Internet Engineering Task Force (IETF)                    C. Amsüss, Ed.
Request for Comments: 9176
Category: Standards Track                                      Z. Shelby
ISSN: 2070-1721                                             Edge Impulse
                                                               M. Koster
                                                              C. Bormann
                                                  Universität Bremen TZI
                                                         P. van der Stok
                                                  vanderstok consultancy
                                                              April 2022

Constrained RESTful Environments (CoRE) Resource Directory




In many Internet of Things (IoT) applications, direct discovery of resources is not practical due to sleeping nodes or networks where multicast traffic is inefficient. These problems can be solved by employing an entity called a Resource Directory (RD), which contains information about resources held on other servers, allowing lookups to be performed for those resources. The input to an RD is composed of links, and the output is composed of links constructed from the information stored in the RD. This document specifies the web interfaces that an RD supports for web servers to discover the RD and to register, maintain, look up, and remove information on resources. Furthermore, new target attributes useful in conjunction with an RD are defined.


Status of This Memo


This is an Internet Standards Track document.


This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841.

このドキュメントは、インターネットエンジニアリングタスクフォース(IETF)の製品です。IETFコミュニティのコンセンサスを表しています。公開レビューを受けており、インターネットエンジニアリングステアリンググループ(IESG)からの出版が承認されています。インターネット標準の詳細については、RFC 7841のセクション2で入手できます。

Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at


Copyright Notice


Copyright (c) 2022 IETF Trust and the persons identified as the document authors. All rights reserved.

著作権(c)2022 IETF Trustおよび文書著者として特定された人。全著作権所有。

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents ( in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.

このドキュメントは、BCP 78およびIETFドキュメント(に関連するIETF Trustの法的規定の対象となります。この文書に関するあなたの権利と制限を説明するので、これらの文書を注意深く確認してください。このドキュメントから抽出されたコードコンポーネントには、セクション4.Eで説明されている法的規定のセクション4.Eで説明されており、修正されたBSDライセンスで説明されているように保証なしで提供される修正されたBSDライセンステキストを含める必要があります。

Table of Contents


   1.  Introduction
   2.  Terminology
   3.  Architecture and Use Cases
     3.1.  Principles
     3.2.  Architecture
     3.3.  RD Content Model
     3.4.  Link-Local Addresses and Zone Identifiers
     3.5.  Use Case: Cellular M2M
     3.6.  Use Case: Home and Building Automation
     3.7.  Use Case: Link Catalogues
   4.  RD Discovery and Other Interface-Independent Components
     4.1.  Finding a Resource Directory
       4.1.1.  Resource Directory Address Option (RDAO)
       4.1.2.  Using DNS-SD to Discover a Resource Directory
     4.2.  Payload Content Formats
     4.3.  URI Discovery
   5.  Registration
     5.1.  Simple Registration
     5.2.  Third-Party Registration
     5.3.  Operations on the Registration Resource
       5.3.1.  Registration Update
       5.3.2.  Registration Removal
       5.3.3.  Further Operations
       5.3.4.  Request Freshness
   6.  RD Lookup
     6.1.  Resource Lookup
     6.2.  Lookup Filtering
     6.3.  Resource Lookup Examples
     6.4.  Endpoint Lookup
   7.  Security Policies
     7.1.  Endpoint Name
       7.1.1.  Random Endpoint Names
     7.2.  Entered Links
     7.3.  Link Confidentiality
     7.4.  Segmentation
     7.5.  "First Come First Remembered": A Default Policy
   8.  Security Considerations
     8.1.  Discovery
     8.2.  Endpoint Identification and Authentication
     8.3.  Access Control
     8.4.  Denial-of-Service Attacks
     8.5.  Skipping Freshness Checks
   9.  IANA Considerations
     9.1.  Resource Types
     9.2.  IPv6 ND Resource Directory Address Option
     9.3.  RD Parameters Registry
       9.3.1.  Full Description of the "Endpoint Type" RD Parameter
     9.4.  Endpoint Type (et=) RD Parameter Values
     9.5.  Multicast Address Registration
     9.6.  Well-Known URIs
     9.7.  Service Name and Transport Protocol Port Number Registry
   10. Examples
     10.1.  Lighting Installation
       10.1.1.  Installation Characteristics
       10.1.2.  RD Entries
     10.2.  OMA Lightweight M2M (LwM2M)
   11. References
     11.1.  Normative References
     11.2.  Informative References
   Appendix A.  Groups Registration and Lookup
   Appendix B.  Web Links and the Resource Directory
     B.1.  A Simple Example
       B.1.1.  Resolving the URIs
       B.1.2.  Interpreting Attributes and Relations
     B.2.  A Slightly More Complex Example
     B.3.  Enter the Resource Directory
     B.4.  A Note on Differences between Link-Format and Link Header
   Appendix C.  Limited Link Format
   Authors' Addresses
1. Introduction
1. はじめに

In the work on Constrained RESTful Environments (CoRE), a Representational State Transfer (REST) architecture suitable for constrained nodes (e.g., with limited RAM and ROM [RFC7228]) and networks (e.g., IPv6 over Low-Power Wireless Personal Area Network (6LoWPAN) [RFC4944]) has been established and is used in Internet of Things (IoT) or machine-to-machine (M2M) applications, such as smart energy and building automation.

制約付きの安らかな環境(Core)に関する作業では、制約されたノード(例:RAMおよびROM [RFC7228]が限られている)に適した表現状態転送(REST)アーキテクチャとネットワーク(例:低電力ワイヤレスパーソナルエリアネットワーク(例:IPv6)(例:6lowpan)[RFC4944])が確立されており、スマートエネルギーや建物の自動化など、モノのインターネット(IoT)またはマシンからマシン(M2M)アプリケーションで使用されています。

The discovery of resources offered by a constrained server is very important in machine-to-machine applications where there are no humans in the loop and static interfaces result in fragility. The discovery of resources provided by an HTTP web server is typically called web linking [RFC8288]. The use of web linking for the description and discovery of resources hosted by constrained web servers is specified by the CoRE Link Format [RFC6690]. However, [RFC6690] only describes how to discover resources from the web server that hosts them by querying /.well-known/core. In many constrained scenarios, direct discovery of resources is not practical due to sleeping nodes or networks where multicast traffic is inefficient. These problems can be solved by employing an entity called a Resource Directory (RD), which contains information about resources held on other servers, allowing lookups to be performed for those resources.

制約されたサーバーによって提供されるリソースの発見は、ループに人間がいないマシンからマシンへのアプリケーションで非常に重要であり、静的インターフェイスは脆弱性をもたらします。HTTP Webサーバーが提供するリソースの発見は、通常、Webリンク[RFC8288]と呼ばれます。制約されたWebサーバーによってホストされているリソースの説明と発見のためにWebリンクの使用は、コアリンク形式[RFC6690]によって指定されています。ただし、[RFC6690]は、Querying /.Well-NownS /CoreによってホストするWebサーバーからリソースを発見する方法のみを説明しています。多くの制約されたシナリオでは、マルチキャストトラフィックが非効率的な睡眠ノードまたはネットワークのために、リソースの直接的な発見は実用的ではありません。これらの問題は、他のサーバーに保持されているリソースに関する情報を含むリソースディレクトリ(RD)と呼ばれるエンティティを使用することで解決でき、それらのリソースに対してルックアップを実行できます。

This document specifies the web interfaces that an RD supports for web servers to discover the RD and to register, maintain, look up, and remove information on resources. Furthermore, new target attributes useful in conjunction with an RD are defined. Although the examples in this document show the use of these interfaces with the Constrained Application Protocol (CoAP) [RFC7252], they can be applied in an equivalent manner to HTTP [RFC7230].

このドキュメントは、RDがWebサーバーをサポートするWebインターフェイスを指定して、RDを発見し、リソースに関する情報を登録、維持、検索、削除します。さらに、RDと組み合わせて役立つ新しいターゲット属性が定義されています。このドキュメントの例は、制約付きアプリケーションプロトコル(COAP)[RFC7252]でこれらのインターフェイスを使用していることを示していますが、HTTP [RFC7230]と同等の方法で適用できます。

2. Terminology
2. 用語

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.

この文書のキーワード "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", および "OPTIONAL" はBCP 14 [RFC2119] [RFC8174]で説明されているように、すべて大文字の場合にのみ解釈されます。

The term "byte" is used in its now customary sense as a synonym for "octet".


This specification requires readers to be familiar with all the terms and concepts that are discussed in [RFC3986], [RFC8288], and [RFC6690]. Readers should also be familiar with the terms and concepts discussed in [RFC7252]. To describe the REST interfaces defined in this specification, the URI Template format is used [RFC6570].


This specification makes use of the following additional terminology:


Resolve Against The expression "a URI reference is _resolved against_ a base URI" is used to describe the process of [RFC3986], Section 5.2. Noteworthy corner cases include the following: (1) if the URI reference is a (full) URI, resolving against any base URI gives the original full URI and (2) resolving an empty URI reference gives the base URI without any fragment identifier.

「uri参照は_ resolved _ ress_ a base uri」という式に対して解決されます。注目に値するコーナーケースには次のものが含まれます。(1)URI参照が(完全)URIである場合、任意のベースに対して解決することは元の完全なURIを与え、(2)空のURI参照を解決することは、フラグメント識別子なしでベースURIを与えます。

Resource Directory (RD) A web entity that stores information about web resources and implements the REST interfaces defined in this specification for discovery, for the creation, maintenance, and removal of registrations, and for lookup of the registered resources.

Resource Directory(RD)Webリソースに関する情報を保存し、この仕様で定義されているRESTインターフェイスを、登録の作成、メンテナンス、削除、および登録リソースの検索のために定義されたRESTインターフェイスを実装するWebエンティティ。

Sector In the context of an RD, a sector is a logical grouping of endpoints.


The abbreviation "d=" is used for the sector in query parameters for compatibility with deployed implementations.

略語「d =」は、展開された実装と互換性のためのクエリパラメーターのセクターに使用されます。

Endpoint (EP) Endpoint (EP) is a term used to describe a web server or client in [RFC7252]. In the context of this specification, an endpoint is used to describe a web server that registers resources to the RD. An endpoint is identified by its endpoint name, which is included during registration, and has a unique name within the associated sector of the registration.


Registration Base URI The base URI of a registration is a URI that typically gives scheme and authority information about an endpoint. The registration base URI is provided at registration time and is used by the RD to resolve relative references of the registration into URIs.


Target The target of a link is the destination address (URI) of the link. It is sometimes identified with "href=" or displayed as <target>. Relative targets need resolving with respect to the base URI (Section 5.2 of [RFC3986]).

ターゲットリンクのターゲットは、リンクの宛先アドレス(URI)です。「href =」で識別されることもあります。相対ターゲットは、ベースURI([RFC3986]のセクション5.2)に関して解決する必要があります。

This use of the term "target" is consistent with the use in [RFC8288].


Context The context of a link is the source address (URI) of the link and describes which resource is linked to the target. A link's context is made explicit in serialized links as the "anchor=" attribute.

コンテキストリンクのコンテキストは、リンクのソースアドレス(URI)であり、どのリソースがターゲットにリンクされているかを説明します。リンクのコンテキストは、「Anchor =」属性としてシリアル化されたリンクで明示的になります。

This use of the term "context" is consistent with the use in [RFC8288].


Directory Resource A directory resource is a resource in the RD containing registration resources.


Registration Resource A registration resource is a resource in the RD that contains information about an endpoint and its links.


Commissioning Tool (CT) A Commissioning Tool (CT) is a device that assists during installation events by assigning values to parameters, naming endpoints and groups, or adapting the installation to the needs of the applications.

試運転ツール(CT)A Commistioning Tool(CT)は、パラメーターに値を割り当て、エンドポイントとグループの名前を付けたり、アプリケーションのニーズにインストールしたりすることにより、インストールイベント中にイベントを支援するデバイスです。

Registrant-EP A registrant-EP is the endpoint that is registered into the RD. The registrant-EP can register itself, or a CT registers the registrant-EP.


Resource Directory Address Option (RDAO) A Resource Directory Address Option (RDAO) is a new IPv6 Neighbor Discovery option defined for announcing an RD's address.

Resource Directoryアドレスオプション(RDAO)リソースディレクトリアドレスオプション(RDAO)は、RDのアドレスを発表するために定義された新しいIPv6ネイバーディスカバリーオプションです。

3. Architecture and Use Cases
3. アーキテクチャとユースケース
3.1. Principles
3.1. 原則

The RD is primarily a tool to make discovery operations more efficient than querying /.well-known/core on all connected devices or across boundaries that would limit those operations.

RDは、主に、すべての接続されたデバイスまたはそれらの操作を制限する境界を越えて /.Well-Known/Coreをクエリするよりも発見操作をより効率的にするためのツールです。

It provides information about resources hosted by other devices that could otherwise only be obtained by directly querying the /.well-known/core resource on these other devices, either by a unicast request or a multicast request.

それ以外の場合は、ユニキャスト要求またはマルチキャストリクエストのいずれかで、これらの他のデバイスの /.Well-kond/Coreリソースを直接クエリすることによってのみ取得できる他のデバイスがホストするリソースに関する情報を提供します。

Information SHOULD only be stored in the RD if it can be obtained by querying the described device's /.well-known/core resource directly.

情報は、記載されているデバイスの /.Well-Nownd/Coreリソースを直接クエリすることによって取得できる場合にのみ、RDに保存する必要があります。

Data in the RD can only be provided by the device that hosts the data or a dedicated Commissioning Tool (CT). These CTs act on behalf of endpoints too constrained, or generally unable, to present that information themselves. No other client can modify data in the RD. Changes to the information in the RD do not propagate automatically back to the web servers from where the information originated.


3.2. Architecture
3.2. 建築

The RD architecture is illustrated in Figure 1. An RD is used as a repository of registrations describing resources hosted on other web servers, also called endpoints (EPs). An endpoint is a web server associated with a scheme, IP address, and port. A physical node may host one or more endpoints. The RD implements a set of REST interfaces for endpoints to register and maintain RD registrations and for endpoints to look up resources from the RD. An RD can be logically segmented by the use of sectors.


A mechanism to discover an RD using CoRE Link Format [RFC6690] is defined.


Registrations in the RD are soft state and need to be periodically refreshed.


