target="iana-edhoc-auth-cred-types"/> of this docume e, which is taken from the 'Value' column of the "EDHOC Authentication Credentia
nt. This parameter <bcp14>MAY</bcp14> occur multiple times, with each occurrence l Types" Registry defined in <xref target="iana-edhoc-auth-cred-types"/> of this
specifying a type of authentication credential.</li> document. This parameter <bcp14>MAY</bcp14> occur multiple times, with each occ
<li> urrence specifying a type of authentication credential.</dd>
<t>'ed-idcred-t', specifying a type of identifier supported by the ser <dt>'ed-idcred-t':</dt><dd><t>Specifies a type of identifier supported
ver for identifying authentication credentials. This parameter <bcp14>MUST</bcp1 by the server for identifying authentication credentials. This parameter <bcp14
4> specify a single value, which is taken from the 'Label' column of the "COSE H >MUST</bcp14> specify a single value, which is taken from the 'Label' column of
eader Parameters" registry <xref target="COSE.Header.Parameters"/>. This paramet the "COSE Header Parameters" registry <xref target="COSE.Header.Parameters"/>. T
er <bcp14>MAY</bcp14> occur multiple times, with each occurrence specifying a ty his parameter <bcp14>MAY</bcp14> occur multiple times, with each occurrence spec
pe of identifier for authentication credentials. </t> ifying a type of identifier for authentication credentials.</t>
<t> <t>
Note that the values in the 'Label' column of the "COSE Header Parameters" regis Note that the values in the 'Label' column of the "COSE Header Parameters" regis
try are strongly typed. On the contrary, Link Format is weakly typed and thus do try are strongly typed. On the contrary, CoRE Link Format is weakly typed; thus,
es not distinguish between, for instance, the string value "-10" and the integer it does not distinguish between, for instance, the string value "-10" and the i
value -10. Thus, if responses in Link Format are returned, string values which nteger value -10. Therefore, if responses in CoRE Link Format are returned, stri
look like an integer are not supported. Therefore, such values <bcp14>MUST NOT</ ng values that look like an integer are not supported. Thus, such values <bcp14>
bcp14> be used in the 'ed-idcred-t' parameter.</t> MUST NOT</bcp14> be used in the 'ed-idcred-t' parameter.</t>
</li> </dd>
<li>'ed-ead', specifying the support of the server for an External Autho <dt>'ed-ead':</dt><dd>Specifies the support of the server for an Externa
rization Data (EAD) item (see <xref section="3.8" sectionFormat="of" target="RFC l Authorization Data (EAD) item (see <xref section="3.8" sectionFormat="of" targ
9528"/>). This parameter <bcp14>MUST</bcp14> specify a single value, which is ta et="RFC9528"/>). This parameter <bcp14>MUST</bcp14> specify a single value, whic
ken from the 'Label' column of the "EDHOC External Authorization Data" registry h is taken from the 'Label' column of the "EDHOC External Authorization Data" re
defined in <xref section="10.5" sectionFormat="of" target="RFC9528"/>. This para gistry defined in <xref section="10.5" sectionFormat="of" target="RFC9528"/>. Th
meter <bcp14>MAY</bcp14> occur multiple times, with each occurrence specifying t is parameter <bcp14>MAY</bcp14> occur multiple times, with each occurrence speci
he ead_label of an EAD item that the server supports.</li> fying the ead_label of an EAD item that the server supports.</dd>
<li>'ed-comb-req', specifying, if present, that the server supports the <dt>'ed-comb-req':</dt><dd>If present, specifies that the server support
EDHOC + OSCORE request defined in <xref target="edhoc-in-oscore"/>. A value <bcp s the EDHOC + OSCORE request defined in <xref target="edhoc-in-oscore"/>. A valu
14>MUST NOT</bcp14> be given to this parameter and any present value <bcp14>MUST e <bcp14>MUST NOT</bcp14> be given to this parameter and any present value <bcp1
</bcp14> be ignored by the recipient.</li> 4>MUST</bcp14> be ignored by the recipient.</dd>
</ul> </dl>
<t>(Future documents may update the definition of the parameters 'ed-i', ' <t>Future documents may update the definition of the parameters 'ed-i', 'e
ed-r', and 'ed-comb-req', by expanding their semantics and specifying what they d-r', and 'ed-comb-req' by expanding their semantics and specifying what they ca
can take as value.)</t> n take as value.</t>
<t>The example in <xref target="fig-web-link-example"/> shows how a client <t>The example in <xref target="fig-web-link-example"/> shows how a client
discovers one EDHOC resource at a server, obtaining information elements from t discovers one EDHOC resource at a server and obtains information elements from
he respective application profile. The Link Format notation from <xref section=" the respective application profile. The CoRE Link Format notation from <xref sec
5" sectionFormat="of" target="RFC6690"/> is used.</t> tion="5" sectionFormat="of" target="RFC6690"/> is used.</t>
<figure anchor="fig-web-link-example"> <figure anchor="fig-web-link-example">
<name>The Web Link.</name> <name>The Web Link</name>
<artwork align="center"><![CDATA[ <artwork align="center"><![CDATA[
REQ: GET /.well-known/core REQ: GET /.well-known/core
RES: 2.05 Content RES: 2.05 Content
</sensors/temp>;osc, </sensors/temp>;osc,
</sensors/light>;if=sensor, </sensors/light>;if=sensor,
</.well-known/edhoc>;rt=core.edhoc;ed-csuite=0;ed-csuite=2; </.well-known/edhoc>;rt=core.edhoc;ed-csuite=0;ed-csuite=2;
ed-method=0;ed-cred-t=1;ed-cred-t=3;ed-idcred-t=4; ed-method=0;ed-cred-t=0;ed-cred-t=1;ed-idcred-t=4;
ed-i;ed-r;ed-comb-req ed-i;ed-r;ed-comb-req
]]></artwork> ]]></artwork>
</figure> </figure>
</section> </section>
<section anchor="security-considerations"> <section anchor="security-considerations">
<name>Security Considerations</name> <name>Security Considerations</name>
<t>The same security considerations from OSCORE <xref target="RFC8613"/> a <t>The same security considerations from OSCORE <xref target="RFC8613"/> a
nd EDHOC <xref target="RFC9528"/> hold for this document. In addition, the follo nd EDHOC <xref target="RFC9528"/> hold for this document. In addition, the follo
wing considerations also apply.</t> wing considerations apply.</t>
<t><xref target="client-processing"/> specifies that a client <bcp14>SHOUL <t><xref target="client-processing"/> specifies that a client <bcp14>SHOUL
D NOT</bcp14> have multiple outstanding EDHOC + OSCORE requests pertaining to th D NOT</bcp14> have multiple outstanding EDHOC + OSCORE requests pertaining to th
e same EDHOC session. Even if a client did not fulfill this requirement, it woul e same EDHOC session. Even if a client did not fulfill this requirement, it woul
d not have any impact in terms of security. That is, the server would still not d not have any impact in terms of security. That is, the server would still not
process different instances of the same EDHOC message_3 more than once in the sa process different instances of the same EDHOC message_3 more than once in the sa
me EDHOC session (see <xref section="5.1" sectionFormat="of" target="RFC9528"/>) me EDHOC session (see <xref section="5.1" sectionFormat="of" target="RFC9528"/>)
, and would still enforce replay protection of the OSCORE-protected request (see and would still enforce replay protection of the OSCORE-protected request (see
Sections <xref target="RFC8613" section="7.4" sectionFormat="bare"/> and <xref Sections <xref target="RFC8613" section="7.4" sectionFormat="bare"/> and <xref t
target="RFC8613" section="8.2" sectionFormat="bare"/> of <xref target="RFC8613"/ arget="RFC8613" section="8.2" sectionFormat="bare"/> of <xref target="RFC8613"/>
>).</t> ).</t>
<t>When using the optimized workflow in <xref target="fig-combined"/>, a m <t>When using the optimized workflow in <xref target="fig-combined"/>, a m
inimum of 128-bit security against online brute force attacks is achieved after inimum of 128-bit security against online brute-force attacks is achieved after
the client receives and successfully verifies the first OSCORE-protected respons the client receives and successfully verifies the first OSCORE-protected respons
e (see Sections <xref target="RFC9528" section="9.1" sectionFormat="bare"/> and e (see Sections <xref target="RFC9528" section="9.1" sectionFormat="bare"/> and
<xref target="RFC9528" section="9.4" sectionFormat="bare"/> of <xref target="RFC <xref target="RFC9528" section="9.4" sectionFormat="bare"/> of <xref target="RFC
9528"/>). As an example, if EDHOC is used with method 3 (see <xref section="3.2" 9528"/>). As an example, if EDHOC is used with method 3 (see <xref section="3.2"
sectionFormat="of" target="RFC9528"/>) and cipher suite 2 (see <xref section="3 sectionFormat="of" target="RFC9528"/>) and cipher suite 2 (see <xref section="3
.6" sectionFormat="of" target="RFC9528"/>), then the following holds.</t> .6" sectionFormat="of" target="RFC9528"/>), then the following holds:</t>
<ul spacing="normal"> <ul spacing="normal">
<li>The Initiator is authenticated with 128-bit security against online attacks. As per <xref section="9.1" sectionFormat="of" target="RFC9528"/>, this results from the combination of the strength of the 64-bit MAC in EDHOC message_ 3 and of the 64-bit MAC in the AEAD of the first OSCORE-protected CoAP request, as rebuilt at step 7 of <xref target="server-processing"/>.</li> <li>The Initiator is authenticated with 128-bit security against online attacks. As per <xref section="9.1" sectionFormat="of" target="RFC9528"/>, this results from the combination of the strength of the 64-bit Message Authenticatio n Code (MAC) in EDHOC message_3 and of the 64-bit MAC in the Authenticated Encry ption with Associated Data (AEAD) of the first OSCORE-protected CoAP request as rebuilt at <xref target="L2S7" format="none">Step 7</xref> of <xref target="serv er-processing"/>.</li>
<li>The Responder is authenticated with 128-bit security against online attacks. As per <xref section="9.1" sectionFormat="of" target="RFC9528"/>, this results from the combination of the strength of the 64-bit MAC in EDHOC message_ 2 and of the 64-bit MAC in the AEAD of the first OSCORE-protected CoAP response. </li> <li>The Responder is authenticated with 128-bit security against online attacks. As per <xref section="9.1" sectionFormat="of" target="RFC9528"/>, this results from the combination of the strength of the 64-bit MAC in EDHOC message_ 2 and of the 64-bit MAC in the AEAD of the first OSCORE-protected CoAP response. </li>
</ul> </ul>
<t>With reference to the sequential workflow in <xref target="fig-non-comb <t>With reference to the sequential workflow in <xref target="fig-non-comb
ined"/>, the OSCORE request might have to undergo access control checks at the s ined"/>, the OSCORE request might have to undergo access-control checks at the s
erver, before being actually executed for accessing the target protected resourc erver before being actually executed for accessing the target protected resource
e. The same <bcp14>MUST</bcp14> hold when the optimized workflow in <xref target . The same <bcp14>MUST</bcp14> hold when the optimized workflow in <xref target=
="fig-combined"/> is used, i.e., when using the EDHOC + OSCORE request.</t> "fig-combined"/> is used, i.e., when using the EDHOC + OSCORE request.</t>
<t>That is, the rebuilt OSCORE-protected application request from step 7 i <t>That is, the rebuilt OSCORE-protected application request from <xref ta
n <xref target="server-processing"/> <bcp14>MUST</bcp14> undergo the same access rget="L2S7" format="none">Step 7</xref> in <xref target="server-processing"/> <b
control checks that would be performed on a traditional OSCORE-protected applic cp14>MUST</bcp14> undergo the same access-control checks that would be performed
ation request sent individually as shown in <xref target="fig-non-combined"/>.</ on a traditional OSCORE-protected application request sent individually as show
t> n in <xref target="fig-non-combined"/>.</t>
<t>To this end, validated information to perform access control checks (e.
