**Session Date/Time:** 25 Sep 2024 14:00 # [CORE](../wg/core.html) ## Summary The CORE Working Group held an interim meeting to discuss two main topics: the DNS over CoAP (DoC) document and ongoing issues in the CoRE Corrections and Clarifications (CoREclar) draft. Key discussions centered on the treatment of DTLS versions and return routability checks in CoAP, as well as the status of specific CoREclar issues related to trailing slashes, URI definitions, and the CoAP epoch mechanism. The group made decisions regarding DTLS references in DoC, the preference for CoAP's Echo over DTLS's return routability check, and initiated an adoption call for draft-ietf-core-core-clar-05. ## Key Discussion Points * **DNS over CoAP (DoC) Document** * **DTLS Version Reference**: Comments were received regarding DoC's reference to DTLS 1.3, while CoAP is primarily based on DTLS 1.2. * **Decision**: The reference in DoC will be updated to mention both DTLS 1.2 and 1.3, without going into specific details, to avoid implying a requirement for DTLS 1.3. * **DTLS Return Routability Check (RRC) vs. CoAP Echo**: Discussion around situations where a security context is established but the return routability check hasn't been performed, especially concerning replay attacks and address amplification mitigation. DTLS offers mechanisms for RRC, but also allows application-layer mechanisms. * CoAP's Echo mechanism serves a similar purpose and works across all CoAP security mechanisms. * **Decision**: The WG intends to prefer CoAP's Echo over DTLS's RRC for routability and freshness checks. Text to this effect, clarifying how CoAP applications can handle these scenarios, will be developed for CoREclar issue 39. * The DTLS WG will be notified of this approach for comment. * **Placement of New Security Text**: The new text regarding DTLS RRC/CoAP Echo and amplification mitigation will initially be added to CoREclar issue 39, and eventually be incorporated into the CoREclar document, potentially referenced informatively by DoC's security considerations. * **CoRE Corrections and Clarifications (CoREclar) Document** * **Issue 7: Trailing Slash**: Technical discussion concluded at a previous meeting. Examples for trailing slash handling have been added in PR 37, now merged into draft-ietf-core-core-clar-05. * The "incomplete" note in the draft's section 2.3 should be removed. * **Issue 10: Request URI Not Defined**: A formal definition for "Request URI" has been added in section 2.1. * Further text is needed to clarify how "Base URI" is influenced by address changes (e.g., in multicast) and the Location option. Parallels to HTTP's evolution in this area may be explored for simplification. * **Issue 9: Match Boxing / Epoch**: * Clarification of existing text from RFC 7252 regarding CoAP epochs is mostly complete. * An opportunity exists to improve handling of epoch changes, particularly for new documents like OSCORE Group OSCORE. PR 36 (now in -05 draft) needs review. * **Interaction with CoAP Connection ID and DTLS 1.2/1.3**: Discussion on how to handle the impact of DTLS 1.2/1.3 and connection IDs on observations when security contexts change. * Options for placing text explaining new protocol behavior: 1. In CoREclar (as a placeholder, recognizing it might exceed "clarification" scope). 2. A separate document focusing on CoAP with DTLS 1.2 connection IDs and DTLS 1.3 considerations. 3. Within an existing document like the TLS 1.3 IoT profile (in UTA WG), but concern about adding too much CoAP-specific detail there. 4. The ALPN document was briefly considered but quickly dismissed. * **Decision**: The WG will proceed with adding the new epoch/match-boxing text to CoREclar for now, recognizing its provisional nature if it constitutes new protocol rules. There is an intent to eventually move such new protocol definitions to a dedicated document (e.g., a "CoAP with DTLS 1.2 Connection Identifiers and TLS 1.3" specification) if it goes beyond corrections and clarifications. * Zero-RTT in DTLS 1.3 for CoAP was also discussed. CoREclar could clarify its general disallowance while also pointing to OSCORE-like rules for specific situations where it might be allowed. * It was suggested to contact authors of the expired TLS 1.3 IoT profile in the UTA WG to see if they are interested in incorporating or collaborating on these DTLS 1.3 and CoAP interactions. ## Decisions and Action Items **Decisions:** * For **DNS over CoAP (DoC)**, the document will update its DTLS reference to mention both DTLS 1.2 and 1.3, without detailing specifics, and rely on CoREclar for specific security considerations. * **CoAP Echo will be preferred over DTLS Return Routability Check (RRC)** for CoAP applications. Text to clarify this will be added to CoREclar issue 39. * The working group will **start an adoption call for draft-ietf-core-core-clar-05**. * Work on **match-boxing and epoch clarifications/new rules** will proceed in CoREclar for now, with the understanding that new protocol behavior may eventually be moved to a separate document. **Action Items:** * **Christian**: * Finalize text for CoREclar issue 39 regarding DTLS RRC vs. CoAP Echo, including the preference for CoAP Echo, and its implications for amplification mitigation and replay protection. * Notify the DTLS Working Group of this approach. * Integrate relevant DoC-related contributions into CoREclar or its related issues. * **Ken**: * Remove the "incomplete" note from section 2.3 (Trailing Slash) in the CoREclar draft. * Clarify the implications of Base URI changes (multicast, Location option) and look into HTTP's evolution for simplification for Issue 10. * Solicit reviews for draft-ietf-core-core-clar-05. * **Chairs**: Start the working group adoption call for draft-ietf-core-core-clar-05. * **All**: Review draft-ietf-core-core-clar-05 for the upcoming adoption call and provide feedback. * **WG Participants**: Consider reaching out to the UTA WG and authors of the expired TLS 1.3 IoT profile document (e.g., Thomas) to gauge interest in collaborating on DTLS 1.3 and CoAP interactions. ## Next Steps * The Chairs will initiate a two-week adoption call for draft-ietf-core-core-clar-05. * Continue addressing the remaining issues in CoREclar, including further refining the text on DTLS RRC/CoAP Echo and the epoch/match-boxing mechanisms. * If the new epoch/match-boxing rules evolve into new protocol specifications beyond mere corrections, the WG will consider spinning them off into a dedicated document.