An endpoint uses specific interfaces to register, update, and remove a registration. It is also possible for an RD to fetch web links from endpoints and add their contents to its registrations.


At the first registration of an endpoint, a "registration resource" is created, the location of which is returned to the registering endpoint. The registering endpoint uses this registration resource to manage the contents of registrations.


A lookup interface for discovering any of the web links stored in the RD is provided using the CoRE Link Format.


              Registration         Lookup
               Interface         Interface
   +----+          |                 |
   | EP |----      |                 |
   +----+    ----  |                 |
                 --|-    +------+    |
   +----+          | ----|      |    |     +--------+
   | EP | ---------|-----|  RD  |----|-----| Client |
   +----+          | ----|      |    |     +--------+
                 --|-    +------+    |
   +----+    ----  |                 |
   | CT |----      |                 |

Figure 1: The RD Architecture


A registrant-EP MAY keep concurrent registrations to more than one RD at the same time if explicitly configured to do so, but that is not expected to be supported by typical EP implementations. Any such registrations are independent of each other. The usual expectation when multiple discovery mechanisms or addresses are configured is that they constitute a fall-back path for a single registration.


3.3. RD Content Model
3.3. RDコンテンツモデル

The Entity-Relationship (ER) models shown in Figures 2 and 3 model the contents of /.well-known/core and the RD respectively, with entity-relationship diagrams [ER]. Entities (rectangles) are used for concepts that exist independently. Attributes (ovals) are used for concepts that exist only in connection with a related entity. Relations (diamonds) give a semantic meaning to the relation between entities. Numbers specify the cardinality of the relations.

図2および3に示すエンティティ関連(ER)モデルは、それぞれ /.Well-Nownd/CoreとRDの内容をモデルし、エンティティ関連図[ER]を使用しています。エンティティ(長方形)は、独立して存在する概念に使用されます。属性(卵子)は、関連するエンティティに関連してのみ存在する概念に使用されます。関係(ダイヤモンド)は、エンティティ間の関係に対して意味的な意味を与えます。数字は、関係のカーディナリティを指定します。

Some of the attribute values are URIs. Those values are always full URIs and never relative references in the information model. However, they can be expressed as relative references in serializations, and they often are.


These models provide an abstract view of the information expressed in link-format documents and an RD. They cover the concepts but not necessarily all details of an RD's operation; they are meant to give an overview and not be a template for implementations.


              |   /.well-known/core  |
                         | 1
                <    contains   >
                         | 0+
               |      link          |
                         |  1   oooooooo
                         +-----o target o
                         |      oooooooo
    oooooooooooo   0+    |
   o    target  o--------+
   o  attribute o        | 0+   oooooo
    oooooooooooo         +-----o rel  o
                         |      oooooo
                         | 1    ooooooooo
                         +-----o context o
           Figure 2: ER Model of the Content of /.well-known/core

Figure 2 models the contents of /.well-known/core, which contains a set of links belonging to the hosting web server.

図2は、ホスティングWebサーバーに属する一連のリンクを含む /.Well-Nownd/Coreの内容をモデル化しています。

The web server is free to choose links it deems appropriate to be exposed in its /.well-known/core. Typically, the links describe resources that are served by the host, but the set can also contain links to resources on other servers (see examples in Section 5 of [RFC6690]). The set does not necessarily contain links to all resources served by the host.

Webサーバーは、 /.Well-Nowned/Coreで公開されるのに適していると思われるリンクを無料で選択できます。通常、リンクはホストが提供するリソースを説明しますが、セットには他のサーバー上のリソースへのリンクも含めることができます([RFC6690]のセクション5の例を参照)。このセットには、ホストが提供するすべてのリソースへのリンクが必ずしも含まれていません。

A link has the following attributes (see Section 5 of [RFC8288]):


* Zero or more link relations: They describe relations between the link context and the link target.

* ゼロ以上のリンク関係:リンクコンテキストとリンクターゲットとの関係について説明します。

In link-format serialization, they are expressed as space-separated values in the "rel" attribute and default to "hosts".


* A link context URI: It defines the source of the relation, e.g., _who_ "hosts" something.

* リンクコンテキストURI:関係のソースを定義します。

In link-format serialization, it is expressed in the "anchor" attribute and defaults to the Origin of the target (practically, the target with its path and later components removed).


* A link target URI: It defines the destination of the relation (e.g., _what_ is hosted) and is the topic of all target attributes.

* リンクターゲットURI:関係の宛先(_what_がホストされている)を定義し、すべてのターゲット属性のトピックです。

In link-format serialization, it is expressed between angular brackets and sometimes called the "href".


* Other target attributes (e.g., resource type (rt), interface (if), or content format (ct)): These provide additional information about the target URI.

* その他のターゲット属性(例:リソースタイプ(RT)、インターフェイス(IF)、またはコンテンツ形式(CT)):これらは、ターゲットURIに関する追加情報を提供します。

                    +      RD      +
                           | 1
                     < contains >
                        0+ |
    ooooooo     1  +---------------+
   o  base o-------|  registration |
    ooooooo        +---------------+
                       |       | 1
                       |       +--------------+
          oooooooo   1 |                      |
         o  href  o----+                 /////\\\\
          oooooooo     |                < contains >
                       |                 \\\\\/////
          oooooooo   1 |                      |
         o   ep   o----+                      | 0+
          oooooooo     |             +------------------+
                       |             |      link        |
          oooooooo 0-1 |             +------------------+
         o    d   o----+                      |
          oooooooo     |                      |  1   oooooooo
                       |                      +-----o target o
          oooooooo   1 |                      |      oooooooo
         o   lt   o----+     ooooooooooo   0+ |
          oooooooo     |    o  target   o-----+
                       |    o attribute o     | 0+   oooooo
       ooooooooooo 0+  |     ooooooooooo      +-----o rel  o
      o  endpoint o----+                      |      oooooo
      o attribute o                           |
       ooooooooooo                            | 1   ooooooooo
                                              +----o context o

Figure 3: ER Model of the Content of the RD


Figure 3 models the contents of the RD, which contains, in addition to /.well-known/core, 0 to n registrations of endpoints.

図3は、 /.well-nowned/coreに加えて、エンドポイントのn登録に加えて、RDの内容をモデル化します。

A registration is associated with one endpoint. A registration defines a set of links, as defined for /.well-known/core. A registration has six types of attributes:

登録は1つのエンドポイントに関連付けられています。登録は、 /.well-nown /core用に定義されているリンクのセットを定義します。登録には6種類の属性があります。

* an endpoint name ("ep", a Unicode string) unique within a sector

* セクター内でユニークなエンドポイント名( "ep"、unicode文字列)

* a registration base URI ("base", a URI typically describing the scheme://authority part)

* 登録ベースURI(「ベース」、通常、スキームを説明するURI://権限部分)

* a lifetime ("lt")

* 生涯( "lt")

* a registration resource location inside the RD ("href")

* RD内の登録リソースの場所(「HREF」)

* optionally, a sector ("d", a Unicode string)

* オプションで、セクター( "d"、unicode文字列)

* optional additional endpoint attributes (from Section 9.3)

* オプションの追加エンドポイント属性(セクション9.3から)

The cardinality of "base" is currently 1; future documents are invited to extend the RD specification to support multiple values (e.g., [COAP-PROT-NEG]). Its value is used as a base URI when resolving URIs in the links contained in the endpoint.


Links are modeled as they are in Figure 2.


3.4. Link-Local Addresses and Zone Identifiers
3.4. Link-Localアドレスとゾーン識別子

Registration base URIs can contain link-local IP addresses. To be usable across hosts, those cannot be serialized to contain zone identifiers (see [RFC6874], Section 1).


Link-local addresses can only be used on a single link (therefore, RD servers cannot announce them when queried on a different link), and lookup clients using them need to keep track of which interface they got them from.


Therefore, it is advisable in many scenarios to use addresses with larger scopes, if available.


3.5. Use Case: Cellular M2M
3.5. ユースケース:セルラーM2M

Over the last few years, mobile operators around the world have focused on development of M2M solutions in order to expand the business to the new type of users: machines. The machines are connected directly to a mobile network using an appropriate embedded wireless interface (GSM/General Packet Radio Service (GPRS), Wideband Code Division Multiple Access (W-CDMA), LTE, etc.) or via a gateway providing short- and wide-range wireless interfaces. The ambition in such systems is to build them from reusable components. These speed up development and deployment and enable shared use of machines across different applications. One crucial component of such systems is the discovery of resources (and thus the endpoints they are hosted on) capable of providing required information at a given time or acting on instructions from the end users.


Imagine a scenario where endpoints installed on vehicles enable tracking of the position of these vehicles for fleet management purposes and allow monitoring of environment parameters. During the boot-up process, endpoints register with an RD, which is hosted by the mobile operator or somewhere in the cloud. Periodically, these endpoints update their registration and may modify resources they offer.


When endpoints are not always connected, for example, because they enter a sleep mode, a remote server is usually used to provide proxy access to the endpoints. Mobile apps or web applications for environment monitoring contact the RD, look up the endpoints capable of providing information about the environment using an appropriate set of link parameters, obtain information on how to contact them (URLs of the proxy server), and then initiate interaction to obtain information that is finally processed, displayed on the screen, and usually stored in a database. Similarly, fleet management systems provide the appropriate link parameters to the RD to look up for EPs deployed on the vehicles the application is responsible for.


3.6. Use Case: Home and Building Automation
3.6. ユースケース:ホームおよび建物の自動化

Home and commercial building automation systems can benefit from the use of IoT web services. The discovery requirements of these applications are demanding. Home automation usually relies on run-time discovery to commission the system, whereas, in building automation, a combination of professional commissioning and run-time discovery is used. Both home and building automation involve peer-to-peer interactions between endpoints and involve battery-powered sleeping devices. Both can use the common RD infrastructure to establish device interactions efficiently but can pick security policies suitable for their needs.

ホームおよび商業ビルの自動化システムは、IoT Webサービスの使用から利益を得ることができます。これらのアプリケーションの発見要件は要求が厳しいです。ホームオートメーションは通常、システムを委託するためのランタイムディスカバリーに依存していますが、自動化の構築において、専門的な試運転とランタイム発見の組み合わせが使用されます。自宅と建物の自動化の両方には、エンドポイント間のピアツーピアの相互作用が含まれ、バッテリー駆動の睡眠デバイスが含まれます。どちらも一般的なRDインフラストラクチャを使用して、デバイスの相互作用を効率的に確立することができますが、ニーズに適したセキュリティポリシーを選択できます。

Two phases can be discerned for a network servicing the system: (1) installation and (2) operation. During the operational phase, the network is connected to the Internet with a border router (e.g., a 6LoWPAN Border Router (6LBR) [RFC6775]), and the nodes connected to the network can use the Internet services that are provided by the IP or network administrator. During the installation phase, the network is completely stand-alone, no border router is connected, and the network only supports the IP communication between the connected nodes. The installation phase is usually followed by the operational phase. As an RD's operations work without hard dependencies on names or addresses, it can be used for discovery across both phases.

システムをサービスするネットワークでは、2つのフェーズを識別できます。(1)インストールと(2)操作。動作段階では、ネットワークはボーダールーターを使用してインターネットに接続されています(たとえば、6lowpan Border Router(6LBR)[RFC6775])、ネットワークに接続されたノードは、IPまたはIPによって提供されるインターネットサービスを使用できます。ネットワーク管理者。インストールフェーズ中、ネットワークは完全にスタンドアロンで、ボーダールーターは接続されておらず、ネットワークは接続ノード間のIP通信のみをサポートします。通常、設置フェーズの後に運用フェーズが続きます。RDの操作は、名前や住所に厳しい依存関係を持つことなく動作するため、両方のフェーズでの発見に使用できます。

3.7. Use Case: Link Catalogues
3.7. ユースケース:リンクカタログ

Resources may be shared through data brokers that have no knowledge beforehand of who is going to consume the data. An RD can be used to hold links about resources and services hosted anywhere to make them discoverable by a general class of applications.


For example, environmental and weather sensors that generate data for public consumption may provide data to an intermediary server or broker. Sensor data are published to the intermediary upon changes or at regular intervals. Descriptions of the sensors that resolve to links to sensor data may be published to an RD. Applications wishing to consume the data can use RD lookup to discover and resolve links to the desired resources and endpoints. The RD service need not be coupled with the data intermediary service. Mapping of RDs to data intermediaries may be many-to-many.


Metadata in web link formats, such as the one defined in [RFC6690], which may be internally stored as triples or relation/attribute pairs providing metadata about resource links, need to be supported by RDs. External catalogues that are represented in other formats may be converted to common web linking formats for storage and access by RDs. Since it is common practice for these to be encoded in URNs [RFC8141], simple and lossless structural transforms should generally be sufficient to store external metadata in RDs.

[RFC6690]で定義されているものなど、ウェブリンク形式のメタデータは、リソースリンクに関するメタデータを提供するトリプルまたは関係/属性ペアとして内部に保存される場合があります。RDSによってサポートされる必要があります。他の形式で表される外部カタログは、RDSによるストレージとアクセスのために、一般的なWebリンク形式に変換される場合があります。これらがURN [RFC8141]でエンコードされることが一般的な慣行であるため、一般に、RDSに外部メタデータを保存するには、一般的に十分である必要があります。

The additional features of an RD allow sectors to be defined to enable access to a particular set of resources from particular applications. This provides isolation and protection of sensitive data when needed. Application groups with multicast addresses may be defined to support efficient data transport.


4. RD Discovery and Other Interface-Independent Components
4. RDディスカバリーおよびその他のインターフェイスに依存しないコンポーネント

This and the following sections define the required set of REST interfaces between an RD, endpoints, and lookup clients. Although the examples throughout these sections assume the use of CoAP [RFC7252], these REST interfaces can also be realized using HTTP [RFC7230]. The multicast discovery and simple registration operations are exceptions to that, as they rely on mechanisms unavailable in HTTP. In all definitions in these sections, both CoAP response codes (with dot notation) and HTTP response codes (without dot notation) are shown. An RD implementing this specification MUST support the discovery, registration, update, lookup, and removal interfaces.