g., an access token issued by a trusted party) has to be available at the server <t>To this end, validated information to perform access-control checks (e.g., an
before starting to process the rebuilt OSCORE-protected application request. Su access token issued by a trusted party) has to be available at the server befor
ch information may have been provided to the server separately before starting t e starting to process the rebuilt OSCORE-protected application request. Such inf
he EDHOC execution altogether, or instead as External Authorization Data during ormation may have been provided to the server separately before starting the EDH
the EDHOC execution (see <xref section="3.8" sectionFormat="of" target="RFC9528" OC execution altogether, or instead as External Authorization Data during the ED
/>).</t> HOC execution (see <xref section="3.8" sectionFormat="of" target="RFC9528"/>).</
t>
<t>Thus, a successful completion of the EDHOC protocol and the following d erivation of the OSCORE Security Context at the server do not play a role in det ermining whether the rebuilt OSCORE-protected request is authorized to access th e target protected resource at the server.</t> <t>Thus, a successful completion of the EDHOC protocol and the following d erivation of the OSCORE Security Context at the server do not play a role in det ermining whether the rebuilt OSCORE-protected request is authorized to access th e target protected resource at the server.</t>
</section> </section>
<section anchor="iana-considerations"> <section anchor="iana-considerations">
<name>IANA Considerations</name> <name>IANA Considerations</name>
<t>This document has the following actions for IANA.</t> <t>This document has the following actions for IANA.</t>
<t>Note to RFC Editor: Please replace all occurrences of "[RFC-XXXX]" with the RFC number of this specification and delete this paragraph.</t>
<section anchor="iana-coap-options"> <section anchor="iana-coap-options">
<name>CoAP Option Numbers Registry</name> <name>CoAP Option Numbers Registry</name>
<t>IANA is asked to enter the following option number to the "CoAP Optio n Numbers" registry within the "CoRE Parameters" registry group.</t> <t>IANA has registered the following option number in the "CoAP Option N umbers" registry within the "Constrained RESTful Environments (CoRE) Parameters" registry group.</t>
<table align="center"> <table align="center">
<name>Registrations in CoAP Option Numbers Registry</name> <name>Registration in the "CoAP Option Numbers" Registry</name>
<thead> <thead>
<tr> <tr>
<th align="left">Number</th> <th align="left">Number</th>
<th align="left">Name</th> <th align="left">Name</th>
<th align="left">Reference</th> <th align="left">Reference</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<tr> <tr>
<td align="left">21</td> <td align="left">21</td>
<td align="left">EDHOC</td> <td align="left">EDHOC</td>
<td align="left">[RFC-XXXX]</td> <td align="left">RFC 9668</td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
<t>Note to RFC Editor: Please delete this paragraph and all the followin
g text within the present <xref target="iana-coap-options"/>.</t>
<t>[</t>
<t>The CoAP option number 21 is consistent with the properties of the ED
HOC Option defined in <xref target="edhoc-option"/>, and it allows the EDHOC Opt
ion to always result in an overall size of 1 byte. This is because:</t>
<ul spacing="normal">
<li>The EDHOC option is always empty, i.e., with zero-length value; an
d</li>
<li>Since the OSCORE Option with option number 9 is always present in
the EDHOC + OSCORE request, the EDHOC Option is encoded with a delta equal to at
most 12.</li>
</ul>
<t>Although the currently unassigned option number 13 would also work we
ll for the same reasons in the use case in question, different use cases or prot
ocols may make a better use of the option number 13. Hence the preference for th
e option number 21, and why it is <em>not</em> necessary to register additional
option numbers than 21.</t>
<t>]</t>
</section> </section>
<section anchor="iana-target-attributes"> <section anchor="iana-target-attributes">
<name>Target Attributes Registry</name> <name>Target Attributes Registry</name>
<t>IANA is asked to register the following entries in the "Target Attrib <t>IANA has registered the following entries in the "Target Attributes"
utes" registry <xref target="CORE.Target.Attributes"/> within the "Constrained R registry <xref target="CORE.Target.Attributes"/> within the "Constrained RESTful
ESTful Environments (CoRE) Parameters" registry group, as per <xref target="I-D. Environments (CoRE) Parameters" registry group as per <xref target="RFC9423"/>.
ietf-core-target-attr"/>. For all entries, the Change Controller is "IETF" and the reference is "[RFC 9668
For all entries, the Change Controller is IETF, and the reference is [RFC-XXXX]. ]".</t>
</t>
<table align="center"> <table align="center">
<name>Registrations in Target Attributes Registry</name> <name>Registrations in the "Target Attributes" Registry</name>
<thead> <thead>
<tr> <tr>
<th align="left">Attribute Name:</th> <th align="left">Attribute Name</th>
<th align="left">Brief Description:</th> <th align="left">Brief Description</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<tr> <tr>
<td align="left">ed-i</td> <td align="left">ed-i</td>
<td align="left">Hint: support for the EDHOC Initiator role</td> <td align="left">Hint: support for the EDHOC Initiator role</td>
</tr> </tr>
<tr> <tr>
<td align="left">ed-r</td> <td align="left">ed-r</td>
<td align="left">Hint: support for the EDHOC Responder role</td> <td align="left">Hint: support for the EDHOC Responder role</td>
skipping to change at line 783 skipping to change at line 804
<tr> <tr>
<td align="left">ed-idcred-t</td> <td align="left">ed-idcred-t</td>
<td align="left">A supported type of authentication credential ide ntifier for EDHOC</td> <td align="left">A supported type of authentication credential ide ntifier for EDHOC</td>
</tr> </tr>
<tr> <tr>
<td align="left">ed-ead</td> <td align="left">ed-ead</td>
<td align="left">A supported External Authorization Data (EAD) ite m for EDHOC</td> <td align="left">A supported External Authorization Data (EAD) ite m for EDHOC</td>
</tr> </tr>
<tr> <tr>
<td align="left">ed-comb-req</td> <td align="left">ed-comb-req</td>
<td align="left">Hint: support for the EDHOC+OSCORE request</td> <td align="left">Hint: support for the EDHOC + OSCORE request</td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
</section> </section>
<section anchor="iana-edhoc-auth-cred-types"> <section anchor="iana-edhoc-auth-cred-types">
<name>EDHOC Authentication Credential Types Registry</name> <name>EDHOC Authentication Credential Types Registry</name>
<t>IANA is requested to create a new "EDHOC Authentication Credential Ty <t>IANA has created the "EDHOC Authentication Credential Types" registry
pes" registry within the "Ephemeral Diffie-Hellman Over COSE (EDHOC)" registry g within the "Ephemeral Diffie-Hellman Over COSE (EDHOC)" registry group defined
roup defined in <xref target="RFC9528"/>.</t> in <xref target="RFC9528"/>.</t>
<t>As registration policy, the registry uses either "Standards Action wi <t>The registration policy is either "Private Use", "Standards Action wi
th Expert Review", or "Specification Required" per <xref section="4.6" sectionFo th Expert Review", or "Specification Required" per <xref target="RFC8126"/>. "Ex
rmat="of" target="RFC8126"/>. Expert Review guidelines are provided in <xref tar pert Review" guidelines are provided in <xref target="review"/>.</t>
get="review"/>.</t> <t>All assignments according to "Standards Action with Expert Review"
<t>All assignments according to "Standards Action with Expert Review" ar are made on a "Standards Action" basis per <xref section="4.9"
e made on a "Standards Action" basis per <xref section="4.9" sectionFormat="of" sectionFormat="of" target="RFC8126"/> with "Expert Review"
target="RFC8126"/>, with Expert Review additionally required per <xref section=" additionally required per <xref section="4.5" sectionFormat="of"
4.5" sectionFormat="of" target="RFC8126"/>. The procedure for early IANA allocat target="RFC8126"/>. The procedure for early IANA allocation of
ion of Standards Track code points defined in <xref target="RFC7120"/> also appl "standards track code points" defined in <xref target="RFC7120"/> also
ies. When such a procedure is used, review and approval by the designated expert applies. When such a procedure is used, IANA will ask the designated
are also required, in order for the WG chairs to determine that the conditions expert(s) to approve the early allocation before registration. In
for early allocation are met (see step 2 in <xref section="3.1" sectionFormat="o addition, working group chairs are encouraged to consult the expert(s)
f" target="RFC7120"/>).</t> early during the process outlined in <xref section="3.1"
sectionFormat="of" target="RFC7120"/>.</t>
<t>The columns of this registry are:</t> <t>The columns of this registry are:</t>
<ul spacing="normal"> <dl spacing="normal">
<li> <dt>Value:</dt><dd><t>This field contains the value used to identify t
<t>Value: This field contains the value used to identify the type of he type of authentication credential. These values <bcp14>MUST</bcp14> be unique
authentication credential. These values <bcp14>MUST</bcp14> be unique. The valu . The value can be an unsigned integer or a negative integer. Different ranges o
e can be an unsigned integer or a negative integer, in the range from -65536 to f values use different registration policies:</t>
65535. Different ranges of values use different registration policies <xref targ
et="RFC8126"/>: </t>
<ul spacing="normal"> <ul spacing="normal">
<li>Integer values from -24 to 23 are designated as "Standards Act ion With Expert Review".</li> <li>Integer values from -24 to 23 are designated as "Standards Act ion With Expert Review".</li>
<li>Integer values from -65536 to -25 and from 24 to 65535 are des ignated as "Specification Required".</li> <li>Integer values from -65536 to -25 and from 24 to 65535 are des ignated as "Specification Required".</li>
<li>Integer values smaller than -65536 and greater than 65535 are marked as "Private Use".</li> <li>Integer values smaller than -65536 and greater than 65535 are marked as "Private Use".</li>
</ul> </ul>
</li> </dd>
<li>Description: This field contains a short description of the type o <dt>Description:</dt><dd>This field contains a short description of th
f authentication credential.</li> e type of authentication credential.</dd>
<li>Reference: This field contains a pointer to the public specificati <dt>Reference:</dt><dd>This field contains a pointer to the public spe
on for the type of authentication credential.</li> cification for the type of authentication credential.</dd>
</ul> </dl>
<t>Initial entries in this registry are as listed in <xref target="pre-r
eg"/>.</t>
<table align="center" anchor="pre-reg"> <table align="center" anchor="pre-reg">
<name>Initial Entries in the "EDHOC Authentication Credential Types" R egistry</name> <name>Initial Entries in the "EDHOC Authentication Credential Types" R egistry</name>
<thead> <thead>
<tr> <tr>
<th align="left">Value</th> <th align="left">Value</th>
<th align="left">Description</th> <th align="left">Description</th>
<th align="left">Reference</th> <th align="left">Reference</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
skipping to change at line 839 skipping to change at line 869
<tr> <tr>
<td align="left">2</td> <td align="left">2</td>
<td align="left">X.509 certificate</td> <td align="left">X.509 certificate</td>
<td align="left"> <td align="left">
<xref target="RFC5280"/></td> <xref target="RFC5280"/></td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
</section> </section>
<section anchor="review"> <section anchor="review">
<name>Expert Review Instructions</name> <name>Expert Review Instructions</name>
<t>The IANA registry established in this document is defined as "Standar <t>"Standards Action with Expert Review" and "Specification Required" ar
ds Action with Expert Review" or "Specification Required", depending on the rang e two of the registration policies defined for the IANA registry established in
e of values for which an assignment is requested. This section gives some genera <xref target="iana-edhoc-auth-cred-types"/>.
