**Session Date/Time:** 10 Jun 2024 14:00 # [T2TRG](../wg/t2trg.html) ## Summary The T2TRG interim meeting focused on various aspects of CoRECONF, YANG-modeled data for IoT management, and the practical application of these technologies. Key discussions included proposed extensions to SID files for enhanced YANG data model manipulation on constrained devices, an update on the status and registry structure for YANG SIDs, and a demonstration of building CoRECONF applications for RIOT OS. The group also discussed the use of YANG data models for SDN-based key management in Ad-hoc and OSCORE, highlighting architectural considerations and future research. Several decisions regarding upcoming meetings and action items for standardization and research were identified. ## Key Discussion Points * **CoRECONF SID Extension for YANG Data Model Manipulation:** * Laurent Toutain presented a proposed SID extension to address the complexity of YANG models on constrained devices. * The extension adds `type` and `key mapping` information directly to SID files generated by `pang`. This allows devices to interpret CoRECONF data (e.g., distinguishing an integer from an identityref) and navigate YANG lists without requiring the full YANG model. * The extension aids in JSON/CBOR conversion, CoRECONF validation, and auto-generation of C-code for external leaf functions. * Discussion included the potential to mark YANG leaves as internal/external in the YANG model for improved code generation, and exploring semantic web integration of SIDs using RDF. * Carsten Bormann noted the "precious" nature of SID files (partially auto-generated, partially hand-tuned) and questioned whether automatically generated extension data should reside in the same file or a separate one. Alex O'Meara confirmed that SID files are themselves described by a YANG model. * **YANG SID Registries Status Update:** * Alex O'Meara provided an update on the `draft-ietf-core-sid` document, which is currently in the RFC Editor queue, and the related IANA registries that have already been created. * YANG SIDs are 63-bit unsigned integers used to uniquely identify YANG names, making CoRECONF more compact and efficient than traditional NETCONF/RESTCONF. * IANA has established three registries: * **Yang SID Mega-range:** Divides the 63-bit SID space into 1 million SID blocks. The first block is managed by IANA for the IETF, with provisions for other organizations (e.g., IEEE, 3GPP, vendors) to request their own mega-ranges. * **IETF Yang SID Range:** Details how the first IETF-managed mega-range is allocated (e.g., SIDs 1-999 require ISG approval, 1,000-59,999 require an RFC, 60,000-99,999 are for experimental/private use). * **IETF Yang SID:** This registry will store actual SID files (module name, links to YANG and SID files, size, RFC/draft reference). * Carsten Bormann highlighted two critical gating points: 1. Establishing designated experts for registry review, who will need to process approximately 200 RFC modules and 750 Internet-Draft modules. 2. Encouraging other large organizations and vendors to request their SID mega-ranges. * A sense of those present indicated an objective to have at least the 200 RFC modules in the registry by the Dublin IETF. * A question was raised about working groups managing SID allocation for related modules (e.g., CoRECONF augmentations) within their own range for optimal Delta encoding. The designated expert's role in guiding such allocations was discussed. * **YANG Data Model for SDN-based Key Management in Ad-Hoc and OSCORE:** * Rafa Marin presented a solution for centralized M2M security association management for Ad-hoc and OSCORE using YANG and CoRECONF. * The architecture assumes initial bootstrapping and mutual authentication between a "thing" and an SDN controller, which then acts as a trusted Key Distribution Center (KDC) for operational configuration. * YANG models were defined for both Ad-hoc (credentials, connection info, policies) and OSCORE (context parameters, policies). * A Docker-based proof-of-concept using Linux nodes was described, implementing the southbound interface with CoRECONF and leveraging `micro-ad-hoc`/`micro-oscore` for thing-to-thing communication. * Discussion emphasized the critical assumption of trust in the controller and the importance of thorough security considerations, particularly regarding the transmission of sensitive key material after initial bootstrapping. * Christian Amsüss suggested exploring common modeling patterns with ACE (Authentication and Authorization for Constrained Environments) and CoAP Management Interface (CoMI) to avoid duplication and simplify models. * **Building CoRECONF Applications for RIOT OS:** * Manu K. A. provided a practical guide to building CoRECONF applications for embedded systems using RIOT OS. * The proposed development cycle involves designing a YANG model, generating SIDs, auto-generating C prototypes/stubs (using a tool from the `C-coreconf` library), generating a CBOR dump of the model, and programming it into RIOT OS. * The C prototypes simplify development by providing aliases for SIDs and inferring data structures, reducing the need to manually remember SID values. * A `py-coreconf` based tool converts JSON instances into SID-represented CoRECONF, dumped as `uint8_t` arrays for efficient use on devices. * A proof-of-concept demonstrated querying temperature sensor data from an IM800B LoRa module running RIOT OS with CoRECONF, conforming to `draft-ietf-core-comi-16` for fetch requests. * Future work includes profiling, integration with other OSs (e.g., Zephyr), addressing security considerations for production, and exploring integration with LwM2M. * It was noted that while standardization is crucial, industry feedback and practical application are essential for validating and improving the underlying theory. ## Decisions and Action Items * **Decisions:** * The next T2TRG interim meeting (late June/early July) will focus on security. Carsten Bormann's talk will be deferred to this session. * T2TRG will not hold a physical interim meeting in Vancouver due to low anticipated attendance from key participants. * T2TRG will actively plan for a physical meeting opportunity at the upcoming Dublin IETF, considering options for a session within the week or a pre-meeting. * **Action Items:** * **Alex O'Meara (and CoRE WG):** Aim to have at least the 200 RFC modules populated in the IETF Yang SID registry by the Dublin IETF. This involves generating SID files for these modules and submitting them to IANA for expert review, with a heads-up to the NETMOD WG. * **Laurent Toutain (Research):** Investigate standardizing a way to mark YANG leaves as "internal" or "external" within the YANG data model to facilitate code generation. * **Laurent Toutain (Research):** Explore semantic web integration for SIDs, specifically how to use RDF to represent SID values and their properties to enable automatic processing of device information without prior knowledge of the specific YANG model. * **Rafa Marin (Research):** Investigate common modeling between the proposed Ad-hoc/OSCORE YANG models and existing work in ACE, CoMI, and CWTS to identify opportunities for deduplication and simplification. * **Laurent Toutain / Carsten Bormann (Research):** Investigate the use of binary CBOR tags for text-based YANG types (e.g., `hex-string`) to improve efficiency in CoRECONF serialization. * **Manu K. A. (Implementation/Research):** Continue engineering work on the `C-coreconf` library (profiling, integration with other operating systems), address security considerations for potential production use, and conduct scientific research on topics like handling YANG model changes and LwM2M/S-ML integration. * **All Participants:** Provide input and contributions to the CoRE working group mailing list regarding CoRECONF standardization, as the specification is nearing completion. ## Next Steps * Organize and schedule the next T2TRG interim meeting for late June/early July, with a focus on security topics. * Begin planning for a T2TRG session or pre-meeting at the Dublin IETF. * The research topics identified (YANG leaf marking, semantic web for SIDs, common modeling, binary CBOR tags for text) are encouraged for further investigation by interested participants. * Continue to engage with the CoRE working group to provide feedback on the CoRECONF specification as it moves towards completion.