これと次のセクションでは、RD、エンドポイント、ルックアップクライアントの間の必要な休憩インターフェイスのセットを定義します。これらのセクション全体の例は、COAP [RFC7252]の使用を想定していますが、これらの休憩インターフェイスはHTTP [RFC7230]を使用して実現することもできます。マルチキャストの発見と簡単な登録操作は、HTTPでは利用できないメカニズムに依存しているため、それの例外です。これらのセクションのすべての定義では、COAP応答コード(ドット表記付き)とHTTP応答コード(ドット表記なし)の両方が表示されます。この仕様を実装するRDは、発見、登録、更新、ルックアップ、および削除インターフェイスをサポートする必要があります。

All operations on the contents of the RD MUST be atomic and idempotent.


For several operations, interface templates are given in list form; those describe the operation participants, request codes, URIs, content formats, and outcomes. Sections of those templates contain normative content about Interaction, Method, URI Template, and URI Template Variables, as well as the details of the Success condition. The additional sections for options (such as Content-Format) and for Failure codes give typical cases that an implementation of the RD should deal with. Those serve to illustrate the typical responses to readers who are not yet familiar with all the details of CoAP-based interfaces; they do not limit how a server may respond under atypical circumstances.


REST clients (registrant-EPs and CTs during registration and maintenance, lookup clients, and RD servers during simple registrations) must be prepared to receive any unsuccessful code and act upon it according to its definition, options, and/or payload to the best of their capabilities, falling back to failing the operation if recovery is not possible. In particular, they SHOULD retry the request upon 5.03 (Service Unavailable; 503 in HTTP) according to the Max-Age (Retry-After in HTTP) option and SHOULD fall back to link format when receiving 4.15 (Unsupported Content-Format; 415 in HTTP).


An RD MAY make the information submitted to it available to further directories (subject to security policies on link confidentiality) if it can ensure that a loop does not form. The protocol used between directories to ensure loop-free operation is outside the scope of this document.


4.1. Finding a Resource Directory
4.1. リソースディレクトリを見つける

A (re)starting device may want to find one or more RDs before it can discover their URIs. Dependent on the operational conditions, one or more of the techniques below apply.


The device may be preconfigured to exercise specific mechanisms for finding the RD:


1. It may be configured with a specific IP address for the RD. That IP address may also be an anycast address, allowing the network to forward RD requests to an RD that is topologically close; each target network environment in which some of these preconfigured nodes are to be brought up is then configured with a route for this anycast address that leads to an appropriate RD. (Instead of using an anycast address, a multicast address can also be preconfigured. The RD servers then need to configure one of their interfaces with this multicast address.)

1. RDの特定のIPアドレスで構成される場合があります。そのIPアドレスはまた、Anycastアドレスである可能性があり、ネットワークがRD要求をトポロジカルに近いRDに転送できるようにします。これらの事前に構成されたノードのいくつかを育てる各ターゲットネットワーク環境は、適切なRDにつながるこのAnycastアドレスのルートで構成されます。(Anycastアドレスを使用する代わりに、マルチキャストアドレスを事前に設定することもできます。RDサーバーは、このマルチキャストアドレスでインターフェイスの1つを構成する必要があります。)

2. It may be configured with a DNS name for the RD and use DNS to return the IP address of the RD; it can find a DNS server to perform the lookup using the usual mechanisms for finding DNS servers.

2. RDのDNS名で構成され、DNSを使用してRDのIPアドレスを返します。DNSサーバーを見つけるための通常のメカニズムを使用してルックアップを実行するDNSサーバーを見つけることができます。

3. It may be configured to use a service discovery mechanism, such as DNS-based Service Discovery (DNS-SD), as outlined in Section 4.1.2.

3. セクション4.1.2で概説されているように、DNSベースのサービスディスカバリー(DNS-SD)などのサービスディスカバリーメカニズムを使用するように構成される場合があります。

For cases where the device is not specifically configured with a way to find an RD, the network may want to provide a suitable default.


1. The IPv6 Neighbor Discovery option RDAO (Section 4.1.1) can do that.

1. IPv6 Neighbor Discovery Option RDAO(セクション4.1.1)はそれを行うことができます。

2. When DHCP is in use, this could be provided via a DHCP option (no such option is defined at the time of writing).

2. DHCPが使用されている場合、これはDHCPオプションを介して提供できます(執筆時点ではそのようなオプションは定義されていません)。

Finally, if neither the device nor the network offers any specific configuration, the device may want to employ heuristics to find a suitable RD.


The present specification does not fully define these heuristics but suggests a number of candidates:


1. In a 6LoWPAN, just assume the 6LBR can act as an RD (using the Authoritative Border Router Option (ABRO) to find that [RFC6775]). Confirmation can be obtained by sending a unicast GET to coap://[6LBR]/.well-known/core?rt=core.rd*.

1. 6lowpanでは、6LBRがRDとして機能すると仮定します([RFC6775]を見つけるために、権威ある境界ルーターオプション(ABRO)を使用)。確認は、Unicast Get get in coap:// [6lbr] /.well-nking/core?rt=core.rd*を送信することで取得できます。

2. In a network that supports multicast well, discover the RD using a multicast query for /.well-known/core, as specified in CoRE Link Format [RFC6690], and send a Multicast GET to coap://[ff0x::fe]/.well-known/core?rt=core.rd*. RDs within the multicast scope will answer the query.

2. マルチキャストウェルをサポートするネットワークでは、コアリンク形式[RFC6690]で指定されているように、/.Well-known/Coreのマルチキャストクエリを使用してRDを発見し、マルチキャストをCoap:// [ff0x :: fe]に送信します/.WELL-NOWNES/CORE?RT=CORE.RD*。マルチキャストスコープ内のRDSがクエリに回答します。

When answering a multicast request directed at a link-local group, the RD may want to respond from a routable address; this makes it easier for registrants to use one of their own routable addresses for registration. When source addresses are selected using the mechanism described in [RFC6724], this can be achieved by applying the changes of its Section 10.4, picking public addresses in Rule 7 of its Section 5, and superseding Rule 8 with preferring the source address's precedence.


As some of the RD addresses obtained by the methods listed here are just (more or less educated) guesses, endpoints MUST make use of any error messages to very strictly rate-limit requests to candidate IP addresses that don't work out. For example, an ICMP Destination Unreachable message (and, in particular, the port unreachable code for this message) may indicate the lack of a CoAP server on the candidate host, or a CoAP error response code, such as 4.05 (Method Not Allowed), may indicate unwillingness of a CoAP server to act as a directory server.


The following RD discovery mechanisms are recommended:


* In managed networks with border routers that need stand-alone operation, the RDAO is recommended (e.g., the operational phase described in Section 3.6).

* スタンドアロン操作が必要なボーダールーターを備えたマネージドネットワークでは、RDAOが推奨されます(たとえば、セクション3.6で説明されている動作段階)。

* In managed networks without border routers (no Internet services available), the use of a preconfigured anycast address is recommended (e.g., the installation phase described in Section 3.6).

* ボーダールーターのないマネージドネットワーク(インターネットサービスは利用できません)では、事前に構成されたAnycastアドレスの使用が推奨されます(たとえば、セクション3.6で説明されているインストールフェーズ)。

* In networks managed using DNS-SD, the use of DNS-SD for discovery, as described in Section 4.1.2, is recommended.

* DNS-SDを使用して管理されたネットワークでは、セクション4.1.2で説明されているように、DNS-SDの使用を推奨します。

The use of multicast discovery in mesh networks is NOT RECOMMENDED.


4.1.1. Resource Directory Address Option (RDAO)
4.1.1. リソースディレクトリアドレスオプション(RDAO)

The Resource Directory Address Option (RDAO) carries information about the address of the RD in RAs (Router Advertisements) of IPv6 Neighbor Discovery (ND), similar to how Recursive DNS Server (RDNSS) options [RFC8106] are sent. This information is needed when endpoints cannot discover the RD with a link-local or realm-local scope multicast address, for instance, because the endpoint and the RD are separated by a 6LBR. In many circumstances, the availability of DHCP cannot be guaranteed during commissioning of the network either. The presence and the use of the RD is essential during commissioning.

リソースディレクトリアドレスオプション(RDAO)は、再帰的なDNSサーバー(RDNSS)オプション[RFC8106]の送信方法と同様に、IPv6 Neighbor Discovery(ND)のRAS(Router Advertisements)のRDのアドレスに関する情報を伝達します。エンドポイントは、エンドポイントとRDが6LBRで分離されているため、エンドポイントがリンクローカルまたはレルムローカルスコープマルチキャストアドレスを持つRDを発見できない場合に必要です。多くの場合、ネットワークの試運転中にもDHCPの可用性を保証することはできません。RDの存在と使用は、試運転中に不可欠です。

It is possible to send multiple RDAOs in one message, indicating as many RD addresses.


The RDAO format is:


   0                   1                   2                   3
   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   |     Type      |  Length = 3   |          Reserved             |
   |                        Valid Lifetime                         |
   |                                                               |
   +                                                               +
   |                                                               |
   +                          RD Address                           +
   |                                                               |
   +                                                               +
   |                                                               |

Figure 4: Resource Directory Address Option




Type: 41


Length: 8-bit unsigned integer. The length of the option in units of 8 bytes. Always 3.


Reserved: This field is unused. It MUST be initialized to zero by the sender and MUST be ignored by the receiver.


Valid Lifetime: 32-bit unsigned integer. The length of time in seconds (relative to the time the packet is received) that this RD address is valid. A value of all zero bits (0x0) indicates that this RD address is not valid anymore.


RD Address: IPv6 address of the RD.


4.1.2. Using DNS-SD to Discover a Resource Directory
4.1.2. DNS-SDを使用してリソースディレクトリを発見します

An RD can advertise its presence in DNS-SD [RFC6763] using the service names defined in this document: _core-rd._udp (for CoAP), _core-rd-dtls._udp (for CoAP over DTLS), _core-rd._tcp (for CoAP over TCP), or _core-rd-tls._tcp (for CoAP over TLS). (For the WebSocket transports of CoAP, no service is defined, as DNS-SD is typically unavailable in environments where CoAP over WebSockets is used.)

RDは、このドキュメントで定義されているサービス名を使用して、DNS-SD [RFC6763]でその存在を宣伝できます:_CORE-RD._UDP(coap)、_core-rd-dtls._udp(dtls over dtls over dtls)、_core-rd。_TCP(TCPを超えるCOAP用)、または_Core-RD-TLS._TCP(TLSを超えるCoAP用)。(COAPのWebSocket Transportsの場合、DNS-SDは通常、WebSocketsのCOAPが使用される環境では利用できないため、サービスは定義されていません。)

The selection of the service indicates the protocol used, and the SRV record points the client to a host name and port to use as a starting point for the "URI discovery" steps of Section 4.3.


This section is a simplified, concrete application of the more generic mechanism specified in [CORE-RD-DNS-SD].


4.2. Payload Content Formats
4.2. ペイロードコンテンツフォーマット

RDs implementing this specification MUST support the application/ link-format content format (ct=40).

この仕様を実装するRDSは、アプリケーション/リンク形式のコンテンツ形式(CT = 40)をサポートする必要があります。

RDs implementing this specification MAY support additional content formats.


Any additional content format supported by an RD implementing this specification SHOULD be able to express all the information expressible in link format. It MAY be able to express information that is inexpressible in link format, but those expressions SHOULD be avoided where possible.


4.3. URI Discovery
4.3. URIディスカバリー

Before an endpoint can make use of an RD, it must first know the RD's address and port and the URI path information for its REST APIs. This section defines discovery of the RD and its URIs using the well-known interface of the CoRE Link Format [RFC6690] after having discovered a host, as described in Section 4.1.

エンドポイントがRDを使用する前に、最初にRDのアドレスとポートとそのREST APIのURIパス情報を知る必要があります。このセクションでは、セクション4.1で説明されているように、ホストを発見した後、コアリンク形式[RFC6690]のよく知られたインターフェイスを使用して、RDとそのURIの発見を定義します。

Discovery of the RD registration URI is performed by sending either a multicast or unicast GET request to /.well-known/core and including a resource type (rt) parameter [RFC6690] with the value "core.rd" in the query string. Likewise, a resource type parameter value of "core.rd-lookup*" is used to discover the URIs for RD lookup operations, and "core.rd*" is used to discover all URIs for RD operations. Upon success, the response will contain a payload with a link format entry for each RD function discovered, indicating the URI of the RD function returned and the corresponding resource type. When performing multicast discovery, the multicast IP address used will depend on the scope required and the multicast capabilities of the network (see Section 9.5).

RD登録URIの発見は、マルチキャストまたはユニキャストGETリクエストを /.Well-Nowned/Coreに送信し、クエリ文字列に値「Core.RD」を含むリソースタイプ(RT)パラメーター[RFC6690]を含めて実行されます。同様に、「core.rd-lookup*」のリソースタイプパラメーター値を使用して、RDルックアップ操作のURISを発見し、「core.rd*」を使用して、RD操作のすべてのURIを発見します。成功すると、応答には、発見された各RD関数のリンク形式エントリを備えたペイロードが含まれ、RD関数のURIが返され、対応するリソースタイプが示されます。マルチキャスト発見を実行する場合、使用されるマルチキャストIPアドレスは、必要なスコープとネットワークのマルチキャスト機能に依存します(セクション9.5を参照)。

An RD MAY provide hints about the content formats it supports in the links it exposes or registers, using the "ct" target attribute, as shown in the example below. Clients MAY use these hints to select alternate content formats for interaction with the RD.


HTTP does not support multicast, and, consequently, only unicast discovery can be supported using the HTTP /.well-known/core resource.

HTTPはマルチキャストをサポートしておらず、その結果、HTTP /.Well-Nownd/Coreリソースを使用してユニキャストの発見のみをサポートできます。

RDs implementing this specification MUST support query filtering for the rt parameter, as defined in [RFC6690].


While the link targets in this discovery step are often expressed in path-absolute form, this is not a requirement. Clients of the RD SHOULD therefore accept URIs of all schemes they support, both as URIs and relative references, and not limit the set of discovered URIs to those hosted at the address used for URI discovery.


With security policies where the client requires the RD to be authorized to act as an RD, that authorization may be limited to resources on which the authorized RD advertises the adequate resource types. Clients that have obtained links they cannot rely on yet can repeat the "URI discovery" step at the /.well-known/core resource of the indicated host to obtain the resource type information from an authorized source.