l guidelines for what the experts should be looking for; but they are being desi This section gives some general guidelines for what the experts should be lookin
gnated as experts for a reason, so they should be given substantial latitude.</t g for; however, they are being designated as experts for a reason, so they shoul
> d be given substantial latitude.</t>
<t>Expert reviewers should take into consideration the following points: </t> <t>Expert reviewers should take into consideration the following points: </t>
<ul spacing="normal"> <ul spacing="normal">
<li>Clarity and correctness of registrations. Experts are expected to check the clarity of purpose and use of the requested entries. Experts need to m ake sure that registered identifiers indicate a type of authentication credentia l whose format and encoding is clearly defined in the corresponding specificatio n. Identifiers of types of authentication credentials that do not meet these obj ective of clarity and completeness must not be registered.</li> <li>Clarity and correctness of registrations. Experts are expected to check the clarity of purpose and use of the requested entries. Experts need to m ake sure that registered identifiers indicate a type of authentication credentia l whose format and encoding is clearly defined in the corresponding specificatio n. Identifiers of types of authentication credentials that do not meet these obj ectives of clarity and completeness must not be registered.</li>
<li>Point squatting should be discouraged. Reviewers are encouraged to get sufficient information for registration requests to ensure that the usage i s not going to duplicate one that is already registered and that the point is li kely to be used in deployments. The zones tagged as "Private Use" are intended f or testing purposes and closed environments. Code points in other ranges should not be assigned for testing.</li> <li>Point squatting should be discouraged. Reviewers are encouraged to get sufficient information for registration requests to ensure that the usage i s not going to duplicate one that is already registered and that the point is li kely to be used in deployments. The zones tagged as "Private Use" are intended f or testing purposes and closed environments. Code points in other ranges should not be assigned for testing.</li>
<li>Specifications are required for the "Standards Action With Expert Review" range of point assignment. Specifications should exist for "Specificatio n Required" ranges, but early assignment before a specification is available is considered to be permissible. When specifications are not provided, the descript ion provided needs to have sufficient information to identify what the point is being used for.</li> <li>Specifications are required for the "Standards Action With Expert Review" range of point assignment. Specifications should exist for "Specificatio n Required" ranges, but early assignment before a specification is available is considered to be permissible. When specifications are not provided, the descript ion provided needs to have sufficient information to identify what the point is being used for.</li>
<li>Experts should take into account the expected usage of fields when <li>Experts should take into account the expected usage of fields
approving point assignment. The fact that there is a range for Standards Track when approving point assignment. Documents published via Standards
documents does not mean that a Standards Track document cannot have points assig Action can also register points outside the Standards Action
ned outside of that range. The length of the encoded value should be weighed aga range. The length of the encoded value should be weighed against how
inst how many code points of that length are left, the size of device it will be many code points of that length are left, the size of device it will
used on, and the number of code points left that encode to that size.</li> be used on, and the number of code points left that encode to that
size.</li>
</ul> </ul>
</section> </section>
</section> </section>
</middle> </middle>
<back> <back>
<references> <references>
<name>References</name> <name>References</name>
<references> <references>
<name>Normative References</name> <name>Normative References</name>
<reference anchor="RFC5280">
<front> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.52
<title>Internet X.509 Public Key Infrastructure Certificate and Cert 80.xml"/>
ificate Revocation List (CRL) Profile</title> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.66
<author fullname="D. Cooper" initials="D." surname="Cooper"/> 90.xml"/>
<author fullname="S. Santesson" initials="S." surname="Santesson"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.71
<author fullname="S. Farrell" initials="S." surname="Farrell"/> 20.xml"/>
<author fullname="S. Boeyen" initials="S." surname="Boeyen"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.72
<author fullname="R. Housley" initials="R." surname="Housley"/> 52.xml"/>
<author fullname="W. Polk" initials="W." surname="Polk"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.79
<date month="May" year="2008"/> 59.xml"/>
<abstract> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.81
<t>This memo profiles the X.509 v3 certificate and X.509 v2 certif 26.xml"/>
icate revocation list (CRL) for use in the Internet. An overview of this approac <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.82
h and model is provided as an introduction. The X.509 v3 certificate format is d 88.xml"/>
escribed in detail, with additional information regarding the format and semanti <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.83
cs of Internet name forms. Standard certificate extensions are described and two 92.xml"/>
Internet-specific extensions are defined. A set of required certificate extensi <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.86
ons is specified. The X.509 v2 CRL format is described in detail along with stan 13.xml"/>
dard and Internet-specific extensions. An algorithm for X.509 certification path <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.89
validation is described. An ASN.1 module and examples are provided in the appen 49.xml"/>
dices. [STANDARDS-TRACK]</t> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.91
</abstract> 76.xml"/>
</front> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.95
<seriesInfo name="RFC" value="5280"/> 28.xml"/>
<seriesInfo name="DOI" value="10.17487/RFC5280"/>
</reference> <reference anchor="COSE.Header.Parameters" target="https://www.iana.org/
<reference anchor="RFC6690"> assignments/cose">
<front>
<title>Constrained RESTful Environments (CoRE) Link Format</title>
<author fullname="Z. Shelby" initials="Z." surname="Shelby"/>
<date month="August" year="2012"/>
<abstract>
<t>This specification defines Web Linking using a link format for
use by constrained web servers to describe hosted resources, their attributes, a
nd other relationships between links. Based on the HTTP Link Header field define
d in RFC 5988, the Constrained RESTful Environments (CoRE) Link Format is carrie
d as a payload and is assigned an Internet media type. "RESTful" refers to the R
epresentational State Transfer (REST) architecture. A well-known URI is defined
as a default entry point for requesting the links hosted by a server. [STANDARDS
-TRACK]</t>
</abstract>
</front>
<seriesInfo name="RFC" value="6690"/>
<seriesInfo name="DOI" value="10.17487/RFC6690"/>
</reference>
<reference anchor="RFC7120">
<front>
<title>Early IANA Allocation of Standards Track Code Points</title>
<author fullname="M. Cotton" initials="M." surname="Cotton"/>
<date month="January" year="2014"/>
<abstract>
<t>This memo describes the process for early allocation of code po
ints by IANA from registries for which "Specification Required", "RFC Required",
"IETF Review", or "Standards Action" policies apply. This process can be used t
o alleviate the problem where code point allocation is needed to facilitate desi
red or required implementation and deployment experience prior to publication of
an RFC, which would normally trigger code point allocation. The procedures in t
his document are intended to apply only to IETF Stream documents.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="100"/>
<seriesInfo name="RFC" value="7120"/>
<seriesInfo name="DOI" value="10.17487/RFC7120"/>
</reference>
<reference anchor="RFC7252">
<front>
<title>The Constrained Application Protocol (CoAP)</title>
<author fullname="Z. Shelby" initials="Z." surname="Shelby"/>
<author fullname="K. Hartke" initials="K." surname="Hartke"/>
<author fullname="C. Bormann" initials="C." surname="Bormann"/>
<date month="June" year="2014"/>
<abstract>
<t>The Constrained Application Protocol (CoAP) is a specialized we
b transfer protocol for use with constrained nodes and constrained (e.g., low-po
wer, lossy) networks. The nodes often have 8-bit microcontrollers with small amo
unts of ROM and RAM, while constrained networks such as IPv6 over Low-Power Wire
less Personal Area Networks (6LoWPANs) often have high packet error rates and a
typical throughput of 10s of kbit/s. The protocol is designed for machine- to-ma
chine (M2M) applications such as smart energy and building automation.</t>
<t>CoAP provides a request/response interaction model between appl
ication endpoints, supports built-in discovery of services and resources, and in
cludes key concepts of the Web such as URIs and Internet media types. CoAP is de
signed to easily interface with HTTP for integration with the Web while meeting
specialized requirements such as multicast support, very low overhead, and simpl
icity for constrained environments.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="7252"/>
<seriesInfo name="DOI" value="10.17487/RFC7252"/>
</reference>
<reference anchor="RFC7959">
<front>
<title>Block-Wise Transfers in the Constrained Application Protocol
(CoAP)</title>
<author fullname="C. Bormann" initials="C." surname="Bormann"/>
<author fullname="Z. Shelby" initials="Z." role="editor" surname="Sh
elby"/>
<date month="August" year="2016"/>
<abstract>
<t>The Constrained Application Protocol (CoAP) is a RESTful transf
er protocol for constrained nodes and networks. Basic CoAP messages work well fo
r small payloads from sensors and actuators; however, applications will need to
transfer larger payloads occasionally -- for instance, for firmware updates. In
contrast to HTTP, where TCP does the grunt work of segmenting and resequencing,
CoAP is based on datagram transports such as UDP or Datagram Transport Layer Sec
urity (DTLS). These transports only offer fragmentation, which is even more prob
lematic in constrained nodes and networks, limiting the maximum size of resource
representations that can practically be transferred.</t>
<t>Instead of relying on IP fragmentation, this specification exte
nds basic CoAP with a pair of "Block" options for transferring multiple blocks o
f information from a resource representation in multiple request-response pairs.
In many important cases, the Block options enable a server to be truly stateles
s: the server can handle each block transfer separately, with no need for a conn
ection setup or other server-side memory of previous block transfers. Essentiall
y, the Block options provide a minimal way to transfer larger representations in
a block-wise fashion.</t>
<t>A CoAP implementation that does not support these options gener
ally is limited in the size of the representations that can be exchanged, so the
re is an expectation that the Block options will be widely used in CoAP implemen
tations. Therefore, this specification updates RFC 7252.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="7959"/>
<seriesInfo name="DOI" value="10.17487/RFC7959"/>
</reference>
<reference anchor="RFC8126">
<front>
<title>Guidelines for Writing an IANA Considerations Section in RFCs
</title>
<author fullname="M. Cotton" initials="M." surname="Cotton"/>
<author fullname="B. Leiba" initials="B." surname="Leiba"/>
<author fullname="T. Narten" initials="T." surname="Narten"/>
<date month="June" year="2017"/>
<abstract>
<t>Many protocols make use of points of extensibility that use con
stants to identify various protocol parameters. To ensure that the values in the
se fields do not have conflicting uses and to promote interoperability, their al
locations are often coordinated by a central record keeper. For IETF protocols,
that role is filled by the Internet Assigned Numbers Authority (IANA).</t>
<t>To make assignments in a given registry prudently, guidance des
cribing the conditions under which new values should be assigned, as well as whe
n and how modifications to existing values can be made, is needed. This document
defines a framework for the documentation of these guidelines by specification
authors, in order to assure that the provided guidance for the IANA Consideratio
ns is clear and addresses the various issues that are likely in the operation of
a registry.</t>
<t>This is the third edition of this document; it obsoletes RFC 52
26.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="26"/>
<seriesInfo name="RFC" value="8126"/>
<seriesInfo name="DOI" value="10.17487/RFC8126"/>
</reference>
<reference anchor="RFC8288">
<front>
<title>Web Linking</title>
<author fullname="M. Nottingham" initials="M." surname="Nottingham"/
>
<date month="October" year="2017"/>
<abstract>
<t>This specification defines a model for the relationships betwee
n resources on the Web ("links") and the type of those relationships ("link rela
tion types").</t>
<t>It also defines the serialisation of such links in HTTP headers
with the Link header field.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="8288"/>
<seriesInfo name="DOI" value="10.17487/RFC8288"/>
</reference>
<reference anchor="RFC8392">
<front>
<title>CBOR Web Token (CWT)</title>
<author fullname="M. Jones" initials="M." surname="Jones"/>
<author fullname="E. Wahlstroem" initials="E." surname="Wahlstroem"/
>
<author fullname="S. Erdtman" initials="S." surname="Erdtman"/>
<author fullname="H. Tschofenig" initials="H." surname="Tschofenig"/
>
<date month="May" year="2018"/>
<abstract>
<t>CBOR Web Token (CWT) is a compact means of representing claims
to be transferred between two parties. The claims in a CWT are encoded in the Co
ncise Binary Object Representation (CBOR), and CBOR Object Signing and Encryptio
n (COSE) is used for added application-layer security protection. A claim is a p
iece of information asserted about a subject and is represented as a name/value
pair consisting of a claim name and a claim value. CWT is derived from JSON Web
Token (JWT) but uses CBOR rather than JSON.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="8392"/>
<seriesInfo name="DOI" value="10.17487/RFC8392"/>
</reference>
<reference anchor="RFC8613">
<front>
<title>Object Security for Constrained RESTful Environments (OSCORE)
</title>
<author fullname="G. Selander" initials="G." surname="Selander"/>
<author fullname="J. Mattsson" initials="J." surname="Mattsson"/>
<author fullname="F. Palombini" initials="F." surname="Palombini"/>
<author fullname="L. Seitz" initials="L." surname="Seitz"/>
<date month="July" year="2019"/>
<abstract>
<t>This document defines Object Security for Constrained RESTful E
nvironments (OSCORE), a method for application-layer protection of the Constrain
ed Application Protocol (CoAP), using CBOR Object Signing and Encryption (COSE).
OSCORE provides end-to-end protection between endpoints communicating using CoA
P or CoAP-mappable HTTP. OSCORE is designed for constrained nodes and networks s
upporting a range of proxy operations, including translation between different t
ransport protocols.</t>
<t>Although an optional functionality of CoAP, OSCORE alters CoAP
options processing and IANA registration. Therefore, this document updates RFC 7
252.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="8613"/>
<seriesInfo name="DOI" value="10.17487/RFC8613"/>
</reference>
<reference anchor="RFC8949">
<front>
<title>Concise Binary Object Representation (CBOR)</title>
<author fullname="C. Bormann" initials="C." surname="Bormann"/>
<author fullname="P. Hoffman" initials="P." surname="Hoffman"/>
<date month="December" year="2020"/>
<abstract>
<t>The Concise Binary Object Representation (CBOR) is a data forma
t whose design goals include the possibility of extremely small code size, fairl
y small message size, and extensibility without the need for version negotiation
. These design goals make it different from earlier binary serializations such a
s ASN.1 and MessagePack.</t>
<t>This document obsoletes RFC 7049, providing editorial improveme
nts, new details, and errata fixes while keeping full compatibility with the int
erchange format of RFC 7049. It does not create a new version of the format.</t>
</abstract>
</front>
<seriesInfo name="STD" value="94"/>
<seriesInfo name="RFC" value="8949"/>
<seriesInfo name="DOI" value="10.17487/RFC8949"/>
</reference>
<reference anchor="RFC9176">
<front>
<title>Constrained RESTful Environments (CoRE) Resource Directory</t
itle>
<author fullname="C. Amsüss" initials="C." role="editor" surname="Am
süss"/>
<author fullname="Z. Shelby" initials="Z." surname="Shelby"/>
<author fullname="M. Koster" initials="M." surname="Koster"/>
<author fullname="C. Bormann" initials="C." surname="Bormann"/>
<author fullname="P. van der Stok" initials="P." surname="van der St
ok"/>
<date month="April" year="2022"/>
<abstract>
<t>In many Internet of Things (IoT) applications, direct discovery
of resources is not practical due to sleeping nodes or networks where multicast
traffic is inefficient. These problems can be solved by employing an entity cal
led a Resource Directory (RD), which contains information about resources held o
n other servers, allowing lookups to be performed for those resources. The input
to an RD is composed of links, and the output is composed of links constructed
from the information stored in the RD. This document specifies the web interface
s that an RD supports for web servers to discover the RD and to register, mainta
in, look up, and remove information on resources. Furthermore, new target attrib
utes useful in conjunction with an RD are defined.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="9176"/>
<seriesInfo name="DOI" value="10.17487/RFC9176"/>
</reference>
<reference anchor="RFC9528">
<front>
<title>Ephemeral Diffie-Hellman Over COSE (EDHOC)</title>
<author fullname="G. Selander" initials="G." surname="Selander"/>
<author fullname="J. Preuß Mattsson" initials="J." surname="Preuß Ma
ttsson"/>
<author fullname="F. Palombini" initials="F." surname="Palombini"/>
<date month="March" year="2024"/>
<abstract>
<t>This document specifies Ephemeral Diffie-Hellman Over COSE (EDH
OC), a very compact and lightweight authenticated Diffie-Hellman key exchange wi
th ephemeral keys. EDHOC provides mutual authentication, forward secrecy, and id
entity protection. EDHOC is intended for usage in constrained scenarios, and a m
ain use case is to establish an Object Security for Constrained RESTful Environm
ents (OSCORE) security context. By reusing CBOR Object Signing and Encryption (C
OSE) for cryptography, Concise Binary Object Representation (CBOR) for encoding,
and Constrained Application Protocol (CoAP) for transport, the additional code
size can be kept very low.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="9528"/>
<seriesInfo name="DOI" value="10.17487/RFC9528"/>
</reference>
<reference anchor="COSE.Header.Parameters" target="https://www.iana.org/
assignments/cose/cose.xhtml#header-parameters">
<front> <front>
<title>COSE Header Parameters</title> <title>COSE Header Parameters</title>
<author> <author>
<organization>IANA</organization> <organization>IANA</organization>
</author> </author>
<date/> <date/>
</front> </front>
</reference> </reference>
<reference anchor="CORE.Target.Attributes" target="https://www.iana.org/
assignments/core-parameters/core-parameters.xhtml#target-attributes"> <reference anchor="CORE.Target.Attributes" target="https://www.iana.org/
assignments/core-parameters">
<front> <front>
<title>Target Attributes</title> <title>Target Attributes</title>
<author> <author>
<organization>IANA</organization> <organization>IANA</organization>
</author> </author>
<date/> <date/>
</front> </front>
</reference> </reference>
<reference anchor="RFC2119">
<front> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.21
<title>Key words for use in RFCs to Indicate Requirement Levels</tit 19.xml"/>
le> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.81
<author fullname="S. Bradner" initials="S." surname="Bradner"/> 74.xml"/>
<date month="March" year="1997"/>
<abstract>
<t>In many standards track documents several words are used to sig
nify the requirements in the specification. These words are often capitalized. T
his document defines these words as they should be interpreted in IETF documents
. This document specifies an Internet Best Current Practices for the Internet Co
mmunity, and requests discussion and suggestions for improvements.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="14"/>
<seriesInfo name="RFC" value="2119"/>
<seriesInfo name="DOI" value="10.17487/RFC2119"/>
</reference>
<reference anchor="RFC8174">
<front>
<title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</ti
tle>
<author fullname="B. Leiba" initials="B." surname="Leiba"/>
<date month="May" year="2017"/>
<abstract>
<t>RFC 2119 specifies common key words that may be used in protoco
l specifications. This document aims to reduce the ambiguity by clarifying that
only UPPERCASE usage of the key words have the defined special meanings.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="14"/>
<seriesInfo name="RFC" value="8174"/>
<seriesInfo name="DOI" value="10.17487/RFC8174"/>
</reference>
</references> </references>
<references> <references>
<name>Informative References</name> <name>Informative References</name>
<reference anchor="I-D.ietf-core-target-attr"> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.94
<front> 23.xml"/>
<title>CoRE Target Attributes Registry</title>
<author fullname="Carsten Bormann" initials="C." surname="Bormann">
<organization>Universität Bremen TZI</organization>
</author>
<date day="11" month="October" year="2023"/>
<abstract>
<t> The Constrained RESTful Environments (CoRE) specifications a
pply Web
technologies to constrained environments. One important such
technology is Web Linking (RFC 8288), which CoRE specifications use
as the basis for a number of discovery protocols, such as the Link
Format (RFC 6690) in CoAP's Resource Discovery Protocol (Section 7.2
of RFC7252) and the Resource Directory (RD, RFC 9176).
Web Links can have target attributes, the names of which are not
generally coordinated by the Web Linking specification (Section 2.2
of RFC 8288). This document introduces an IANA registry for
coordinating names of target attributes when used in CoRE. It
updates the RD Parameters IANA Registry created by RFC 9176 to
coordinate with this registry.
</t>
</abstract>
</front>
<seriesInfo name="Internet-Draft" value="draft-ietf-core-target-attr-0
6"/>
</reference>
</references> </references>
</references> </references>
<section anchor="sec-document-updates" removeInRFC="true">
<name>Document Updates</name>
<section anchor="sec-10-11">
<name>Version -10 to -11</name>
<ul spacing="normal">
<li>Avoid using quotation marks for CBOR Simple Values.</li>
<li>Early mentioning of the optimization properties.</li>
<li>Less entries of new IANA registry; made their references normative
.</li>
<li>Clarified meaning of "Standards Action with Expert Review" policy.
</li>
<li>Clarifications, simplified phrasing, and editorial improvements.</
li>
<li>Updated references.</li>
</ul>
</section>
<section anchor="sec-09-10">
<name>Version -09 to -10</name>
<ul spacing="normal">
<li>Expanded acronyms in the document title.</li>
<li>Clarified transport of EDHOC C_R and EDHOC message_3.</li>
<li>Simplified text on the use of EDHOC Connection Identifiers as OSCO
RE Identifiers.</li>
<li>Added the CoAP OSCORE Option in the figures of the EDHOC message f
lows.</li>
<li>Added more pointers to the message processing, now defined in dedi
cated subsections.</li>
<li>Detecting and preventing a loss of performance advantage when usin
g Block-wise transfers is for application policies to specifiy.</li>
<li>Clarified use of EDHOC application profiles.</li>
<li>Clarified security considerations on the achieved security level.<
/li>
<li>Fixes and editorial improvements.</li>
</ul>
</section>
<section anchor="sec-08-09">
<name>Version -08 to -09</name>
<ul spacing="normal">
<li>Clarified meaning of "EDHOC data".</li>
<li>Improved description of entries for the new IANA registry.</li>
<li>Change Controller changed from "IESG" to "IETF".</li>
<li>Editorial: EDHOC Option number denoted as "21" instead of "TBD21".
</li>
<li>Fixed references to sections of draft-ietf-lake-edhoc</li>
<li>Clarifications and editorial improvements.</li>
</ul>
</section>
<section anchor="sec-07-08">
<name>Version -07 to -08</name>
<ul spacing="normal">
<li>Fixes and clarifications from the Shepherd's review.</li>
</ul>
</section>
<section anchor="sec-06-07">
<name>Version -06 to -07</name>
<ul spacing="normal">
<li>Changed document title.</li>
<li>The client creates the OSCORE Security Context after creating EDHO
C message_3.</li>
<li>Revised selection of EDHOC connection identifiers.</li>
<li>Use of "forward message flow" and "reverse message flow".</li>
<li>The payload of the combined request is not a CBOR sequence anymore
.</li>
<li>EDHOC error messages from the server are not protected with OSCORE
.</li>
<li>More future-proof error handling on the server side.</li>
<li>Target attribute names prefixed by "ed-".</li>
<li>Defined new target attributes "ed-i" and "ed-r".</li>
<li>Defined single target attribute "ed-ead" signaling supported EAD i
tems.</li>
<li>Security consideration on the minimally achieved 128-bit security.
</li>
<li>Defined and used the "EDHOC Authentication Credential Types" Regis
try.</li>
<li>High-level sentence replacing the appendix on Block-wise performan
ce.</li>
<li>Revised examples.</li>
<li>Editorial improvements.</li>
</ul>
</section>
<section anchor="sec-05-06">
<name>Version -05 to -06</name>
<ul spacing="normal">
<li>Extended figure on EDHOC sequential workflow.</li>
<li>Revised naming of target attributes.</li>
<li>Clarified semantics of target attributes 'eadx'.</li>
<li>Registration of target attributes.</li>
</ul>
</section>
<section anchor="sec-04-05">
<name>Version -04 to -05</name>
<ul spacing="normal">
<li>Clarifications on Web Linking parameters.</li>
<li>Added security considerations.</li>
<li>Revised IANA considerations to focus on the CoAP option number 21.