クライアントがRDがRDとして行動することを許可することを要求するセキュリティポリシーでは、その認可は、認定されたRDが適切なリソースタイプを宣伝するリソースに限定される場合があります。まだ依存できないリンクを取得したクライアントは、指定されたホストの /.Well-Nownd/Coreリソースで「URI Discovery」ステップを繰り返して、承認されたソースからリソースタイプ情報を取得できます。

The URI discovery operation can yield multiple URIs of a given resource type. The client of the RD can try out any of the discovered addresses.


The discovery request interface is specified as follows (this is exactly the well-known interface of [RFC6690], Section 4, with the additional requirement that the server MUST support query filtering):


   Interaction:  EP, CT, or Client -> RD

Method: GET


   URI Template:  /.well-known/core{?rt}

URI Template Variables:


rt := Resource Type. SHOULD contain one of the values "core.rd", "core.rd-lookup*", "core.rd-lookup-res", "core.rd-lookup-ep", or "core.rd*"


Accept: absent, application/link-format, or any other media type representing web links


The following response is expected on this interface:


Success: 2.05 (Content) or 200 (OK) with an application/link-format or other web link payload containing one or more matching entries for the RD resource.


The following example shows an endpoint discovering an RD using this interface, thus learning that the directory resource location in this example is /rd and that the content format delivered by the server hosting the resource is application/link-format (ct=40). Note that it is up to the RD to choose its RD locations.

次の例は、このインターフェイスを使用してRDを発見するエンドポイントを示しているため、この例のディレクトリリソースの場所が /RDであり、リソースをホストするサーバーが配信するコンテンツ形式がアプリケーション /リンクフォーマット(CT = 40)であることがわかります。RDの場所を選択するのはRD次第であることに注意してください。

   Req: GET coap://[ff02::fe]/.well-known/core?rt=core.rd*
   Res: 2.05 Content

Figure 5: Example Discovery Exchange


The following example shows the way of indicating that a client may request alternate content formats. The Content-Format code attribute "ct" MAY include a space-separated sequence of Content-Format codes, as specified in Section 7.2.1 of [RFC7252], indicating that multiple content formats are available. The example below shows the required Content-Format 40 (application/link-format) indicated, as well as Concise Binary Object Representation (CBOR) and JSON representations in the style of [CORE-LINKS-JSON] (for which the experimental values 65060 and 65050 are used in this example). The RD resource locations /rd and /rd-lookup are example values. The server in this example also indicates that it is capable of providing observation on resource lookups.

次の例は、クライアントが代替コンテンツ形式を要求できることを示す方法を示しています。コンテンツフォーマットコード属性「CT」には、[RFC7252]のセクション7.2.1で指定されているように、コンテンツ形式コードのスペース分離シーケンスが含まれる場合があり、複数のコンテンツ形式が利用可能であることを示します。以下の例は、必要なコンテンツフォーマット40(アプリケーション/リンク形式)と、[Core-Links-JSON]のスタイルの簡潔なバイナリオブジェクト表現(CBOR)およびJSON表現を示しています(実験値65060この例では65050が使用されています)。RD Resource Locations /RDおよび /RD-Lookupは例の値です。この例のサーバーは、リソースの検索に関する観察を提供できることも示しています。

   Req: GET coap://[ff02::fe]/.well-known/core?rt=core.rd*
   Res: 2.05 Content
   </rd-lookup/res>;rt=core.rd-lookup-res;ct="40 65060 65050";obs,
   </rd-lookup/ep>;rt=core.rd-lookup-ep;ct="40 65060 65050"

Figure 6: Example Discovery Exchange Indicating Additional Content-Formats


For maintenance, management, and debugging, it can be useful to identify the components that constitute the RD server. The identification can be used to find client-server incompatibilities, supported features, required updates, and other aspects. The well-known interface described in Section 4 of [RFC6690] can be used to find such data.


It would typically be stored in an implementation information link (as described in [T2TRG-REL-IMPL]).


   Req: GET /.well-known/core?rel=impl-info
   Res: 2.05 Content

Figure 7: Example Exchange of Obtaining Implementation Information Using the Relation Type Currently Proposed in [T2TRG-REL-IMPL]


Note that, depending on the particular server's architecture, such a link could be anchored at the RD server's root (as in this example) or at individual RD components. The latter is to be expected when different applications are run on the same server.


5. Registration
5. 登録

After discovering the location of an RD, a registrant-EP or CT MAY register the resources of the registrant-EP using the registration interface. This interface accepts a POST from an endpoint containing the list of resources to be added to the directory as the message payload in the CoRE Link Format [RFC6690] or other representations of web links, along with query parameters indicating the name of the endpoint and, optionally, the sector, lifetime, and base URI of the registration. It is expected that other specifications will define further parameters (see Section 9.3). The RD then creates a new registration resource in the RD and returns its location. The receiving endpoint MUST use that location when refreshing registrations using this interface. Registration resources in the RD are kept active for the period indicated by the lifetime parameter. The creating endpoint is responsible for refreshing the registration resource within this period, using either the registration or update interface. The registration interface MUST be implemented to be idempotent, so that registering twice with the same endpoint parameters ep and d (sector) does not create multiple registration resources.

RDの場所を発見した後、登録者のEPまたはCTは、登録インターフェイスを使用して登録者-EPのリソースを登録することができます。このインターフェイスは、コアリンク形式[RFC6690]のメッセージペイロードとしてディレクトリに追加されるリソースのリストを含むエンドポイントからの投稿を受け入れます。オプションで、登録のセクター、生涯、および基地URI。他の仕様がさらなるパラメーターを定義することが期待されています(セクション9.3を参照)。その後、RDはRDに新しい登録リソースを作成し、その場所を返します。受信エンドポイントは、このインターフェイスを使用して登録を更新するときにその場所を使用する必要があります。 RDの登録リソースは、生涯パラメーターで示される期間、アクティブに保たれます。作成エンドポイントは、登録インターフェイスまたは更新インターフェイスのいずれかを使用して、この期間内に登録リソースを更新する責任があります。登録インターフェイスは、同じエンドポイントパラメーターEPおよびD(セクター)に2回登録しても、複数の登録リソースを作成しないように、等程度になるように実装する必要があります。

The following rules apply for a registration request targeting a given (ep, d) value pair:


* When the (ep, d) value pair of the registration request is different from any existing registration, a new registration is generated.

* 登録要求の(ep、d)値ペアが既存の登録とは異なる場合、新しい登録が生成されます。

* When the (ep, d) value pair of the registration request is equal to an existing registration, the content and parameters of the existing registration are replaced with the content of the registration request. As with changes to registration resources, security policies (Section 7) usually require such requests to come from the same device.

* 登録要求の(ep、d)値ペアが既存の登録に等しい場合、既存の登録のコンテンツとパラメーターは登録要求のコンテンツに置き換えられます。登録リソースの変更と同様に、セキュリティポリシー(セクション7)は通常、同じデバイスからのリクエストを必要とします。

The posted link-format document can (and typically does) contain relative references both in its link targets and in its anchors; it can also contain empty anchors. The RD server needs to resolve these references in order to faithfully represent them in lookups. They are resolved against the base URI of the registration, which is provided either explicitly in the base parameter or constructed implicitly from the requester's URI, as constructed from its network address and scheme.


For media types to which Appendix C applies (i.e., documents in application/link-format), request bodies MUST be expressed in Limited Link Format.


The registration request interface is specified as follows:


   Interaction:  EP or CT -> RD

Method: POST


   URI Template:  {+rd}{?ep,d,lt,base,extra-attrs*}

URI Template Variables:


rd := RD registration URI (mandatory). This is the location of the RD, as obtained from discovery.

RD:= RD登録URI(必須)。これは、発見から得られたRDの場所です。

ep := Endpoint name (mostly mandatory). The endpoint name is an identifier that MUST be unique within a sector.


As the endpoint name is a Unicode string, it is encoded in UTF-8 (and possibly percent encoded) during variable expansion (see [RFC6570], Section 3.2.1). The endpoint name MUST NOT contain any character in the inclusive ranges 0-31 or 127-159.


The maximum length of this parameter is 63 bytes encoded in UTF-8.


If the RD is configured to recognize the endpoint that is to be authorized to use exactly one endpoint name, the RD assigns that name. In that case, giving the endpoint name becomes optional for the client; if the client gives any other endpoint name, it is not authorized to perform the registration.


d := Sector (optional). This is the sector to which this endpoint belongs. When this parameter is not present, the RD MAY associate the endpoint with a configured default sector (possibly based on the endpoint's authorization) or leave it empty.


The sector is encoded like the ep parameter and is limited to 63 bytes encoded in UTF-8 as well.


lt := Lifetime (optional). This is the lifetime of the registration in seconds, with a range of 1-4294967295. If no lifetime is included in the initial registration, a default value of 90000 (25 hours) SHOULD be assumed.

LT:= lifetime(オプション)。これは、1-4294967295の範囲で、数秒での登録の寿命です。最初の登録に寿命が含まれていない場合、90000(25時間)のデフォルト値を想定する必要があります。

base := Base URI (optional). This parameter sets the base URI of the registration, under which the relative links in the payload are to be interpreted. The specified URI typically does not have a path component of its own and MUST be suitable as a base URI to resolve any relative references given in the registration. The parameter is therefore usually of the shape "scheme://authority" for HTTP and CoAP URIs. The URI SHOULD NOT have a query or fragment component, as any non-empty relative part in a reference would remove those parts from the resulting URI.

ベース:=ベースURI(オプション)。このパラメーターは、登録のベースURIを設定します。その下には、ペイロードの相対リンクが解釈されます。指定されたURIには通常、独自のパスコンポーネントがなく、登録で与えられた相対的な参照を解決するためのベースURIとして適している必要があります。したがって、パラメーターは通常、HTTPおよびCOAP URIの形状「Scheme:// Authority」です。参照内の空でない相対部品が得られたURIからそれらの部分を削除するため、URIにはクエリまたはフラグメントコンポーネントがないはずです。

In the absence of this parameter, the scheme of the protocol, the source address, and the source port of the registration request are assumed. The base URI is consecutively constructed by concatenating the used protocol's scheme with the characters "://", the requester's source address as an address literal, and ":" followed by its port (if it was not the protocol's default one). This is analogous to the process described in [RFC7252], Section 6.5.


This parameter is mandatory when the directory is filled by a third party, such as a commissioning tool.


If the registrant-EP uses an ephemeral port to register with, it MUST include the base parameter in the registration to provide a valid network path.


A registrant that cannot be reached by potential lookup clients at the address it registers from (e.g., because it is behind some form of Network Address Translation (NAT)) MUST provide a reachable base address with its registration.


If the base URI contains a link-local IP literal, it MUST NOT contain a Zone Identifier and MUST be local to the link on which the registration request is received.


Endpoints that register with a base that contains a path component cannot efficiently express their registrations in Limited Link Format (Appendix C). Those applications should use different representations of links to which Appendix C is not applicable (e.g., [CORE-CORAL]).


extra-attrs := Additional registration attributes (optional). The endpoint can pass any parameter registered in Section 9.3 to the directory. If the RD is aware of the parameter's specified semantics, it processes the parameter accordingly. Otherwise, it MUST store the unknown key and its value(s) as an endpoint attribute for further lookup.


Content-Format: application/link-format or any other indicated media type representing web links


The following response is expected on this interface:


Success: 2.01 (Created) or 201 (Created). The Location-Path option or Location header field MUST be included in the response. This location MUST be a stable identifier generated by the RD, as it is used for all subsequent operations on this registration resource. The registration resource location thus returned is for the purpose of updating the lifetime of the registration and for maintaining the content of the registered links, including updating and deleting links.


A registration with an already-registered ep and d value pair responds with the same success code and location as the original registration; the set of links registered with the endpoint is replaced with the links from the payload.


The location MUST NOT have a query or fragment component, as that could conflict with query parameters during the registration update operation. Therefore, the Location-Query option MUST NOT be present in a successful response.


If the registration fails, including request timeouts, or if delays from Service Unavailable responses with Max-Age or Retry-After accumulate to exceed the registrant's configured timeouts, it SHOULD pick another registration URI from the "URI discovery" step of Section 4.3, and, if there is only one or the list is exhausted, pick other choices from the "finding a resource directory" step of Section 4.1. Care has to be taken to consider the freshness of results obtained earlier, e.g., the result of a /.well-known/core response, the lifetime of an RDAO, and DNS responses. Any rate limits and persistent errors from the "finding a resource directory" step must be considered for the whole registration time, not only for a single operation.

リクエストのタイムアウトを含む登録が失敗した場合、または最大年齢または再試行後のサービスからの遅延が登録者の設定されたタイムアウトを超えて蓄積した場合、セクション4.3の「URI発見」ステップから別の登録URIを選択するはずです。、1つのみがある場合、またはリストが使い果たされている場合は、セクション4.1の「リソースディレクトリの検索」ステップから他の選択肢を選択します。以前に得られた結果の新鮮さを考慮するには注意が必要です。たとえば、a /.well-kond/core応答の結果、RDAOの寿命、およびDNS応答の結果です。「リソースディレクトリの検索」ステップからの任意の制限と永続的なエラーは、単一の操作だけでなく、登録時間全体で考慮する必要があります。

The following example shows a registrant-EP with the name "node1" registering two resources to an RD using this interface. The location "/rd" is an example RD location discovered in a request similar to Figure 5.


   Req: POST coap://
   Content-Format: 40
   Res: 2.01 Created
   Location-Path: /rd/4521

Figure 8: Example Registration Payload


An RD may optionally support HTTP. Here is an example of almost the same registration operation above when done using HTTP.


   POST /rd?ep=node1&base=http://[2001:db8:1::1] HTTP/1.1
   Content-Type: application/link-format
   HTTP/1.1 201 Created
   Location: /rd/4521

Figure 9: Example Registration Payload as Expressed Using HTTP


5.1. Simple Registration
5.1. 簡単な登録

Not all endpoints hosting resources are expected to know how to upload links to an RD, as described in Section 5. Instead, simple endpoints can implement the simple registration approach described in this section. An RD implementing this specification MUST implement simple registration. However, there may be security reasons why this form of directory discovery would be disabled.


This approach requires that the registrant-EP makes available the hosted resources that it wants to be discovered as links on its /.well-known/core interface, as specified in [RFC6690]. The links in that document are subject to the same limitations as the payload of a registration (with respect to Appendix C).