</li>
<li>Guidelines on using Block-wise moved to an appendix.</li>
<li>Editorial improvements.</li>
</ul>
</section>
<section anchor="sec-03-04">
<name>Version -03 to -04</name>
<ul spacing="normal">
<li>Renamed "applicability statement" to "application profile".</li>
<li>Use the latest Content-Formats.</li>
<li>Use of <bcp14>SHOULD NOT</bcp14> for multiple simultaneous outstan
ding interactions.</li>
<li>No more special conversion from OSCORE ID to EDHOC ID.</li>
<li>Considerations on using Block-wise.</li>
<li>Wed Linking signaling of multiple supported EAD labels.</li>
<li>Added security considerations.</li>
<li>Editorial improvements.</li>
</ul>
</section>
<section anchor="sec-02-03">
<name>Version -02 to -03</name>
<ul spacing="normal">
<li>Clarifications on transporting EDHOC message_3 in the CoAP payload
.</li>
<li>At most one simultaneous outstanding interaction as an EDHOC + OSC
ORE request with the same server for the same session with connection identifier
C_R.</li>
<li>The EDHOC option is removed from the EDHOC + OSCORE request after
processing the EDHOC data.</li>
<li>Added explicit constraints when selecting a Recipient ID as C_X.</
li>
<li>Added processing steps for when Block-wise is used.</li>
<li>Improved error handling on the server.</li>
<li>Improved section on Web Linking.</li>
<li>Updated figures; editorial improvements.</li>
</ul>
</section>
<section anchor="sec-01-02">
<name>Version -01 to -02</name>
<ul spacing="normal">
<li>New title, abstract and introduction.</li>
<li>Restructured table of content.</li>
<li>Alignment with latest format of EDHOC messages.</li>
<li>Guideline on ID conversions based on application profile.</li>
<li>Clarifications, extension and consistency on application profile.<
/li>
<li>Section on web-linking.</li>
<li>RFC8126 terminology in IANA considerations.</li>
<li>Revised Appendix "Checking CBOR Encoding of Numeric Values".</li>
</ul>
</section>
<section anchor="sec-00-01">
<name>Version -00 to -01</name>
<ul spacing="normal">
<li>Improved background overview of EDHOC.</li>
<li>Added explicit rules for converting OSCORE Sender/Recipient IDs to
EDHOC connection identifiers following the removal of bstr_identifier from EDHO
C.</li>
<li>Revised section organization.</li>
<li>Recommended number for EDHOC option changed to 21.</li>
<li>Editorial improvements.</li>
</ul>
</section>
</section>
<section numbered="false" anchor="acknowledgments"> <section numbered="false" anchor="acknowledgments">
<name>Acknowledgments</name> <name>Acknowledgments</name>
<t>The authors sincerely thank <contact fullname="Christian Amsüss"/>, <co ntact fullname="Emmanuel Baccelli"/>, <contact fullname="Carsten Bormann"/>, <co ntact fullname="Roman Danyliw"/>, <contact fullname="Esko Dijk"/>, <contact full name="Joel Halpern"/>, <contact fullname="Wes Hardaker"/>, <contact fullname="Kl aus Hartke"/>, <contact fullname="John Preuß Mattsson"/>, <contact fullname="Dav id Navarro"/>, <contact fullname="Shuping Peng"/>, <contact fullname="Jim Schaad "/>, <contact fullname="Jürgen Schönwälder"/>, <contact fullname="John Scudder"/ >, <contact fullname="Orie Steele"/>, <contact fullname="Gunter Van de Velde"/>, <contact fullname="Mališa Vučinić"/>, and <contact fullname="Paul Wouters"/> fo r their feedback and comments.</t> <t>The authors sincerely thank <contact fullname="Christian Amsüss"/>, <co ntact fullname="Emmanuel Baccelli"/>, <contact fullname="Carsten Bormann"/>, <co ntact fullname="Roman Danyliw"/>, <contact fullname="Esko Dijk"/>, <contact full name="Joel Halpern"/>, <contact fullname="Wes Hardaker"/>, <contact fullname="Kl aus Hartke"/>, <contact fullname="John Preuß Mattsson"/>, <contact fullname="Dav id Navarro"/>, <contact fullname="Shuping Peng"/>, <contact fullname="Jim Schaad "/>, <contact fullname="Jürgen Schönwälder"/>, <contact fullname="John Scudder"/ >, <contact fullname="Orie Steele"/>, <contact fullname="Gunter Van de Velde"/>, <contact fullname="Mališa Vučinić"/>, and <contact fullname="Paul Wouters"/> fo r their feedback and comments.</t>
<t>The work on this document has been partly supported by VINNOVA and the Celtic-Next project CRITISEC; and by the H2020 project SIFIS-Home (Grant agreeme nt 952652).</t> <t>The work on this document has been partly supported by the Sweden's Inn ovation Agency VINNOVA and the Celtic-Next project CRITISEC, and by the H2020 pr oject SIFIS-Home (Grant agreement 952652).</t>
</section> </section>
</back> </back>
<!-- ##markdown-source:
H4sIAAAAAAAAA+1923IbWZLYO76iTEVY4jSAJkBSEqnVxFIk1aKndVmS6u7x
9IS2gDoAalSowtSFFFvSvvrJ32A7wt8wT/vkXv+X83ZuVYULRc3M2mF2dDcJ
VJ1LZp68Z55er9e5Ogx2O50yLhN1GGy9LeJ0GpwuZmqu8jAJTuLJJFa9FypJ
5mEavL5SeXD8+uI0eHB68uL18XZwHZezoJyp4DhLizIP41RFwdFikcTjsIyz
NHiTZ2U2zpLgwXF29GY7CNMoeD36kxqXwYUaV3lc3gSTLPfePz+9uJxUSXCa
XsV5ls5VWhbBg9cXx6/PT7e3OuFolKsru1pcCS8Ep+AZ6NmtTpSN03AOO4vy
cFL2YlVOeuMsV72soP+paJaNe0lYqqLswIoPg6KMOkU1msdFAcsvbxbw8tnp
5fNOJ17kh0GZV0U53Nk52Bl2wlyF8GVaqjxVZec6y99P86xaHMI6zk+DH+Fv
XN93+FnnvbqBByL7fO8El9TpjLMInjoMKlja404nrMpZlh92gl4Q8NKf52E6
VsU4DN6ESTYfxWncCeAny6dhGv9CYD4MTvN4XBRZSl+peRgnh8FEv9lf6Df/
Uclz/XE2dyZ5GebjLLiMk2wc6tEPg/MzQPXRM/oAsKMUAOisCCd/gp0U07AE
khgO6dsx4PEw+F1clPw67ApGvTjtDR7u7e0EF0AD72dZMpcvq7TM4fmLaxUp
b8lzXEe/pHX8Yx73C+Us8jx+H+ZR8OLXv0yTKo3+nuvMaSn9WUYraaz0olQT
mPRFDhNlv2RXLQgDtFbpLJvAiTqC5R+7oxf0en+mX0esLcp4XEPad7/+BTAM
5ygBmlf5hlQxzeAlWC6/5BNEJ83yObx7pYACg/Pnx/vDxzvy68OHB/rXR4Oh
+XW4P9S/HuwfyK+PB8OH+tfh48f6190D/ezjh4Nd/evBnn7tYPBIv3YAM+Ov
yG36L1QIS+2/CXPYNxyf4pA2ZM5KYCjh7OjVEf0dwZmGExAmiBf4EQ5HzIuH
C+xw/ESYT5FwZmW5KA6//fb6+rofh2nYh4G/DYEdTJkTfTvOCkX/6X+YlfPk
3oyG6y3c4ZD99C9pxP5RWebxqAIe88XL5pECO9JtVwy8zq6v/rfsg4frhXaS
TpxOXII46530LQ91nj/sdGAiPFvw1MXp98+BO/8BsNj7CX7+uNXp9Hq9IBwh
hx8Dz7sEgZHE01l5rfC/BBF8HzgwsH9glYH6MJ6F6VQFCy0/biGUxvDpSAV5
lQYZfnlb+VQV8NDoJiivs2ChAEBBmQUgIcJREhezILSSC0Yt1YeSJBjOUugv
zLLvJOv6weUsLgKQYhV+EUSqhCMMy8FPYZVBNqFpWQTqObu49mKhxvHkBgVQ
GKTVfARwgKfDKIpx3wBG3Gm2kD/mCuEdF/MC51QwtKIRwiS5CeJ0nFSRgjfo
hbmwlyBcwJTheEabGrOAgflwReoDbJgegkkdCY3fTeK8KEVEg0AN0wKIAh6V
3fJAPEOuogokGL1mNwECFdYOVLoo4Ik/VzE8higq4IhUC1ymDN7AE+4ZHoQp
FgmQvvOosw6ALG8jLBsj9JmU53EUJarTuYfiPM9gkfhip3MLIv34Ubjc588B
7Dq87YHo+hgqFXDziDCBhBGnsElLZcVYpWEeZ4DdszSAkw9DV0mYdwU3c1UU