このアプローチでは、登録者-EPが[RFC6690]で指定されているように、 /.well-nown /coreインターフェイスのリンクとして発見したいホストリソースを利用できるようにする必要があります。そのドキュメントのリンクは、登録のペイロードと同じ制限の対象となります(付録Cに関して)。

* The registrant-EP finds one or more addresses of the directory server, as described in Section 4.1.

* 登録者-EPは、セクション4.1で説明されているように、ディレクトリサーバーの1つ以上のアドレスを見つけます。

* The registrant-EP sends (and regularly refreshes with) a POST request to the /.well-known/rd URI of the directory server of choice. The body of the POST request is empty and triggers the resource directory server to perform GET requests (redone before lifetime expiry) at the requesting registrant-EP's /.well-known/ core to obtain the link-format payload to register.

* 登録者-EPは、選択したディレクトリサーバーの /.well-nking/rd uriにPOSTリクエストを送信します(および定期的にリフレッシュします)。POSTリクエストの本文は空で、リクエストリクエスト(Lifetime Expiryの前にやり直します)を要求する登録済みの[well-nown / coreでGet Requests(Lifetime Expiryの前にやり直し)を実行するためにリソースディレクトリサーバーをトリガーします。リンクフォーマットペイロードを取得します。

The registrant-EP includes the same registration parameters in the POST request as it would with a regular registration, per Section 5. The registration base URI of the registration is taken from the registrant-EP's network address (as is default with regular registrations).


The following is an example request from the registrant-EP to the RD (unanswered until the next step):


      Req: POST /.well-known/rd?lt=6000&ep=node1
      (No payload)

Figure 10: First-Half Example Exchange of a Simple Registration


* The RD queries the registrant-EP's discovery resource to determine the success of the operation. It SHOULD keep a cache of the discovery resource and not query it again as long as it is fresh.

* RDは、登録者-EPの発見リソースを照会して、操作の成功を決定します。発見リソースのキャッシュを保持し、新鮮である限り再度照会する必要はありません。

The following is an example request from the RD to the registrant-EP:


      Req: GET /.well-known/core
      Accept: 40
      Res: 2.05 Content
      Content-Format: 40

Figure 11: Example Exchange of the RD Querying the Simple Endpoint


With this response, the RD would answer the previous step's request:


Res: 2.04 Changed


Figure 12: Second-Half Example Exchange of a Simple Registration


The sequence of fetching the registration content before sending a successful response was chosen to make responses reliable, and the point about caching was chosen to still allow very constrained registrants. Registrants MUST be able to serve a GET request to /.well-known/core after having requested registration. Constrained devices MAY regard the initial request as temporarily failed when they need RAM occupied by their own request to serve the RD's GET and retry later when the RD already has a cached representation of their discovery resources. Then, the RD can reply immediately, and the registrant can receive the response.

成功した応答を送信する前に登録コンテンツをフェッチするシーケンスが選択され、応答が信頼できるようになり、キャッシュに関するポイントは、非常に制約された登録者を許可するために選択されました。登録者は、登録を要求した後、 /.well-known/coreにget requestを提供できる必要があります。制約されたデバイスは、RDのGetを提供するという独自の要求によってRAMが占有され、RDが発見リソースのキャッシュされた表現を既に持っている場合に、RAMが自分のリクエストを使用する必要がある場合に一時的に失敗したと見なす場合があります。その後、RDはすぐに返信でき、登録者は応答を受け取ることができます。

The simple registration request interface is specified as follows:


   Interaction:  EP -> RD

Method: POST


   URI Template:  /.well-known/rd{?ep,d,lt,extra-attrs*}

URI Template Variables are the same as for registration in Section 5. The base attribute is not accepted to keep the registration interface simple; that rules out registration over CoAP-over-TCP or HTTP that would need to specify one. For some time during this document's development, the URI Template /.well-known/core{?ep,...} was in use instead.

URIテンプレート変数は、セクション5の登録と同じです。登録インターフェイスをシンプルに保つために、ベース属性は受け入れられません。これは、Coap-Over-TCPまたはHTTPを介した登録を排除し、1つを指定する必要があります。このドキュメントの開発中しばらくの間、URIテンプレート /.Well-Nowned/Core {?Ep、...}は代わりに使用されていました。

The following response is expected on this interface:


Success: 2.04 (Changed)


For the second interaction triggered by the above, the registrant-EP takes the role of server and the RD takes the role of client. (Note that this is exactly the well-known interface of [RFC6690], Section 4):


   Interaction:  RD -> EP

Method: GET


   URI Template:  /.well-known/core

The following response is expected on this interface:


Success: 2.05 (Content)


When the RD uses any authorization credentials to access the endpoint's discovery resource or when it is deployed in a location where third parties might reach it but not the endpoint, it SHOULD verify that the apparent registrant-EP intends to register with the given registration parameters before revealing the obtained discovery information to lookup clients. An easy way to do that is to verify the simple registration request's sender address using the Echo option, as described in [RFC9175], Section 2.4.


The RD MUST delete registrations created by simple registration after the expiration of their lifetime. Additional operations on the registration resource cannot be executed because no registration location is returned.


5.2. Third-Party Registration
5.2. サードパーティの登録

For some applications, even simple registration may be too taxing for some very constrained devices, in particular, if the security requirements become too onerous.


In a controlled environment (e.g., building control), the RD can be filled by a third-party device, called a Commissioning Tool (CT). The CT can fill the RD from a database or other means. For that purpose scheme, the IP address and port of the URI of the registered device is the value of the "base" parameter of the registration described in Section 5.


It should be noted that the value of the "base" parameter applies to all the links of the registration and has consequences for the anchor value of the individual links, as exemplified in Appendix B. A potential (currently nonexistent) "base" attribute of the link is not affected by the value of "base" parameter in the registration.


5.3. Operations on the Registration Resource
5.3. 登録リソースの操作

This section describes how the registering endpoint can maintain the registrations that it created. The registering endpoint can be the registrant-EP or the CT. The registrations are resources of the RD.


An endpoint should not use this interface for registrations that it did not create. This is usually enforced by security policies, which, in general, require equivalent credentials for creation of and operations on a registration.


After the initial registration, the registering endpoint retains the returned location of the registration resource for further operations, including refreshing the registration in order to extend the lifetime and "keep-alive" the registration. When the lifetime of the registration has expired, the RD SHOULD NOT respond to discovery queries concerning this endpoint. The RD SHOULD continue to provide access to the registration resource after a registration timeout occurs in order to enable the registering endpoint to eventually refresh the registration. The RD MAY eventually remove the registration resource for the purpose of garbage collection. If the registration resource is removed, the corresponding endpoint will need to be reregistered.


The registration resource may also be used to cancel the registration using DELETE and to perform further operations beyond the scope of this specification.


Operations on the registration resource are sensitive to reordering; Section 5.3.4 describes how order is restored.


The operations on the registration resource are described below.


5.3.1. Registration Update
5.3.1. 登録更新

The update interface is used by the registering endpoint to refresh or update its registration with an RD. To use the interface, the registering endpoint sends a POST request to the registration resource returned by the initial registration operation.


An update MAY update registration parameters, such as lifetime, base URI, or others. Parameters that are not being changed should not be included in an update. Adding parameters that have not changed increases the size of the message but does not have any other implications. Parameters are included as query parameters in an update operation, as in Section 5.

更新は、Lifetime、Base URIなどの登録パラメーターを更新する場合があります。変更されていないパラメーターは、更新に含まれないでください。変更されていないパラメーターを追加すると、メッセージのサイズが増加しますが、他の意味はありません。セクション5のように、パラメーターは更新操作のクエリパラメーターとして含まれています。

A registration update resets the timeout of the registration to the (possibly updated) lifetime of the registration, independent of whether an lt parameter was given.


If the base URI of the registration is changed in an update, relative references submitted in the original registration or later updates are resolved anew against the new base.


The registration update operation only describes the use of POST with an empty payload. Future standards might describe the semantics of using content formats and payloads with the POST method to update the links of a registration (see Section 5.3.3).


The update registration request interface is specified as follows:


   Interaction:  EP or CT -> RD

Method: POST


   URI Template:  {+location}{?lt,base,extra-attrs*}

URI Template Variables:


location := This is the location returned by the RD as a result of a successful earlier registration.


lt := Lifetime (optional). This is the lifetime of the registration in seconds, with a range of 1-4294967295. If no lifetime is included, the previous last lifetime set on a previous update or the original registration (falling back to 90000) SHOULD be used.

LT:= lifetime(オプション)。これは、1-4294967295の範囲で、数秒での登録の寿命です。寿命が含まれていない場合は、以前の更新または元の登録(90000に戻る)に前回の最後の生涯セットを使用する必要があります。

base := Base URI (optional). This parameter updates the base URI established in the original registration to a new value and is subject to the same restrictions as in the registration.


If the parameter is set in an update, it is stored by the RD as the new base URI under which to interpret the relative links present in the payload of the original registration.


If the parameter is not set in the request but was set before, the previous base URI value is kept unmodified.


If the parameter is not set in the request and was not set before either, the source address and source port of the update request are stored as the base URI.


extra-attrs := Additional registration attributes (optional). As with the registration, the RD processes them if it knows their semantics. Otherwise, unknown attributes are stored as endpoint attributes, overriding any previously stored endpoint attributes of the same key.


Note that this default behavior does not allow removing an endpoint attribute in an update. For attributes whose functionality depends on the endpoints' ability to remove them in an update, it can make sense to define a value whose presence is equivalent to the absence of a value. As an alternative, an extension can define different updating rules for their attributes. That necessitates either discovering whether the RD is aware of that extension or tolerating the default behavior.


Content-Format: none (no payload)


The following responses are expected on this interface:


Success: 2.04 (Changed) or 204 (No Content) if the update was successfully processed.


Failure: 4.04 (Not Found) or 404 (Not Found). Registration does not exist (e.g., may have been removed).


If the registration update fails in any way, including "Not Found" and request timeouts, or if the time indicated in a Service Unavailable Max-Age/Retry-After exceeds the remaining lifetime, the registering endpoint SHOULD attempt registration again.


The following example shows how the registering endpoint resets the timeout on its registration resource at an RD using this interface with the example location value /rd/4521:


   Req: POST /rd/4521

Res: 2.04 Changed


Figure 13: Example Update of a Registration


The following example shows the registering endpoint updating its registration resource at an RD using this interface with the example location value /rd/4521. The initial registration by the registering endpoint set the following values:

次の例は、登録エンドポイントが、このインターフェイスを使用して、このインターフェイスを使用して、場所の値 /RD /4521を使用してRDで登録リソースを更新することを示しています。登録エンドポイントによる初期登録は、次の値を設定します。

* endpoint name (ep)=endpoint1

* エンドポイント名(EP)= EndPoint1

* lifetime (lt)=500

* 生涯(LT)= 500

* base URI (base)=coap://

* base uri(base)= coap://local-proxy

* payload of Figure 8

* 図8のペイロード

The initial state of the RD is reflected in the following request:


   Req: GET /rd-lookup/res?ep=endpoint1
   Res: 2.05 Content

Figure 14: Example Lookup Before a Change to the Base Address


The following example shows the registering endpoint changing the base URI to coaps://


   Req: POST /rd/4521?base=coaps://

Res: 2.04 Changed


Figure 15: Example Registration Update that Changes the Base Address


The consecutive query returns:


   Req: GET /rd-lookup/res?ep=endpoint1
   Res: 2.05 Content

Figure 16: Example Lookup After a Change to the Base Address


5.3.2. Registration Removal
5.3.2. 登録削除

Although RD registrations have soft state and will eventually time out after their lifetime, the registering endpoint SHOULD explicitly remove an entry from the RD if it knows it will no longer be available (for example, on shutdown). This is accomplished using a removal interface on the RD by performing a DELETE on the endpoint resource.


The removal request interface is specified as follows:


   Interaction:  EP or CT -> RD

Method: DELETE


   URI Template:  {+location}

URI Template Variables:


location := This is the location returned by the RD as a result of a successful earlier registration.


The following responses are expected on this interface:


Success: 2.02 (Deleted) or 204 (No Content) upon successful deletion.


Failure: 4.04 (Not Found) or 404 (Not Found). Registration does not exist (e.g., may already have been removed).


The following example shows successful removal of the endpoint from the RD with example location value /rd/4521:

次の例では、RD /RD /4521の例でRDからエンドポイントの削除が成功したことを示しています。

   Req: DELETE /rd/4521

Res: 2.02 Deleted


Figure 17: Example of a Registration Removal


5.3.3. Further Operations
5.3.3. さらなる操作

Additional operations on the registration can be specified in future documents, for example:


* Send iPATCH (or PATCH) updates [RFC8132] to add, remove, or change the links of a registration.

* iPatch(またはパッチ)更新[RFC8132]を送信して、登録のリンクを追加、削除、または変更します。

* Use GET to read the currently stored set of links in a registration resource.

* 使用して、登録リソースの現在保存されているリンクのセットを読み取ります。

Those operations are out of scope of this document and will require media types suitable for modifying sets of links.


5.3.4. Request Freshness
5.3.4. 新鮮さをリクエストします

Some security mechanisms usable with an RD allow out-of-order request processing or do not even mandate replay protection at all. The RD needs to ensure that operations on the registration resource are executed in an order that does not distort the client's intentions.


This ordering of operations is expressed in terms of freshness, as defined in [RFC9175]. Requests that alter a resource's state need to be fresh relative to the latest request that altered that state in a conflicting way.


An RD SHOULD determine a request's freshness and MUST use the Echo option if it requires request freshness and cannot determine it in any other way. An endpoint MUST support the use of the Echo option. (One reason why an RD would not require freshness is when no relevant registration properties are covered by its security policies.)

RDは、リクエストの新鮮さを決定し、リクエストの新鮮さが必要であり、他の方法でそれを決定できない場合は、エコーオプションを使用する必要があります。エンドポイントは、エコーオプションの使用をサポートする必要があります。(RDが新鮮さを必要としない理由の1つは、関連する登録プロパティがセキュリティポリシーの対象となっている場合です。) Efficient Use of Echo by an RD RDによるエコーの効率的な使用

To keep latency and traffic added by the freshness requirements to a minimum, RDs should avoid naive (sufficient but inefficient) freshness criteria.