4RQALUeHoLHIcpz91keIdoZyAXZmjhMuzBwhpsrWU3Sn88JTo2z5/LmPbKb9
8KjlZ6dVj+zS73yiYlX8DQ4U0R4fBKF+XqY9VmtPU/CgUAoAwipunIrK+/mz
5iqwkuy6IACHQNBpPK/mzsaQ+bkHLVVjJJL8Rk4aHDScftVJW33MgID70343
uAZKxyfOskvA0VU8VgGIFeQD6SSeVni2gZoB5qpEFdvwWt44QE9pVHuwRNSr
Is6B4lQ3gBMN4/psRIjeHC2m/ll4BQsOwAYAaoUjCLiM5wtYcgCD4gBoLaTj
GxwBlnilbjTP8zCBfAnoXbbHHGWsciBB4GphFGdBCRSSZkk2BZKCHfwICM2q
knm7u5NuEJe4mzQrg0UGUh02hDgAOonVFW9qLfoE5x6E5uF72HNsR3XBJMB5
t7vknAijmIPqA3tNSEUAyi7mQFaa9IAoaKJBf4ijGH633YURK6FA4gX2EDH4
ejgPvA24p7MIalFIJA/QY7UjeHn5Fpb7C8HuchMQ6CUL3OCspngUeXcRKNxV
AugC6rpGI0MTxwSWaGUYi90IUNJXhnR5ieMkRi4DhAIbK+T5sxT2FZZ4xGAZ
8mShcmSp/pPnwB4yVMiJXYDakZPmhegIoysgRFwMrEPLpjoyZXNJBiQoJMcH
xxWnxDSegW31vncdF8LmJ6jgMM8GBR54NjGfHLEJrwjXGwdGXQyuwqRCLgg7
GuFYBg3Pqxxgmc+BzXR5iQ7znRArc1mnVUBhkXnOAKDdZUEE4lPl+KZRQWEx
KlHM8JHxpgK50BFFQDaTGI6HEOC1GvWSOEUzXPgeMmIBlebnESJBiMrqvgg6
Ou3wOp02PR2sM6tyRAtYTcDPkUaFGQPYWhYjxA4CGGQfEjvsI50hZiPYJjBl
IAbiJkU1RuXSTMCiz5AWQvjeveASABwT37hhwkftAF0LRbD18u3F5VaX/x+8
ek2/n5/+09uz89MT/P3ixdH335tfOvLExYvXb78/sb/ZN49fv3x5+uqEX4ZP
A++jztbLo99vsXDcev3m8uz1q6PvtxhwLu7DnPjVSJGaki9yVRLQO8CfxwBu
ptNnx2/+138f7AHW/gOQ4nAwQFLkPx4PHu3BH0jWPBudXP4TcHTTAairMCcx
kSBrWsQlWFBdRGwxy66BqQMtAfh+8weEzB8Pg38YjReDvd/KB7hh70MNM+9D
glnzk8bLDMSWj1qmMdD0Pq9B2l/v0e+9vzXcnQ+ZLHI2cgER6sOCWSkjYRLO
4yQGcDHVAjkVIq2BJBdlIWeVkELk5+hz3eD42etzUbPAbsdPROA5qhcjiY+L
o+Yi/cqnqA5fxeo6+Hgvk18/ixAvRGiIxDMOCdbBqvkc9FhgN4D+kMSiPcaw
Xme2Lv5tNV2QcwVqraAmxx+Co/4QuUFVkHCFg3oVR8SdRmGh4JQqo2XIUWW2
IzwBdQMU70DbslothGpCctnatO7lGZjhNAemhVpgMM5vFmU2zcPFDDgvzAFH
psta0LwqK9Qhe76JcB3eMEO+EQlRsz+UMUyAXRSu+qAFHs0yvmHxYxeGhzdS
gAnmk75AM0KLjhqCJkvRCGY2Dg/BiCq+0gpSTC8nvs3xbtBFlockSioEQPJo
gmIG2CFqnKjsA0DxVxp0Unt9F8zdDAhZlrsaiKJYswAgCYmyRuVIXxOWXtaG
B7qDb8KEydlR331vwHJr07VGCKwGXrQEYFEZAUvbAaQA+bvbc1GFnJ60YpGH
WoMGwojUIslumEqvkdvBwQmsEuWKJa3Z0FkDEp7k2ZzQY1cHc+IHBtmAE6vN
HdW0OccwAl5L74paIXshAxI5CQKBDm3X0ShJtXvA+pT9VC9SVNMbZlYhbEkt
2NIFQKSaVUR4EGAF+TYLG8d6lSO7CG+SLIxw4cTTRD1nzseqR6HYVNtUF0T7
Oi4sV6hpgSTq6wfGPGd1QHnOAr+mPCOrGvjqcz84SjCIIEo3w4213cTa8DmQ
TE7KKgy/EBtePlyypZaph/Wpz1IZCBRNMg0cUd9wJyA2CE6wMSOANHnk2rlA
tIEkBvZeL83Snli+ERLXDBll6HKDpm+pq8nDw0FD486rNLURo1XczGNIdZcJ
SAw43UCFRfCcDNRgsMOnaBXWyCs3i6cz8vPgMkhNLz1uK2q/rBDWjKq3+AaI
B2mus8L07mpBgFaV6JvaeQQLajewLMaI94rlrhl3zflAws45yALwgkASBm9e
g0olB4zYF4ITMRAFv/F16N+Awi1+U0QQgUhOn/7mbR733oSA3K1v+9cgzHrv
U1DoviWvxhafVz2VPuPmYIrlSipLEeOO2HYJ/rnMK/XPwYOdD5P9bVJ80Ka3
qnxDQF2DCJkxwxbfjeuVaWVFwfG7M70CAZBKMdwU6fNoqWW3v+vRir+vGTxP
uE3L3nNSh1x+/u04jjiO+c14lOU90Ey0PwRsmemUtIsWB1IN8rxD4K4JMnI5
TsP+zl7w4JhoJ9o2fFIvj/9qhbsPweGXQvBcQ1BO8K0hKEtcA8IG+J6DxZxo
zrqGvGl5YMjW7UNSL8AsSXArdNbjkiVujbw2o+J1gNoYNN21BL97d/pjFY6E
g2E+JfmbFkk4Vsyjwrqe5zI88o14CnRbpMPBD9kHTCYoAUWrW66ekVx0bB2X
eQ9qxKS3E5ZscdIM6ETWbk2jbOHXMTHQeZW6W2GkOArhK3ie9VG7sWOL3jMf
veJ50nq22ROpDGcnNU7TEOQNDeISlcQJeWpk+Bat6f77OLofwBqSSE8gE79e
aAHsfHguBFOb/aGZnbe+LcZSE2+oLrgBHdbm0e5BF9iYFHvtRHX9QjiE400S
vwJKL9JIEWGgR1QJxSIY1NoZhFN6VBamrR6lprenceBB3sLviKQaAHb7Bz49
dTr/Uv8JwrC4mmLk2FFhNv1xlJzOg5rncXvt2w9qHshtiUwHnzZegPPz6Wu9
3av/GE8pU1nj+9/6c3OU/zDY6e8MgwfItdeAwntb6x2HrYrHurd9dnm4hl/W
337DIoCyjVS3Li7WzX3rH+ftf1gKcxakDZj3mnNruNeUh7Vz888qyK2GGv4Y
yNX0j83mvtXPp06Lkn6Lt+82t3n7/58SlF/1Q7K7duW3/vmCt5sEcqcVfPNF
b1vtJzguP3zZAk5Ql7r7Bv7fZzR7m819q59PHR+Ft33bwd4XzK1/ufWrwUo2
VVcZ/7psiic7DD4G/X4/eBKAWktsI/i8ydsG1w3XCfku17x9658Vp8RCTeza
DU6J/dngvKx424dhK+BWvL0BDO8KtYZK3fl4GNyruxQ5o/LplvgATY4PZQtK
VIe8/GwDO/k8+oTHhfZgRCbWqT6E6F7qb4E9QVkqvTCJp+nTrbHCkOfWZ7CI
dSySTM2mp1Mi5nYJ7JtlZ77JPsBVcp6JuJONeasNRLayyxlaTm72g5P2Rr7W
Rl6QjdHXspL87L7bJfP9e0zgu2eMbSEJ2owOY96rA6YWl9wMSs1IhnGDrAWd
JAxQQkv8ix6tHXojVV6rhhtZvFLhqMiSqlQ2bUgnybQkCME2MyHmNBJiNPlo
bsTsK6XNuJ4byYRpxkpqqTK1JBnyutUzo8R1MQ4LAbWOg0h0ZNNgCKZk4Tp1
0ICX4x9OePbjRxPA/uy5o9BrhtkIHPi0vgobcFyZPpdg/P5GXGQ2jFq3a8jV
T34cE3at+/I6nRcqHStvcYjPRVZqXsdRSAqj1vVogwkb866Jbu1IRmRQNl7w
GsOvhZpj+tw4SADKiRCUHPbCLBapEFM6nYAcJtqRh7CwrNKyya/uO7mj8+Qr
e09WmnZ/ddvujsbdHa27OzpB7qhArLROvsQ8MeAXTSt4gIrXxvbJHQ2Uv6Ur
5I6+EDv7N184e3BHCym4g4309aiuleK+WWUpfd3zfmsracmBrYuQb5Yp/V8P
dBv/fGWXzN/RJ/PVvDJ3MzhXWpzBBkbn6tfXWp2rX19rdt6ZBJdbnWstTv3A
KquxppMrm49tdHMnhFm6hoobQNbqVogZ/tNE1ZmLU62AYXquaygkcyrOAXEt
PtZtnZFvjLAlWSX1fJH2yQOu/QJFXplo4yTTJQJk3ACYisDCNZsqytijxEjZ
mDcvWwmlWnCZi5NGuGIZWuNtmZFti1xJVqQTOmals2dnkNqnjx9Zs/S+wUxk
WlqNtUsOUZtvgPFCVTuUQcGoJiOHUgoozcZCX8cku9bapBT7cakBVM6yyKlY
KvwSsnBsAUXFADwcLdxJ2xMSk7zMddRiLH0xlZsZRoWiqvuuF4sOCyGD4rCD
p/U3JmC9Pg6OG5wpqmn5guj22jh28DZN4vfG5nTMQzzNZCKu8fmYrVRsxq5O
XVxOtX0BTV32tsf1Nxqy6yRbikOh9p5PvuLxidEpMQ5NoN1ZzDy8ofy/LAsS
rLcwVQHWmyYJe4wAr0LM1lqF8vaiGoFCzFmxKi9ZogPqZ5gegO6Ek3fH56cn
786a8fj9Wk7MNiYr16bhSU4/UKZlEhxR1bb29pwg+WPxztEJbKwx/uNauoVO
yXdyJjWbbs+eRXyxhwUn8pJfljGs2GNwWU5uklrqYunWProOHi4TAHCCrLoJ
sHI8TBKugmb0SCahpO9754MdZsxHEJQrVyvlTV5C92qZUEuib3DaXowluMBv
dcq+zteKIy4aoNcabLjxmvia8DWutPH2qv2Css0lTkG7E37NdSIbD60lc3PS
0PdJMLcJQS35YCSTyUtjMOE7alq1nG5TYnrVCrLBmWQWwcsLPE3opNHVFpFl
YD6ytWDS+bCXWG0Z7LFjzFSN1KFwnMdYt5B0g4twonplhjYuug+7OpOnNLmb
QJyq9zvlueMDKtrJxuMqR3fRHGveMqqUg7fpO+Aqar4oMXcXK8VuJO9TUt67
AuBxvCBKoVcA/OhFi4FCHzyvSkzr1WnNBXGuaoHNGbTbk2oZbAZUJgxrhJXa
i5C1LSw50W6wwqkhZi4WzeMSccTldP3tGpCMPCZ/q6kF8xLXY1LujpOwKIK3
XD7dKMYBXH8KXmV90HCP4d+38O8r+Pcc/48uO/i/JPV9Cr5X6RSo6xOYFpyE
+wneHQ7wmQ+kIdt/mXbg/whm/nCH9egHIOPUNurGWhN2aUZrw3X6g2UeP7WE
8fbp27QA4ugGr56+yogKgAi6wfnTc5BJIaZBK1Cb6+pyh5mLKkjmay4nM88V
MFZ7wEyJgRww0qzglGF2WeFoOZrG5xWQGRLWB+pioVh9EobCeoqnEi7lOF3t
sfXz6O2KxNtuhja58QaQNjE+1bEnqon01N9mFf/bkze61At3iWRI7KRWjaE1
YG2nxAvgGZwyWRntOVXXyY3ZsVR6LEwoREQIPA2rb7GSmFpqP21uvTaH1S6+
PoCvdoHX7AcPg0fB4+DgNp91vund8Z/Opx9U/im4RNK//N33xoI8zkDs1CzK
l4IQ0E9d2/ErrCG4zN6D1vIgJjbXpZWMbkpVbKPB/FVmeD0iSpZz+qmmI3+t
WTxZBLB7TZbdazFOZH9fbVODwPvnk3YUfKXxlzsFzAk2XgF7etee3W4jDGuO
qyAlErXUKnC1ZFVhtis8DqD4HLMC9cYqaR/vLVO7GooQl/QaXcKoeWldNyMl
6547S7sqqK3jljV89hKJ0VwJcw7NLlOVjS0Jsw/6GAJGf0PTbEpBI6MP3728
+A5rDBtp9fv9vVpxFAw57AenXo0OcMmVsWzq1ULmO0gsLFhkbSKPp1iB4In8
5hIe1wxSNgL9vPIGD9cBUzTAK0NdjZpK43Cg4KpRKEG/4RFrtXwAdtQXjHFT
qkXNRD+3u1hiDcPyd/vBsyoGe/z49ctn794c/f7710cnOufdli24tV+MIOcQ
mNe0l4RMoUN/yKfeyz9/qr3blbwL+IKLXwviqthcjhp5eCuBqQ9d81sGle1j
84X8hssz2gtYBXj4JXmACHhAnEdtJFcvKquP5Xr9sBiXip/YiCzVPDg+e/Pi
9Pzy9KdLD8khP+fs0asQ2Gxb7tjaH1FHSbGEKD2PQt2NqA9AG5yGMNOePcir
3Ble6cSt5tDk4PpAKJpNxSzCZD36GgEVU2icBthtO5nIGsxguiSqWdtclcgg
okzxUdStgzYoCSIKcphu7NqnJsTd3dyd5rkhOT/Ba6LBDjUx/1sLRXLX06lh