Some simple mechanisms the RD can employ are:


* State counter. The RD can keep a monotonous counter that increments whenever a registration changes. For every registration resource, it stores the post-increment value of that resource's last change. Requests altering them need to have at least that value encoded in their Echo option and are otherwise rejected with a 4.01 (Unauthorized) and the current counter value as the Echo value. If other applications on the same server use Echo as well, that encoding may include a prefix indicating that it pertains to the RD's counter.

* ステートカウンター。RDは、登録が変更されるたびに増加する単調なカウンターを保持できます。登録リソースごとに、そのリソースの最後の変更のポストインクリメント値を保存します。それらを変更するリクエストには、少なくともその値がエコーオプションでエンコードされ、それ以外の場合は4.01(不正)および現在のカウンター値がエコー値として拒否される必要があります。同じサーバー上の他のアプリケーションもエコーを使用している場合、そのエンコードには、RDのカウンターに関係することを示すプレフィックスが含まれる場合があります。

The value associated with a resource needs to be kept across the removal of registrations if the same registration resource is to be reused.


The counter can be reset (and the values of removed resources forgotten) when all previous security associations are reset.


This is the "Persistent Counter" method of [RFC9175], Appendix A.


* Preemptive Echo values. The current state counter can be sent in an Echo option not only when requests are rejected with 4.01 (Unauthorized) but also with successful responses. Thus, clients can be provided with Echo values sufficient for their next request on a regular basis. This is also described in Section 2.3 of [RFC9175]

* 先制エコー値。現在の状態カウンターは、リクエストが4.01(不正)で拒否された場合だけでなく、応答が成功した場合だけでなく、エコーオプションで送信できます。したがって、クライアントには、定期的に次のリクエストに十分なエコー値を提供できます。これは[RFC9175]のセクション2.3でも説明されています

While endpoints may discard received Echo values at leisure between requests, they are encouraged to retain these values for the next request to avoid additional round trips.


* If the RD can ensure that only one security association has modifying access to any registration at any given time and that security association provides order on the requests, that order is sufficient to show request freshness.

* RDが、1つのセキュリティ協会のみが任意の時間に登録へのアクセスを変更し、セキュリティ協会がリクエストに注文を提供できるようにすることができる場合、その注文はリクエストの新鮮さを示すのに十分です。 Examples of Echo Usage エコー使用の例

Figure 18 shows the interactions of an endpoint that has forgotten the server's latest Echo value and temporarily reduces its registration lifetime:


   Req: POST /rd/4521?lt=7200

Res: 4.01 Unauthorized Echo: 0x0123


(EP tries again immediately.)


   Req: POST /rd/4521?lt=7200
   Echo: 0x0123

Res: 2.04 Changed Echo: 0x0124


(Later, the EP regains its confidence in its long-term reachability.)


   Req: POST /rd/4521?lt=90000
   Echo: 0x0124

Res: 2.04 Changed Echo: 0x0247


Figure 18: Example Update of a Registration


The other examples do not show Echo options for two reasons: (1) for simplicity and (2) because they lack the context for any example values to have meaning.


6. RD Lookup
6. RDルックアップ

To discover the resources registered with the RD, a lookup interface must be provided. This lookup interface is defined as a default, and it is assumed that RDs may also support lookups to return resource descriptions in alternative formats (e.g., JSON or CBOR link format [CORE-LINKS-JSON]) or use more advanced interfaces (e.g., supporting context- or semantic-based lookup) on different resources that are discovered independently.


RD lookup allows lookups for endpoints and resources using attributes defined in this document and for use with the CoRE Link Format. The result of a lookup request is the list of links (if any) corresponding to the type of lookup. Thus, an endpoint lookup MUST return a list of endpoints, and a resource lookup MUST return a list of links to resources.

RD Lookupを使用すると、このドキュメントで定義されている属性を使用し、コアリンク形式で使用するエンドポイントとリソースのルックアップが可能になります。ルックアップリクエストの結果は、ルックアップのタイプに対応するリンクのリスト(ある場合)です。したがって、エンドポイントの検索はエンドポイントのリストを返す必要があり、リソースルックアップはリソースへのリンクのリストを返す必要があります。

The lookup type implemented by a lookup resource is indicated by a resource type, as per Table 1:


             | Lookup Type | Resource Type      | Mandatory |
             | Resource    | core.rd-lookup-res | Mandatory |
             | Endpoint    | core.rd-lookup-ep  | Mandatory |

Table 1: Lookup Types


6.1. Resource Lookup
6.1. リソースの検索

Resource lookup results in links that are semantically equivalent to the links submitted to the RD by the registrant. The links and link parameters returned by the lookup are equal to the originally submitted ones, except that the target reference is fully resolved and that the anchor reference is fully resolved if it is present in the lookup result at all.


Links that did not have an anchor attribute in the registration are returned without an anchor attribute. Links of which href or anchor was submitted as a (full) URI are returned with the respective attribute unmodified.


The above rules allow the client to interpret the response as links without any further knowledge of the storage conventions of the RD. The RD MAY replace the registration base URIs with a configured intermediate proxy, e.g., in the case of an HTTP lookup interface for CoAP endpoints.


If the base URI of a registration contains a link-local address, the RD MUST NOT show its links unless the lookup was made from the link on which the registered endpoint can be reached. The RD MUST NOT include zone identifiers in the resolved URIs.


6.2. Lookup Filtering
6.2. ルックアップフィルタリング

Using the Accept option, the requester can control whether the returned list is returned in CoRE Link Format (application/link-format, default) or in alternate content formats (e.g., from [CORE-LINKS-JSON]).


Multiple search criteria MAY be included in a lookup. All included criteria MUST match for a link to be returned. The RD MUST support matching with multiple search criteria.


A link matches a search criterion if it has an attribute of the same name and the same value, allowing for a trailing "*" wildcard operator, as in Section 4.1 of [RFC6690]. Attributes that are defined as relation-types (in the link-format ABNF) match if the search value matches any of their values (see Section 4.1 of [RFC6690]; for example, ?,2020:sensor matches ;if="example.regname,2020:sensor";. A resource link also matches a search criterion if its endpoint would match the criterion, and vice versa, an endpoint link matches a search criterion if any of its resource links matches it.

[RFC6690]のセクション4.1のように、同じ名前と同じ値の属性と同じ値の属性がある場合、リンクは検索基準と一致します。検索値がその値のいずれかと一致する場合、関係タイプとして定義される属性(リンクフォーマットABNF)は一致します([RFC6690]のセクション4.1を参照、?一致; if = "example.regnameタグ、2020:センサー";。エンドポイントが基準と一致する場合、リソースリンクも検索基準と一致し、その逆の場合、エンドポイントリンクは検索基準と一致しますそのリソースリンクはそれと一致します。

Note that href is a valid search criterion and matches target references. Like all search criteria, on a resource lookup, it can match the target reference of the resource link itself but also the registration resource of the endpoint that registered it. Queries for resource link targets MUST be in URI form (i.e., not relative references) and are matched against a resolved link target. Queries for endpoints SHOULD be expressed in path-absolute form if possible and MUST be expressed in URI form otherwise; the RD SHOULD recognize either. The anchor attribute is usable for resource lookups and, if queried, MUST be in URI form as well.


Additional query parameters "page" and "count" are used to obtain lookup results in specified increments using pagination, where count specifies how many links to return and page specifies which subset of links organized in sequential pages, each containing 'count' links, starting with link zero and page zero. Thus, specifying a count of 10 and page of 0 will return the first 10 links in the result set (links 0-9). Specifying a count of 10 and page of 1 will return the next 'page' containing links 10-19, and so on. Unlike block-wise transfer of a complete result set, these parameters ensure that each chunk of results can be interpreted on its own. This simplifies the processing but can result in duplicate or missed items when coinciding with changes from the registration interface.


Endpoints that are interested in a lookup result repeatedly or continuously can use mechanisms such as ETag caching, resource observation [RFC7641], or any future mechanism that might allow more efficient observations of collections. These are advertised, detected, and used according to their own specifications and can be used with the lookup interface as with any other resource.


When resource observation is used, every time the set of matching links changes or the content of a matching link changes, the RD sends a notification with the matching link set. The notification contains the successful current response to the given request, especially with respect to representing zero matching links (see "Success" item below).


The lookup interface is specified as follows:


   Interaction:  Client -> RD

Method: GET


   URI Template:  {+type-lookup-location}{?page,count,search*}

URI Template Variables:


type-lookup-location := RD lookup URI for a given lookup type (mandatory). The address is discovered as described in Section 4.3.


search := Search criteria for limiting the number of results (optional). The search criteria are an associative array, expressed in a form-style query, as per the URI Template (see [RFC6570], Sections 2.4.2 and 3.2.8).


page := Page (optional). This parameter cannot be used without the count parameter. Results are returned from result set in pages that contain 'count' links starting from index (page * count). Page numbering starts with zero.

ページ:= page(optional)。このパラメーターは、カウントパラメーターなしでは使用できません。結果は、インデックス(ページ *カウント)から始まる「カウント」リンクを含むページで結果セットから返されます。ページ番号はゼロから始まります。

count := Count (optional). The number of results is limited to this parameter value. If the page parameter is also present, the response MUST only include 'count' links starting with the (page * count) link in the result set from the query. If the count parameter is not present, then the response MUST return all matching links in the result set. Link numbering starts with zero.

count:= count(optional)。結果の数は、このパラメーター値に制限されています。ページパラメーターも存在する場合、応答には、クエリから結果セットの(page * count)リンクから始まる「カウント」リンクのみを含める必要があります。カウントパラメーターが存在しない場合、応答は結果セットのすべての一致するリンクを返す必要があります。リンク番号はゼロで始まります。

Accept: absent, application/link-format, or any other indicated media type representing web links


The following responses codes are defined for this interface:


Success: 2.05 (Content) or 200 (OK) with an application/link-format or other web link payload containing matching entries for the lookup.


The payload can contain zero links (which is an empty payload in the link format described in [RFC6690] but could also be [] in JSON-based formats), indicating that no entities matched the request.


6.3. Resource Lookup Examples
6.3. リソースルックアップの例

The examples in this section assume the existence of CoAP hosts with a default CoAP port 61616. HTTP hosts are possible and do not change the nature of the examples.


The following example shows a client performing a resource lookup with the example resource lookup locations discovered in Figure 5:


   Req: GET /rd-lookup/res?,2020:temperature
   Res: 2.05 Content

Figure 19: Example of a Resource Lookup


A client that wants to be notified of new resources as they show up can use this observation:


   Req: GET /rd-lookup/res?,2020:light
   Observe: 0

Res: 2.05 Content Observe: 23 Payload: empty


(at a later point in time)


   Res: 2.05 Content
   Observe: 24

Figure 20: Example of an Observing Resource Lookup


The following example shows a client performing a paginated resource lookup:


   Req: GET /rd-lookup/res?page=0&count=5
   Res: 2.05 Content
   Req: GET /rd-lookup/res?page=1&count=5
   Res: 2.05 Content

Figure 21: Example of Paginated Resource Lookup


The following example shows a client performing a lookup of all resources of all endpoints of a given endpoint type. It assumes that two endpoints (with endpoint names sensor1 and sensor2) have previously registered with their respective addresses (coap:// and coap:// and posted the very payload of the 6th response of Section 5 of [RFC6690].


It demonstrates how absolute link targets stay unmodified, while relative ones are resolved:


   Req: GET /rd-lookup/res?,2020:platform
   Res: 2.05 Content
   <coap://>;ct=40;title="Sensor Index",
   <coap://>;ct=40;title="Sensor Index",

Figure 22: Example of a Resource Lookup from Multiple Endpoints


6.4. Endpoint Lookup
6.4. エンドポイントルックアップ

The endpoint lookup returns links to and information about registration resources, which themselves can only be manipulated by the registering endpoint.


Endpoint registration resources are annotated with their endpoint names (ep), sectors (d, if present), and registration base URI (base; reports the registrant-EP's address if no explicit base was given), as well as a constant resource type (rt="core.rd-ep"); the lifetime (lt) is not reported. Additional endpoint attributes are added as target attributes to their endpoint link unless their specification says otherwise.

エンドポイント登録リソースには、エンドポイント名(EP)、セクター(d、存在する場合)、および登録ベースのURI(ベース;明示的なベースが与えられていない場合は登録者-EPの住所を報告します)と定数リソースタイプ(登録者-EPの住所を報告します)に注釈が付けられます(基本)rt = "core.rd-ep");生涯(LT)は報告されていません。仕様が特に言われない限り、追加のエンドポイント属性がエンドポイントリンクにターゲット属性として追加されます。

Links to endpoints SHOULD be presented in path-absolute form or, if required, as (full) URIs. (This ensures that the output conforms to Limited Link Format, as described in Appendix C.)


Base addresses that contain link-local addresses MUST NOT include zone identifiers, and such registrations MUST NOT be shown unless the lookup was made from the same link from which the registration was made.


While the endpoint lookup does expose the registration resources, the RD does not need to make them accessible to clients. Clients SHOULD NOT attempt to dereference or manipulate them.


An RD can report registrations in lookup whose URI scheme and authority differ from that of the lookup resource. Lookup clients MUST be prepared to see arbitrary URIs as registration resources in the results and treat them as opaque identifiers; the precise semantics of such links are left to future specifications.


The following example shows a client performing an endpoint lookup that is limited to endpoints of endpoint type,2020:platform:


   Req: GET /rd-lookup/ep?,2020:platform
   Res: 2.05 Content

Figure 23: Example of Endpoint Lookup


7. Security Policies
7. セキュリティポリシー

The security policies that are applicable to an RD strongly depend on the application and are not set out normatively here.


This section provides a list of aspects that applications should consider when describing their use of the RD, without claiming to cover all cases. It uses terminology of [ACE-OAUTH-AUTHZ], in which the RD acts as the Resource Server (RS), and both registrant-EPs and lookup clients act as Clients (C) with support from an Authorization Server (AS), without the intention of ruling out other schemes (e.g., those based on certificates/Public Key Infrastructures (PKIs)).


Any, all, or none of the below can apply to an application. Which are relevant depends on its protection objectives.


Security policies are set by configuration of the RD or by choice of the implementation. Lookup clients (and, where relevant, endpoints) can only trust an RD to uphold them if it is authenticated and authorized to serve as an RD according to the application's requirements.


7.1. Endpoint Name
7.1. エンドポイント名

Whenever an RD needs to provide trustworthy results to clients doing endpoint lookup or resource lookup with filtering on the endpoint name, the RD must ensure that the registrant is authorized to use the given endpoint name. This applies both to registration and later to operations on the registration resource. It is immaterial whether the client is the registrant-EP itself or a CT is doing the registration. The RD cannot tell the difference, and CTs may use authorization credentials authorizing only operations on that particular endpoint name or a wider range of endpoint names.


It is up to the concrete security policy to describe how the endpoint name and sector are transported when certificates are used. For example, it may describe how SubjectAltName dNSName entries are mapped to endpoint and domain names.

証明書が使用されているときにエンドポイント名とセクターがどのように輸送されるかを説明するのは、具体的なセキュリティポリシー次第です。たとえば、subjectaltname dnsnameエントリがエンドポイントとドメイン名にマッピングされる方法を説明する場合があります。

7.1.1. Random Endpoint Names
7.1.1. ランダムエンドポイント名

Conversely, in applications where the RD does not check the endpoint name, the authorized registering endpoint can generate a random number (or string) that identifies the endpoint. The RD should then remember unique properties of the registrant, associate them with the registration for as long as its registration resource is active (which may be longer than the registration's lifetime), and require the same properties for operations on the registration resource.


Registrants that are prepared to pick a different identifier when their initial attempt (or attempts, in the unlikely case of two subsequent collisions) at registration is unauthorized should pick an identifier at least twice as long as would be needed to enumerate the expected number of registrants; registrants without any such recovery options should pick significantly longer endpoint names (e.g., using Universally Unique Identifier (UUID) URNs [RFC4122]).

登録時に最初の試行(または2回の衝突のありそうもないケースで試行)が不正である場合に別の識別子を選択する準備ができている登録者は、登録者の予想数を列挙するために必要な識別子を少なくとも2倍長く選択する必要があります;このような回復オプションのない登録者は、非常に長いエンドポイント名を選択する必要があります(たとえば、普遍的に一意の識別子(UUID)URN [RFC4122]を使用して)。

7.2. Entered Links
7.2. リンクを入力しました

When lookup clients expect that certain types of links can only originate from certain endpoints, then the RD needs to apply filtering to the links an endpoint may register.


For example, if clients use an RD to find a server that provides firmware updates, then any registrant that wants to register (or update) links to firmware sources will need to provide suitable credentials to do so, independently of its endpoint name.


Note that the impact of having undesirable links in the RD depends on the application. If the client requires the firmware server to present credentials as a firmware server, a fraudulent link's impact is limited to the client revealing its intention to obtain updates and slowing down the client until it finds a legitimate firmware server; if the client accepts any credentials from the server as long as they fit the provided URI, the impact is larger.


An RD may also require that links are only registered if the registrant is authorized to publish information about the anchor (or even target) of the link. One way to do this is to demand that the registrant present the same credentials in its role as a registering client that it would need to present in its role as a server when contacted at the resources' URI. These credentials may include using the address and port that are part of the URI. Such a restriction places severe practical limitations on the links that can be registered.


As above, the impact of undesirable links depends on the extent to which the lookup client relies on the RD. To avoid the limitations, RD applications should consider prescribing that lookup clients only use the discovered information as hints and describe which pieces of information need to be verified because they impact the application's security. A straightforward way to verify such information is to request it again from an authorized server, typically the one that hosts the target resource. That is similar to what happens in Section 4.3 when the "URI discovery" step is repeated.


7.3. Link Confidentiality
7.3. 機密性をリンクします

When registrants publish information in the RD that is not available to any client that would query the registrant's /.well-known/core interface, or when lookups to that interface are subject to stricter firewalling than lookups to the RD, the RD may need to limit which lookup clients may access the information.

登録者がRDで、登録者の /.well-nking/coreインターフェイスを照会するクライアントが利用できない情報を公開する場合、またはそのインターフェイスを検索する場合、RDの検索よりも厳しいファイアーの対象となる場合、RDはする必要があります。どのルックアップクライアントが情報にアクセスできるかを制限します。

In this case, the endpoint (and not the lookup clients) needs to be careful to check the RD's authorization. The RD needs to check any lookup client's authorization before revealing information directly (in resource lookup) or indirectly (when using it to satisfy a resource lookup search criterion).


7.4. Segmentation
7.4. セグメンテーション

Within a single RD, different security policies can apply.


One example of this are multi-tenant deployments separated by the sector (d) parameter. Some sectors might apply limitations on the endpoint names available, while others use a random identifier approach to endpoint names and place limits on the entered links based on their attributes instead.


Care must be taken in such setups to determine the applicable access control measures to each operation. One easy way to do that is to mandate the use of the sector parameter on all operations, as no credentials are suitable for operations across sector borders anyway.


7.5. "First Come First Remembered": A Default Policy
7.5. 「最初に最初に覚えている」:デフォルトのポリシー

The "First Come First Remembered" policy is provided both as a reference example for a security policy definition and as a policy that implementations may choose to use as default policy in the absence of any other configuration. It is designed to enable efficient discovery operations even in ad hoc settings.

「First Come First Remembered」ポリシーは、セキュリティポリシーの定義の参照例として、また実装が他の構成がない場合にデフォルトポリシーとして使用することを選択できるポリシーの両方として提供されます。アドホックな設定でも効率的な発見操作を可能にするように設計されています。

Under this policy, the RD accepts registrations for any endpoint name that is not assigned to an active registration resource and only accepts registration updates from the same endpoint. The policy is minimal in that it does not make any promises to lookup clients about the claims of Sections 7.2 and 7.3, and promises about the claims in Section 7.1 are limited to the lifetime of that endpoint's registration. It does however promise the endpoint that, for the duration of its registration, its links will be discoverable on the RD.


When a registration or operation is attempted, the RD MUST determine the client's subject name or public key:


* If the client's credentials indicate any subject name that is certified by any authority that the RD recognizes (which may be the system's trust anchor store), all such subject names are stored. With credentials based on CWT or JWT (as common with Authentication and Authorization for Constrained Environments (ACE)), the Subject (sub) claim is stored as a single name, if it exists. With X.509 certificates, the Common Name (CN) and the complete list of SubjectAltName entries are stored. In both cases, the authority that certified the claim is stored along with the subject, as the latter may only be locally unique.

* クライアントの資格情報が、RDが認識している当局(システムの信頼アンカーストアである可能性がある)によって認定された件名名を示している場合、そのようなサブジェクト名はすべて保存されます。CWTまたはJWTに基づく資格情報(制約環境の認証と認可(ACE)に共通)では、件名(SUB)のクレームは、存在する場合、単一の名前として保存されます。X.509証明書を使用すると、共通名(CN)とsubjectaltnameエントリの完全なリストが保存されます。どちらの場合も、請求を認定した当局は、主題とともに保存されます。後者は地元でのみユニークである可能性があるためです。

* Otherwise, if the client proves possession of a private key, the matching public key is stored. This applies both to raw public keys and to the public keys indicated in certificates that failed the above authority check.

* それ以外の場合、クライアントが秘密鍵の所有権を証明した場合、一致する公開キーが保存されます。これは、生の公開キーと、上記の権限チェックに失敗した証明書に示されている公開キーの両方に適用されます。

* If neither is present, a reference to the security session itself is stored. With (D)TLS, that is the connection itself or the session resumption information, if available. With OSCORE, that is the security context.

* どちらも存在しない場合、セキュリティセッション自体への参照が保存されます。(d)TLSでは、利用可能な場合、接続自体またはセッション再開情報です。OSCOREでは、それがセキュリティコンテキストです。

As part of the registration operation, that information is stored along with the registration resource.


The RD MUST accept all registrations whose registration resource is not already active, as long as they are made using a security layer supported by the RD.


Any operation on a registration resource, including registrations that lead to an existing registration resource, MUST be rejected by the RD unless all the stored information is found in the new request's credentials.


Note that, even though subject names are compared in this policy, they are never directly compared to endpoint names, and an endpoint cannot expect to "own" any particular endpoint name outside of an active registration -- even if a certificate says so. It is an accepted shortcoming of this approach that the endpoint has no indication of whether the RD remembers it by its subject name or public key; recognition by subject happens on a best-effort basis (given the RD may not recognize any authority). Clients MUST be prepared to pick a different endpoint name when rejected by the RD initially or after a change in their credentials; picking an endpoint name, as per Section 7.1.1, is an easy option for that.


For this policy to be usable without configuration, clients should not set a sector name in their registrations. An RD can set a default sector name for registrations accepted under this policy, which is especially useful in a segmented setup where different policies apply to different sectors. The configuration of such a behavior, as well as any other configuration applicable to such an RD (i.e., the set of recognized authorities), is out of scope for this document.


8. Security Considerations
8. セキュリティ上の考慮事項

The security considerations as described in Section 5 of [RFC8288] and Section 6 of [RFC6690] apply. The /.well-known/core resource may be protected, e.g., using DTLS when hosted on a CoAP server, as described in [RFC7252].

[RFC8288]のセクション5および[RFC6690]のセクション6で説明されているセキュリティ上の考慮事項が適用されます。[RFC7252]で説明されているように、 /.Well-Nownd/Coreリソースは、たとえば、COAPサーバーでホストする場合にDTLSを使用して保護できます。

Access that is limited or affects sensitive data SHOULD be protected, e.g., using (D)TLS or OSCORE [RFC8613]; which aspects of the RD this affects depends on the security policies of the application (see Section 7).

制限されている、または機密データに影響を与えるアクセスは、(d)TLSまたはOSCORE [RFC8613]を使用して保護する必要があります。これに影響するRDのどの側面が、アプリケーションのセキュリティポリシーに依存します(セクション7を参照)。

8.1. Discovery
8.1. 発見

Most steps in discovery of the RD, and possibly its resources, are not covered by CoAP's security mechanisms. This will not endanger the security properties of the registrations and lookup itself (where the client requires authorization of the RD if it expects any security properties of the operation) but may leak the client's intention to third parties and allow them to slow down the process.


To mitigate that, clients can retain the RD's address, use secure discovery options (such as configured addresses), and send queries for RDs in a very general form (e.g., ?rt=core.rd* rather than ?rt=core.rd-lookup-ep).

それを軽減するために、クライアントはRDのアドレスを保持し、安全なディスカバリーオプション(構成アドレスなど)を使用し、RDのクエリを非常に一般的な形式で送信できます(例:?rt = core.rd*ではなく?rt = core.rd-lookup-ep)。

8.2. Endpoint Identification and Authentication
8.2. エンドポイントの識別と認証

An endpoint (name, sector) pair is unique within the set of endpoints registered by the RD. An endpoint MUST NOT be identified by its protocol, port, or IP address, as these may change over the lifetime of an endpoint.


Every operation performed by an endpoint on an RD SHOULD be mutually authenticated using a pre-shared key, a raw public key, or certificate-based security.


Consider the following threat: two devices, A and B, are registered at a single server. Both devices have unique, per-device credentials for use with DTLS to make sure that only parties with authorization to access A or B can do so.


Now, imagine that a malicious device A wants to sabotage the device B. It uses its credentials during the DTLS exchange. Then, it specifies the endpoint name of device B as the name of its own endpoint in device A. If the server does not check whether the identifier provided in the DTLS handshake matches the identifier used at the CoAP layer, then it may be inclined to use the endpoint name for looking up what information to provision to the malicious device.


Endpoint authorization needs to be checked on registration and registration resource operations independently of whether there are configured requirements on the credentials for a given endpoint name and sector (Section 7.1) or whether arbitrary names are accepted (Section 7.1.1).


Simple registration could be used to circumvent address-based access control. An attacker would send a simple registration request with the victim's address as the source address and later look up the victim's /.well-known/core content in the RD. Mitigation for this is recommended in Section 5.1.

簡単な登録を使用して、アドレスベースのアクセス制御を回避できます。攻撃者は、被害者の住所に簡単な登録リクエストを送信元住所として送信し、後でRDの /.Well-Nowned/Coreコンテンツを調べます。このための緩和は、セクション5.1で推奨されます。

The registration resource path is visible to any client that is allowed endpoint lookup and can be extracted by resource lookup clients as well. The same goes for registration attributes that are shown as target attributes or lookup attributes. The RD needs to consider this in the choice of registration resource paths, as do administrators or endpoints in their choice of attributes.


8.3. Access Control
8.3. アクセス制御

Access control SHOULD be performed separately for the RD registration and lookup API paths, as different endpoints may be authorized to register with an RD from those authorized to look up endpoints from the RD. Such access control SHOULD be performed in as fine-grained a level as possible. For example, access control for lookups could be performed either at the sector, endpoint, or resource level.


The precise access controls necessary (and the consequences of failure to enforce them) depend on the protection objectives of the application and the security policies (Section 7) derived from them.


8.4. Denial-of-Service Attacks
8.4. サービス拒否攻撃

Services that run over UDP unprotected are vulnerable to unknowingly amplify and distribute a DoS attack, as UDP does not require a return routability check. Since RD lookup responses can be significantly larger than requests, RDs are prone to this.


[RFC7252] describes this at length in its Section 11.3, including some mitigation by using small block sizes in responses. [RFC9175] updates that by describing a source address verification mechanism using the Echo option.


8.5. Skipping Freshness Checks
8.5. 新鮮さのチェックをスキップします

When RD-based applications are built in which request freshness checks are not performed, these concerns need to be balanced:


* When alterations to registration attributes are reordered, an attacker may create any combination of attributes ever set, with the attack difficulty determined by the security layer's replay properties.

* 登録属性の変更が再注文されると、攻撃者はこれまでに設定された属性の任意の組み合わせを作成する場合があり、攻撃の難易度はセキュリティレイヤーのリプレイプロパティによって決定されます。

For example, if Figure 18 were conducted without freshness assurances, an attacker could later reset the lifetime back to 7200. Thus, the device is made unreachable to lookup clients.


* When registration updates without query parameters (which just serve to restart the lifetime) can be reordered, an attacker can use intercepted messages to give the appearance of the device being alive to the RD.

* クエリパラメーターのない登録の更新(生涯を再起動するためだけに役立つ)を並べ替えることができれば、攻撃者はインターセプトされたメッセージを使用して、RDに生きているデバイスの外観を与えることができます。

This is unacceptable when the RD's security policy promises reachability of endpoints (e.g., when disappearing devices would trigger further investigation) but may be acceptable with other policies.