O7PK+gr31j46M+zeEXqezuDp3r6Vyux8nfMMJcmaGPVcRXEYYFNQixB85YYd
ZAAXwRxCKqPMEvMCWv8p9m1Edf5hn2C8yvOhK8vIipD+QDbRQpftOei1TSa4
h9Ec6RhViyLGX8NUZRWwharEvkZsn6LM55yjou7D2us/Ek7DNvw2tydB6j3k
ihrhNF4vlvounjjOKUdjWUgNj4cVcf5ajYU2upy6O50HR1TaqsS8485phA7y
MHPXFD5w6NNA670iwnbaQmDGim2VhnzzynsABqvSXCUxeTakB1UhKVrwirGH
xtQnopBSMLCKkxubpmZ32dLBSxxP5SzPqunM4K3rI64dwAUdcmwjUxWFtTxZ
0+jp0muuQjM5hoZ2uddVeqM7XCFKqB8IhYx4kP4262kX1QLVUdyu00HIKGXU
CQg/Ap3sbOI94rQWQtWAx1GRR7zoYJnk4ZQaxtjkOLcSy2PTYkELE2dnC7Ig
zMrTypNWpZ30vuU1fyBZ+7uOfDUa1VmqG/NgtKXr8jZHvYWxmJ2x66stHBSb
8m5y6gSK/K5A3bm0UdIxr5U77xrr3MbGyHNBL1AbJo4tCWB1Oqhym2zZV2nR
OomQI2WcVLa7dCPMLY/ItdYqT1uYvPFehgHqfLzFW+/dbRNBBDbQzN/xwpR6
yhnI1VdvXzqtpIATpMEOdR/zExCL95Qh6wGVgcHFiejaXLlVn1m3ed1lJt1u
qEWOy1Y88dmc6u74ZV15bw1+nxn8YncvUu9c/QbZrgKovDz66d3bV8/Pj757
efrq8vTk3cXZfz5tyhI+W0PvbG03AVOU2aIepXWjHPRQOIJfxZxs6WVGimva
yHZEl1ecVop6owJHGM+k09gXBe5q1o/Mw9TL5FLXy20sDRvLztYX/N6intuk
gq+gVO8cZbrLX10mSQgeZVYkQYK1neiWajB3bEn3hW3ovNakiwxDWqrQSapu
gigXiaMo0C0oIx2CixSVcsPH5IUql4IB4IXbIxR0OSk6NIo2ywszSMbRtkWO
VcQJtuf4E3qU2aZYvakuhidj0FFA58aBJphYPAqRby6PPDuJzCi+WcnwfDrL
PNS39OnUA2e38uk00yNI5JLNLroUfkFNRISsrPPajqzjLywgluqjXXfBxE10
x5UW5i8uopkCONfq9JtxSrenhXwn3nA+nUuiejrqxvnhRjUxhuNydYIiQg5L
Fn7NEXhKJTAkWN/zRmwWjVvTdmmvv7MTPHgWRhpz24HKc2rwJS1B2PfFoZEG
8zMtpvS2PVmyJgtBQ4iYq3SA9DwSJG3WgGubnUuXIC1pNI4HwtOSBKIX6KNu
dWza0UZW283bXdfXF27U+ITdGueqzE2TV53B45tLpuObuMiWtAexypg4I0S6
t/U60Hy6aZvZZAWi6HrxYzEjxqScKGuD7uygDgVKUIqMFYTRJIR1cOeqqOJu
t6aJDtIdb4FiBCg1ut4xboyeuVuxVOkE8ozS2OrmrctbbBIY6VFts78SDUzj
6GDERT4AWz0NG8BdJApZxOjV26AbhfVY6e5XVESiIu+423SXeoI9IRj2RBEI
Hoa3YNJ8QDYrFIQk0sPCm8y0VDReCH95hYmqguE3VSm2JgR2k6sJs32rtLcA
qmB30KnTkX+ln70FWDo/rI7ueqeUbkPNyapyUbnGzR77czTva/dvfg0OCPI4
wyZgwgJrrtVNueAj5CojcrKvVRS7PrNqcMANvKLt4GgevYdab8/VPLtytdNM
5wc87gcnioMkyC8oiftmI5eu74191BLNeVwzTro+X11GWqYhm7OTfT7kP2ob
M+I1O9YiatmoVehky/QmGEvmA69c52Q+CAtp/h1VFHjI1ZS8VvSUxayYUm7i
g1GB3JQZ6go4DXOxK7CHUWpNZ7MGrUxVaYKqF6/APocWVDa3DTNNq3vY+AHi
KIntlQFrXOuPTa2iPeZ98iCxsbqn66uczRL2H+um//43QI6U0WCbSjluuKgp
klwtpyWL2TQQq1m0TanALZWAZMQ6qovGZX6n/f6+300ztm5lgIf0ehcItSd8
6zQlC7d2sKFQLTwQhKMsLwuXu28iAJ2emVFhYCemJGmFnueNP0JjNhh0RdEt
W/JlbJptLazKWdwO0tB/ojZk/pbx0uGoa081gcBzCdUK6v0m/23bbERJHY9j
SxjvoIZyDyVkEGTUmx+IOHfiRf6cxoeLRaxwZmFvRUx9kp1i0y/bDsGYXMO1
rm9Ynl1mqwrRgLvEQIB5HaeDnWYLrJW0So7itiNMATFhHW0cwCVy1JbkEd4h
sKkokYarrbRXFwOOV3WVD1yM2C/1gesAwEauPPJ7o8jISql9WFZjwC5aZxXE
xfkUxLqLqzWLjReVJV6F7ohn7JwVcRSOwQTRHfqdLaGkKOOEyp0JBoVVg3UL
QaCmEfogjRba7iNsNIrDPFybIrPEjXAP03P5qc+NXLnecEm23JLB2jJvWl26
eijQL4H/skl0WCvteIPvABrPfkCQV4yEna4OngEqtPixNq7xEfj8pJytTCep
F5UsK4nA+T/sDMSL3+JcbJg7ktGRhxhgk0J/OpK5EQJeIG+5Ebpm4mFtYufq
lJqTa5PSCsMCcGaCIBv9uIjgmroBYjanuFnFmruO8XTxEaCUCIyRTmGlA+wW
Cy9iU3z8XCc+iG3vlUo0s4k8Hdm0NCV1XttFvnff091IqTaM1d5QJF9LZ4gh
gpZTDDKEYnAKTCTLD4M3iULrLFImFJmEGEIDxqqwcUJs+QFs4yrGaCNI1lKu
g+lq5ymFSvHeDqq7CHWrCtW2mOuYHQEw7gStIrt+3ZyWtUHTPdvyOaoBSyl0
W8Owd6TppPnuGsLvISL4YGcHcPVgV3IhbdmS/2QPkNp4xOANR9ofRvv7u/uT
3cHeI/V4fzIYw3aiA/XocTiaHKid8PFgNJoEDwYHzjgNewdHejgYTgY7B/Cf
R48ewjiDhw8fj3YfD/dBuRzYhTZSB/+l86bdrNHST9a7zTlIOx/29naG+9Fg
UsuZfcJv7/UoyYfvLOTiR4DVzu7Bo3rvqiecW8rPHOwGAtTaM16aBz87bkvt
xWfdOBc/OpkEm0FYl2kGy8GIjzzYe6ghuUEOZm/47zcLM3hbOEKqNUxUeI1r
UAaCfOllk14cFZIZ6cmCb89NxcPZCfdmX8O0G1khTfFgbhNjRYlj0SIOpD8O
7l8HJVqydNwWRPWG8oajUefdmle8Revptjl3VyUkLS87MonxPM197D5jwec6
f1mwwgNG5G6bIP26KJ/X3prVnSOr/PlxFB7rpe7U/vGed4mxkKwfSfnRSlB+
e8OrK5Y1Vl4RMnF0VjbdxWVhTUMdZdQXIlHNEEWirLFZNxJQ67ZtgXx46Kz6
AdO6fawASUcdg9I18D/zE4L9UWiv41mGeVwhPayDe6mKSfc21VzowKnyvGle
hnJXJ7Zlul+sWk0Xb7ohkHpkRrVieuxlNq51w8Eb+kNjlJLCr1suY1ZaSptx
0sVGqjlxNvG2tUzpDJzjKe4iUhVMKypMleUxMJMKQWmvrpAy5Nr1qkumKnRP
Krk6Z1a7sCRMrsMbMDzmMWsrePYpVgjvLucBWKJl7j7QldSlSweihjqZRiWl
9vk+o2VIQUjHtdUCITR09A1aZuNRsDtuPwpDRrN9bOOjcN48CnaU+lE4/xsc
BaxI/XOFFZHZBpz0bFmreBvQ0BXqbX4gM+Xf7ACe/xUOIF/lmYO2T2HnMMmm
qMtraZyqYAqnLkW335UQMECuea4sD/z658q5ZOVu58rkLJvV3uFcrRMxQ3Lo
bEKGtyPbc59sa62anES1mlgix63vtyWfrOvM/us5ZKmFIkpvM/Oxdmfwvai1
24EpZkcKKmiJPYqTUlktusk4tuBca+omxrl980YK9Ueht7boKcUOc5tg1dBe
ur4Di6BnoD92dpBXHGM8c5Uz7bRbHRAzDVHqmVU6koqXZ5g7DPyYqIPuzW4g
cDpzaG7iFvFzrbFet6lzX5oDf+aEcdsWEIO2hmUvTg1tG2iW3mTWiKH42t62
vui2KNF54NJEJatqMSi8WPyylgMvsmsl6fKUo891wGb5wqmnmVAGdUOsrV7f
jWvv4m1GaFqWJ3tuMVWQ9RyBsdT1wue3hDvlW7QvdyUtmTDK7YjEpBrmEvQQ
71Gt88JKjDlFJCNuP5qR034NqO4FP6pR8D1f5kq8xL3c1b2fbrDTH+z4ASvt
fSrEKS1nhuoyttCG6nNPQ9P/yGl32nI5LCsFMD/fDsvF9sPHOFPbTbG6jQnb
YSG91NMJX/qSVBrk4cODHQ54xXJhLF7npusYMnNdbCPaW0uuYC6juZ65Q69y
sr1cEKDmFyd07xeIWpVzDPao1tezuzFnat6Va9JBXI7evKbFpu54l0xzX2Mp
j/AbEgVHbgXBSI0xMB1eo28jW5rgpBECgiIb6VzCuPRXZ+4arha4VoG8Hzfz
AO7Y8d4F6/7BMCh075NsGZDrhxzItgFe1yaGdP+nycnlscwxo/4YRRWXLq/S
FV3SYcdeAsVeS3peYe1k4Fw0SmU22mbTvEjLWbrNUgsC6raFArlwm3/BknDV
DixbDktYT9sGrY+uPBVk2bwj0JURVKhuOogzEd9bC1FzaRgTrb2cGVfC7UaA
ZFh8ULeFKKaEPKeOql7V42Xuui+z35xb6/F0JzRYBtPxTbGDRw8lCOLncSGh
UzzNiQmQUx/YCnEJpGRDSH0/nZaZCoMHrQDTdbzW3Lr1mu4u16zAZx6b1AI/
qZUDhk3G6dd2pdS/2b9nW7iT3L7YIA6kxzq3CpkfW3R5BSiWRPuck+P0YCnp
Cijn5igaaOmV33LRZn1TefnUFSIm1UY02ciW7OiKNl/T9LXumorstDXy7khf
cS36UoE/0v46k9xv3XcOEJzmdhSPuq+iXny/6wCOUt3FsO2u1gZr1abUhFuX
fDKuV/XgBvbOzlyjsIy0EasrLm3uPF0pByaztvCdNxEb1N/HWAem+4/ZYn63
LVpvSX2LK3uj/023yLzb2ycRTBuHt0kKejxPuNk1cWqv6JGmDyOtzNH1MLnB
4c33f8Dv7wNRJ9XceOO3tIubFnAJusmWcLn8pt02BWWvefGjv7yj3wvvNqmo
qM0UIvSYo43ZzTJWm0DGgHNMQrIBzqYc/TvC8piXcUHifANoNnOvvhY0PYhY
GALB9soaDFktRW7mwx8flgyAvx9Ej/w1Hds1IcECjM9bYRyHaSihGtyVbBzf
aIt7fU24rwWm5fLRanQ46RxL4E/SSh7jl5dNWnwlVH0fjlTSQNXx64tT6T2M
OTgi2hz6//gRH+nzI337yFem+RbITZo6tQuVlk4RUhSm25Z+4Y7ppssyzwCq
N7SuiG5qYNUiLfMwv+mSga37wQEQrlX4Xj8tWkzl1I9H3Py1wrCNFJmyFxo1
3tBcOiFdU1hYbfUGO1tGI9LpNfwdfIXQrwqSvuZadty5uzC+JrSs8hSVK3f0
QugkybL3AbVmDVMzB76Gqzak6/U4oSJvGcQVxW5RhndGLIWY8wPQ948O7V5c
K16oVxK/V7YXfXB6dLLNbVvWNhj9a54lZnsrVrqBWNn/a4kVXCGA/V2CS9eJ
79hpBsG2TG2z0iebj3pgLtxN9Wu4gVdnOfyNVL4v6GLpGAFa6deaMS6jBjGv
12VJPT6Wdru8FiiyLY10h3Yc7QUbTKAtotMpTbqXdvD1dGqnTuNEb5HxEmiz
r6AAV83v5PnBHF9Pm/FkjoFjfraYUuwkcNkR8BTH89BMZmCvnm7/2naBTef8
9J8Og+9OLwPvohUklw58d0Ht8/d1OjblQv3Dt5jxneXFt0Doi98+AeLq1r5I
MF/zt0/iyVP+RH/fuMvlt0/AhLUW7BOj2j7dcX4fPjFJWMaUkAeIIT4dOL/v
PnFY5dM979UYv8ufOMS0IlmrTgRu/1DtEV6dSOVGEJ1uKORDXtYphSlSOu3I
6/4jjOxmu1UifKZCduOwB3qWJZFY8p6ad5aaxJmuGIs2D9KbzzT5uKF2oG0l
wbXqzHBtZyC3GdCS/jK6V48bNLOX3ZuawFNkXtik0R7LiITtpEomMV2DZa9/
mhNjjUvJwt24E43fdEH4MY/BMSOpwqAkdltBqJUR43dzNuA0J+eOrOjpozhP
umSvzTBW7W515pXushSym7HiyrgbE/LOavent/QV8ecqgkf9Pa5+qvfS6Hu5
XkuCUS3XaaG71bkUbjB83BvFpSX6cIrdcLFjRIKNEkY5Orx4N2FZhpjqj57u
8YyLXfm6MscrLOn+Ig/cig6+g0W5xd2bll8VwQEAHUc8MBUDRhE6ctP8SZQz
+nT3bVIoxMXR0rndt385kc8z5YfNdx7WCcDE3uxpRgZgm/NYfxhCzxoDen3r
8CCwby0uqhewlm62tXWJOj049LEoc+7/LH8/3KM1vDw6buYmcBOZ1gfxk6NT
W9W6BLeNOtNGmebSLE8DRutz+78UjMOvBUbTheFHvvKQWN/YRHva+oOsLJyo
KbTcW42YNAZ3EeTTTG4JYesRo3VY01oLhZle1yNFBvFYQjmcGNFy24jxrzcv
M3EufeQSNZSp5i7Jzfhd61WU6zrZ1O+v0ZTaQIarLja7YD1aWqzF+9FgNXKn
Hb4k2039itdSLMSEdZOGu9HypBosiq/iiFETrrmotn5TKCjxcRTy7SLeNZc6
T7h9Gw848ohOVv6+pE7WcVFUbM/gZqoCx8XCq5ttXRoJmw6vwjihQJZvm+mb
MDHXRhQWt6btNnjrBxcV9WezWzKBNypkk5B2ZI8Ym4fYg5gb/DRWYwjMpgWF
ib6TwYsU4s0iKzwDklrdNuBGV5GggyV0xLG5jaeeGG8i8c2mc5G9Mc/TYlr6
L3g4ijJW01ATCilWgoSGHZfyOauZbtulpShzMvVDARDjQlPTKk5SC9ejlXB2
9OqoZiFIoZJJ0bC9ekzOu6gjyMRwgNUFWNIYgcokrTODtNKtjx//48Xp988/
f96yMVIcwoZhOU4rbbBM42Fb1SVOg2keLmZcSODcpBO8onEK65u+h+YP+aTH
WbiQVqmUkYeAQKgW7xmgZErVNu4Xe8kJ2GqZ0HENSW6cPMm1kU0v5TTPqgXf
WcGD22sqzo1UM/dSBO5VFH8AgPV+gp8/8t0Tvi2oDUeBgFhVcboSTGhBblJS
5wKfPTZy869zgRklr1oYaH+ORAY8LCCP/fkPbIS2VvpxozZdQmpJxrm8xTvH
63vkstWC7Yls1or3rk0Fll7fnOeIrhdKQpMugQOqv2rcBXW4rLBRxqTbWoxQ
xu38ovKsl7AmRX4i6iWLw1zEOrLqpx3Taz6kDpwpaqXPqxqE+Q0ZC1MkKt2w
AO3AhE2ar76CZjCklD5gRpynpAKn8iENCywHU1FthYNdkeVk36PqEqB7xt5K
hMTPKd0mAoDJdZQxCH/Tqsl7YA1e/b2k4TALZ/cf9RUI0Vlfcta+ppP6qvrB
CxPAXlh9Ui+rTpBi9M5uJEHyHfD4d0GK+TkF9gkHMOl0FbdSyBumYPOb6lh/
/iOxsEvm4Ec616KVgTGb75mEjFYuZmb3TyWAK49tbGWrMWEtZHR+2udH+vYR
0N983ibNhGFivNoa5etpehXnWcqOxgfI/bZXsD+nP81Z76Qfq3LSo0ovZ6fI
I56j7kz+BdqEFOPyLfPHrG0lbBudnV4+t2koFp3w1c+WbRLbNfsivnsIfPUZ
DD4JTihbj/B12FrfueoH+TV6/rzPghdxWh4uST31M0bWDZxvPrCfp7FuYHEU
6IGPnLhne9YETsYTrR6YnaqtA3vuhrXjNQYml2vrwOuj6q2zaeRFztC3HbgW
/xSRzQOjwusgzx14w/BYfdkaFOJeXk8V39Ts3eUw3lyvWM676KYqc8HcmnyC
No7XnkZguZ5sgzkfPIERH26Ts2kOQ6vWdgp0OUdxH5yArIlV7wVIqjnW6qBi
TwFobuWyXedovubhVpIc6d4GudOx9Ubb2TJGhbJMKs22LtBjHeZRERw5KZen
H1DxAWBdxep6i4yprQtPWz6X60e3aq6ePeO/ezwYPsTwnDdWMK2AeBNOi8yV
tftoKzk9wzsBTsxCntm8V2yy0app/HkYKbblG+9sYbVDXHdV7ZnWOrz+bsvQ
jsxNbrQbPmoMtF8DxOVM+r1GGEjEE6OoIz7RGSqKY2MA2rVe5tiYlsqLqDqg
aCD/0WCIATGvbbnkZnKndTuncdfkso804kZYoBLqoGekqNAeyV3xphGONLre
KRVZcBKsPvc/fkc3heaFbviL5qeTdIHNOWJr3vHGnT0TrlTp9N0b+lHvXeNC
5P3qW0A5ul4Ym85N0CA1+QduTkEaNN9Oa26lM9kgkhOfmVwbNnjXZvogSgvl
5TlgjkMaA8NgfPPwktpLHeJEb9VpFFRkmKppKN2m6NOu6ShE2gc5vXoP9/d3
H+Ii8Zf9PnEN1lDpKQKBrAQ1UavANjkC6mgcZSPS1PftnLnpI+KW7Q33cM7h
riSyGuIApap5DH9sHsP+irHNlnrDfSJG+phnpF22TtrOh9rnKeYhaW2kC8t8
ONGU2Lh8bqeah/l7meYNOWQUdo7YIhe5p7K1kVOInr68lEoMrzHCZkljxiRf
Nj5xAOsikCt7fTeGPpGbTMlqYeLr7bVDhMDA/jWa44D5AlrAVK7CpNNFV1za
Pd/2x/NFLFUV+ALAHbx4EzsGYbRabus7/vFy2+1jHZLwfPc7dcMZ6PfH6eR+
ME7CeM7dhXQFD/f8oi+AZcIw1BvSslf0UTzePRj2xR2Cv/9x7RIHuEQY65jG
DS6Qqx0fX3yVJR5ffJUlDuHpn/r7OwfeVc+3wRjOBUrHzqq5MOlAqEWrdZrg
Tn1D8efNFKmfbTZoy22l1NvMldJnaDlW4lQkdU/0C+lNgWLXULrbe7TeCtKF
eSvba9M+VqhMXRhtId06MpfRWw4+oRu0MbEMXfpGD/LUUXEL6WqTKUWGqZeo
tAB2lS0eUDc/pKVSZEICH5jiR71Es/wJNQWk7KLQhJp8Hqzfd0vku0GR8Vt2
VM7CKqoRpgwQHhMARVlRa3uBF+ME/RXyHqUz0R1TXs5GzdXAyhBJeDhoHI6k
ttfU1TtFp3U28URfoVVR1jxxD2Ot1EtXegy081jUmCunS9B0s3G/CR+qR0zE
dthU8XC1dpNuG0enGZAuRN0oQZsL2KTMEVdkropD32XC+pTXyrRe4uJJib7X
+Ah3RsbRqiVIqEwCDnOliEYQLqM/SX4XvD72cMFdJgkZdN8vvjlyS61I7L2h
qtfiz1VYUmTH0g9lo1V5OEViPzeEQuhL9TcIcTQNiwqsqDF35XML2KivvqMB
mVwc8sb7XUErtwOpqWCOKg5ocdcH3axDX9rmoNe7nEBawRWUOcuXmjkJsMAB
kuyGbBvWFH/J6MrzcDptUUBoy+YOaxLxipKFNZVySsg4yQoiTOsf6/MVumI7
oN5OEkVURgG14MU4VZ0JCEMeHyskY1isHq1vbKQMWj7H0LGcrV+fRJamPuCt
aJNVBijvhS/3E8PCMkzd4rOmJSH+TNhTu/8jrv7LJBI8j7lm3qt084AgGVJk
wXa19WT0IGPbpnS5D4xL8c4ldOpaH9cNGmIuTMQzyThF+tRn4pZtoqlcpZbT
E5czrZRJqSzkkhay/Qw79dCBNDnhFuy8GLYfQ22TAEbqVqrNjTU57VihqfPn
lj2O5pHJWhNCtf79qkTEMPcNxdbh1SVeYoiOKrDFZXnItYqn1FBcklUw3XVO
vWCcc6FHlyERt4ma6EsXJBgTAQ1zzwLdj7HibgnWF2wDjO7oOBSPz4tk/R0z
c2BkwGWv16P7ZzByeqKB8pZSi01iZU9Dq8c5x8Vn0K+4u3uc5pMxK0A/AHtE
YuoNdsisGgxY8cEBBjvw52eknKOrLI4kT+PPlc63RduHRTop2BcxJYiSgs+p
Vqd0tnAN8LhzG43kipi8XomZ0TvfI+/X5gU8j14zT/F6wi6akhKejSsdiYcO
xhXXNpGIp0pYJCiZezM9jF1g7ihygulGQGDsNOxilocFZauTcKXAJHla53hC
OKeZxmC0RM5S+z7kQakmyO9YyO8cwJ+f5cyGxMLDMTDom7nRgM1ZIEW5tmfT
N9FpYYgtphqNKnaZW9tt8W2wNs61rgViaJr+OJ/SoEdRJJXRHOH1YoW662g8
rfJ6sNSt03SHogxRMWhNVyX9sE3nwV5SXqNDeFeS0lCvlBRGMdB17yPpIXuF
W+AmERnrg+33TjlpS613Z8Wi6bZdhYUNTlgw3NSw5sF7yb0b7vPLUqMFfSYr
1DyXwJ/sOHgefxANYCnleiRK9wQgpVoSfQx/fl5+1GxrTnaGnPHoUd3ZoY+6
1goa55033YiqjekTcQBtnZ1efLdFjl4MtfGMp3pnh35AWVguN29gzWk42DK5
P7j4y2cn8JGBlHt4uUGN2IjI4/NwUvYoRpiAQOXYQJN33ALWjxjWjx1YP4I/
P/t4G/vDm4zIi5nC8FV0vxBDqT48u89gFjv8Q/jzswVz1MZcLm1SMUc0ajcW
15OOJtwhAJ5s3m6zK86rq7gg8kxsOvaqbqjMTvmQbLVVdXNd21ZbTfuW2USt
DbROrHMzmqi9EAs1ztwcU3I8MqC+bVTstfZyMKAvd7DqXsu1BDjMS2RoE6oS
wswqPAx+m/ys7YK33+jIlu2AgI0cKMFiQsQ6ugm2VNTTTkhmhHiu6q0TCnou
FrBhHNd/R8rWGh0XtjhquCUddskEszFDqf5idF208ii9M0p956xHzazqOcPe
gsSyjiQedrt6YBrpBeh2PeKDlHpJqOXEMJ3RB4wXPS0fcI0Oc3cEgUe9kule
+Cxn5QHf5xP40DmB+/CnyHttspFoxEXo8odGCrG3DqABrWHVsdwQG7pIrO3h
4D5g9sN9GduxgpeM7O1sj3e27+xsD/783MIP0dxzOkrZ0jdH4i8RcN6+SVbU
BCC2tAIOZiThsm7tvwm+s/6urEWiz0licS8STRe3QPQug2PPAccu/PmZ10+X
kQdbuo9ZnOBOTesRlmYtWsCWYYO4tQQ5cVm7KcTjlE71EcrY211LTgO9ylj3
ko5JfIUJ79Gtwjo7sc33z06Y6BqKSR3E9NiPAAdNCJalwNrtYj32QsWmmxLK
ZqgaMqp2HVQN4c8llGv06xbZpnVbviOKhQ0vVfLU0CW0CfDliqgVrQ5thppT
1ex85tyxs+qiw2VXHjD1G7m2ZCEs6WvXWVrtz8GSbo7o3fd+zRfnJloR97uw
AgiO3/3kjOHMw22u2U2t0tpFK1Lq6eidq2Sr/6T2j/ssyjPmxHB5sqFKN2Dq
GjrUNYA/ibpeoWBGNQssyVHBl9hRLiiquhFHI4TjcXSiIp8T+aHIbUAnn0GU
aCcW4Vx4g/iAs9qlWIXPAHG3AHB7tgvb27GtDLfNPFZeU1K30dKKQS4stJ2W
grxjjjcHnByQJdmUol8tLN8TCUdagm/R5bGIbdLlTrUHHEDxCvTbPB6Lt2Kr
jjB2huw4zpCdHfjzs0cn6IHB9JqULyegEFJmb/1tkD13m5pQ81eEMhH8qisC
DDtdcjuAk91McYY5pWXAEpCO3rk5X3iG7bqs5i2gz6dguP0SOqQGavGcFRER
mDbHS1iENsAw1j9Yw2mDozHWOycqmtJnnY+HPKyKnm5NwqRQWxJj42KCgrt9
0u3TGHDHJo8fj2c59rsAlng0L37916L4jMk28MXpHBSaCjS6Z1h8kCSx/uI4
zJH+gmekuKX64/MMk6ZOQKNP4mszSPE+C07iP73XH/ynDEZ8ESag+Jk3fwT8
vQCrAwy9XH/2uySs6NPyvbLvzrDzrqp+/W/BS1CXiiIzY5yEV3EUvAqvQmBI
+sOLWbVAPL5RWI8kg8Tz4AKgHEbmk1//FRSwFD/99S/p9a//M4nsOmjOi3EV
OZ+9BtM6uCiVSszSvqsoIeAHun0bKB6G0F+9BLn7v/9HGPxQ/dt/BcX83/7L
Z52XDl++Cask+DGruEmLaYsWA2UoFdFl2BLC0VhHdFJCdVaPjmIlBxfxANSS
G7+ZzQ9nr169/uHIeEiPFegA494rtCqBqjB0FByfn12eXZweP+Gbujn75sVw
Z7hjHrk4e3520XuBwc0H3+XYrjCc5oqv7jzYHz7cH273O/8H6St0QoLbAAA=
</rfc> </rfc>
 End of changes. 97 change blocks. 
1434 lines changed or deleted 637 lines changed or added

This html diff was produced by rfcdiff 1.48.