9. IANA Considerations
9. IANAの考慮事項
9.1. Resource Types
9.1. リソースタイプ

IANA has added the following values to the "Resource Type (rt=) Link Target Attribute Values" subregistry of the "Constrained RESTful Environments (CoRE) Parameters" registry defined in [RFC6690]:

IANAは、[RFC6690]で定義されている「制約付きRESTFUL環境(CORE)パラメーター」レジストリの「リソースタイプ(rt =)リンクターゲット属性値」のサブレジストリに次の値を追加しました。

    | Value              | Description                 | Reference   |
    | core.rd            | Directory resource of an RD | RFC 9176,   |
    |                    |                             | Section 4.3 |
    | core.rd-lookup-res | Resource lookup of an RD    | RFC 9176,   |
    |                    |                             | Section 4.3 |
    | core.rd-lookup-ep  | Endpoint lookup of an RD    | RFC 9176,   |
    |                    |                             | Section 4.3 |
    | core.rd-ep         | Endpoint resource of an RD  | RFC 9176,   |
    |                    |                             | Section 6   |

Table 2: Additions to Resource Type (rt=) Link Target Attribute Values Subregistry

表2:リソースタイプへの追加(rt =)リンクターゲット属性値サブレジストリ

9.2. IPv6 ND Resource Directory Address Option
9.2. IPv6 ndリソースディレクトリアドレスオプション

IANA has registered one new ND option type in the "IPv6 Neighbor Discovery Option Formats" subregistry of the "Internet Control Message Protocol version 6 (ICMPv6) Parameters" registry:

IANAは、「IPv6 Neighbor Discovery Option Formats」に「Internter Control Message Protocolバージョン6(ICMPV6)パラメーター」のサブレジストリに1つの新しいNDオプションタイプを登録しています。レジストリ:

         | Type | Description                       | Reference |
         | 41   | Resource Directory Address Option | RFC 9176  |

Table 3: Addition to IPv6 Neighbor Discovery Option Formats Subregistry

表3:IPv6 Neighbor Discovery Option Formats Subregistryに追加

9.3. RD Parameters Registry
9.3. RDパラメータレジストリ

This specification defines a new subregistry for registration and lookup parameters called "RD Parameters" within the "Constrained RESTful Environments (CoRE) Parameters" registry. Although this specification defines a basic set of parameters, it is expected that other standards that make use of this interface will define new ones.


Each entry in the registry must include:


* the human-readable name of the parameter,

* パラメーターの人間の読み取り可能な名前、

* the short name, as used in query parameters or target attributes,

* クエリパラメーターまたはターゲット属性で使用される短い名前、

* syntax and validity requirements (if any),

* 構文と妥当性の要件(ある場合)、

* indication of whether it can be passed as a query parameter at registration of endpoints, passed as a query parameter in lookups, or expressed as a target attribute,

* エンドポイントの登録時にクエリパラメーターとして渡すことができるか、ルックアップでクエリパラメーターとして渡されるか、ターゲット属性として表現できるかどうかを示しています。

* a description, and

* 説明、そして

* a link to reference documentation.

* 参照ドキュメントへのリンク。

The query parameter MUST be both a valid URI query key [RFC3986] and a token as used in [RFC8288].


The reference documentation must give details on whether the parameter can be updated and how it is to be processed in lookups.


The mechanisms around new RD parameters should be designed in such a way that they tolerate RD implementations that are unaware of the parameter and expose any parameter passed at registration or updates in endpoint lookups. (For example, if a parameter used at registration were to be confidential, the registering endpoint should be instructed to only set that parameter if the RD advertises support for keeping it confidential at the discovery step.)


Initial entries in this subregistry are as follows:


    | Name         | Short | Validity     | Use | Description         |
    | Endpoint     | ep    | Unicode*     | RLA | Name of the         |
    | Name         |       |              |     | endpoint            |
    | Lifetime     | lt    | 1-4294967295 | R   | Lifetime of the     |
    |              |       |              |     | registration in     |
    |              |       |              |     | seconds             |
    | Sector       | d     | Unicode*     | RLA | Sector to which     |
    |              |       |              |     | this endpoint       |
    |              |       |              |     | belongs             |
    | Registration | base  | URI          | RLA | The scheme,         |
    | Base URI     |       |              |     | address, port, and  |
    |              |       |              |     | path at which this  |
    |              |       |              |     | server is available |
    | Page         | page  | Integer      | L   | Used for pagination |
    | Count        | count | Integer      | L   | Used for pagination |
    | Endpoint     | et    | RFC 9176,    | RLA | Semantic type of    |
    | Type         |       | Section      |     | the endpoint (see   |
    |              |       | 9.3.1        |     | RFC 9176,           |
    |              |       |              |     | Section 9.4)        |

Table 4: New RD Parameters Registry




Short: Short name used in query parameters or target attributes




Unicode* = up to 63 bytes of UTF-8-encoded Unicode, with no control characters as per Section 5

Unicode* = UTF-8エンコードされたUnicodeの最大63バイトから、セクション5に従って制御文字はありません



R = used at registration L = used at lookup A = expressed in the target attribute

r =登録時に使用l =ルックアップで使用a =ターゲット属性で表現

The descriptions for the options defined in this document are only summarized here. To which registrations they apply and when they are to be shown are described in the respective sections of this document. All their reference documentation entries point to this document.


The IANA policy for future additions to the subregistry is Expert Review, as described in [RFC8126]. The evaluation should consider formal criteria, duplication of functionality (i.e., is the new entry redundant with an existing one?), topical suitability (e.g., is the described property actually a property of the endpoint and not a property of a particular resource, in which case it should go into the payload of the registration and need not be registered?), and the potential for conflict with commonly used target attributes (e.g., if could be used as a parameter for conditional registration if it were not to be used in lookup or attributes but would make a bad parameter for lookup because a resource lookup with an if query parameter could ambiguously filter by the registered endpoint property or the target attribute [RFC6690]).


9.3.1. Full Description of the "Endpoint Type" RD Parameter
9.3.1. 「エンドポイントタイプ」RDパラメーターの完全な説明

An endpoint registering at an RD can describe itself with endpoint types, similar to how resources are described with resource types in [RFC6690]. An endpoint type is expressed as a string, which can be either a URI or one of the values defined in the "Endpoint Type (et=) RD Parameter Values" subregistry. Endpoint types can be passed in the et query parameter as part of extra-attrs at the "registration" step of Section 5, are shown on endpoint lookups using the et target attribute, and can be filtered for using et as a search criterion in resource and endpoint lookup. Multiple endpoint types are given as separate query parameters or link attributes.

RDで登録するエンドポイントは、[RFC6690]のリソースタイプでリソースの説明方法と同様に、エンドポイントタイプでそれ自体を記述できます。エンドポイントタイプは文字列として表されます。これは、URIまたは「エンドポイントタイプ(ET =)RDパラメーター値」で定義されている値のいずれかである可能性があります。エンドポイントタイプは、セクション5の「登録」ステップでエクストラアトトルの一部としてETクエリパラメーターに渡すことができ、ETターゲット属性を使用してエンドポイントルックアップに表示され、リソースの検索基準としてETとして使用するためにフィルタリングできます。エンドポイントルックアップ。複数のエンドポイントタイプには、個別のクエリパラメーターまたはリンク属性として与えられます。

Note that the endpoint type differs from the resource type in that it uses multiple attributes rather than space-separated values. As a result, RDs implementing this specification automatically support correct filtering in the lookup interfaces from the rules for unknown endpoint attributes.


9.4. Endpoint Type (et=) RD Parameter Values
9.4. エンドポイントタイプ(ET =)RDパラメーター値

This specification establishes a new subregistry called "Endpoint Type (et=) RD Parameter Values" within the "Constrained RESTful Environments (CoRE) Parameters" registry. The registry properties (required policy, requirements, and template) are identical to those of the "Resource Type (rt=) Link Target Attribute Values" subregistry defined in [RFC6690]; in short, the review policy is IETF Review for values starting with "core" and Specification Required for others.

この仕様は、「制約付きのRESTFUL環境(CORE)パラメーター」レジストリ内の「エンドポイントタイプ(ET =)RDパラメーター値」と呼ばれる新しいサブレジストリを確立します。レジストリプロパティ(必要なポリシー、要件、およびテンプレート)は、[RFC6690]で定義されている「リソースタイプ(rt =)リンクターゲット属性値」サブレジストリのものと同一です。要するに、レビューポリシーは、「コア」と他の人に必要な仕様から始まる値のIETFレビューです。

The requirements to be enforced are:


* The values MUST be related to the purpose described in Section 9.3.1.

* 値は、セクション9.3.1で説明されている目的に関連している必要があります。

* The registered values MUST conform to the ABNF reg-rel-type definition of [RFC6690] and MUST NOT be a URI.

* 登録値は、[RFC6690]のABNF REG-RELタイプの定義に準拠する必要があり、URIであってはなりません。

* It is recommended to use the period "." character for segmentation.

* 期間を使用することをお勧めします。セグメンテーションのキャラクター。

The initial contents of the registry are as follows:


    | Value         | Description                        | Reference |
    | core.rd-group | An application group, as described | RFC 9176  |
    |               | in RFC 9176, Appendix A.           |           |

Table 5: New Endpoint Type (et=) RD Parameter Values Registry

表5:新しいエンドポイントタイプ(ET =)RDパラメーター値レジストリ

9.5. Multicast Address Registration
9.5. マルチキャストアドレス登録

IANA has assigned the following multicast addresses for use by CoAP nodes:


IPv4 -- "All CoRE Resource Directories" address, in the "Internetwork Control Block ( - (224.0.1/24))" subregistry within the "IPv4 Multicast Address Space Registry". As the address is used for discovery that may span beyond a single network, it has come from the Internetwork Control Block (224.0.1.x) [RFC5771].


IPv6 -- "All CoRE Resource Directories" address ff0x::fe, in the "Variable Scope Multicast Addresses" subregistry within the "IPv6 Multicast Address Space Registry" [RFC3307]. Note that there is a distinct multicast address for each scope that interested CoAP nodes should listen to; CoAP needs the link-local and site-local scopes only.

IPv6-「すべてのコアリソースディレクトリ」アドレスFF0X :: FE、「IPv6マルチキャストアドレススペースレジストリ」[RFC3307]内の「可変スコープマルチキャストアドレス」サブレジストリ。興味のあるCOAPノードが聞く必要がある各スコープには、明確なマルチキャストアドレスがあることに注意してください。COAPには、Link-LocalおよびSite-Local Scopesのみが必要です。

9.6. Well-Known URIs
9.6. 有名なウリス

IANA has registered the URI suffix "rd" in the "Well-Known URIs" registry as follows:


        | URI Suffix | Change Controller | Reference | Status    |
        | rd         | IETF              | RFC 9176  | permanent |

Table 6: Addition to Well-Known URIs Registry


9.7. Service Name and Transport Protocol Port Number Registry
9.7. サービス名と輸送プロトコルポート番号レジストリ

IANA has added four new items to the "Service Name and Transport Protocol Port Number Registry" as follows:


      | Service Name | Transport | Description         | Reference |
      |              | Protocol  |                     |           |
      | core-rd      | udp       | Resource Directory  | RFC 9176  |
      |              |           | accessed using CoAP |           |
      | core-rd-dtls | udp       | Resource Directory  | RFC 9176  |
      |              |           | accessed using CoAP |           |
      |              |           | over DTLS           |           |
      | core-rd      | tcp       | Resource Directory  | RFC 9176  |
      |              |           | accessed using CoAP |           |
      |              |           | over TCP            |           |
      | core-rd-tls  | tcp       | Resource Directory  | RFC 9176  |
      |              |           | accessed using CoAP |           |
      |              |           | over TLS            |           |

Table 7: Additions to Service Name and Transport Protocol Port Number Registry


10. Examples
10. 例

Two examples are presented: a lighting installation example in Section 10.1 and a Lightweight M2M (LwM2M) example in Section 10.2.


10.1. Lighting Installation
10.1. 照明の設置

This example shows a simplified lighting installation that makes use of the RD with a CoAP interface to facilitate the installation and startup of the application code in the lights and sensors. In particular, the example leads to the definition of a group and the enabling of the corresponding multicast address, as described in Appendix A. No conclusions must be drawn on the realization of actual installation or naming procedures, because the example only emphasizes some of the issues that may influence the use of the RD and does not pretend to be normative.


10.1.1. Installation Characteristics
10.1.1. インストール特性

The example assumes that the installation is managed. That means that a Commissioning Tool (CT) is used to authorize the addition of nodes, name them, and name their services. The CT can be connected to the installation in many ways: the CT can be part of the installation network, connected by Wi-Fi to the installation network, connected via GPRS link, or connected by another method.


It is assumed that there are two naming authorities for the installation: (1) the network manager that is responsible for the correct operation of the network and the connected interfaces and (2) the lighting manager that is responsible for the correct functioning of networked lights and sensors. The result is the existence of two naming schemes coming from the two managing entities.


The example installation consists of one presence sensor and two luminaries, luminary1 and luminary2, each with their own wireless interface. Each luminary contains three lamps: left, right, and middle. Each luminary is accessible through one endpoint. For each lamp, a resource exists to modify the settings of a lamp in a luminary. The purpose of the installation is that the presence sensor notifies the presence of persons to a group of lamps. The group of lamps consists of the middle and left lamps of luminary1 and the right lamp of luminary2.


Before commissioning by the lighting manager, the network is installed, and access to the interfaces is proven to work by the network manager.


At the moment of installation, the network under installation is not necessarily connected to the DNS infrastructure. Therefore, Stateless Address Autoconfiguration (SLAAC) IPv6 addresses are assigned to CT, RD, luminaries, and the sensor. The addresses shown in Table 8 below stand in for these in the following examples.


                   | Name            | IPv6 address   |
                   | luminary1       | 2001:db8:4::1  |
                   | luminary2       | 2001:db8:4::2  |
                   | Presence sensor | 2001:db8:4::3  |
                   | RD              | 2001:db8:4::ff |

Table 8: Addresses Used in the Examples


In Section 10.1.2, the use of RD during installation is presented.


10.1.2. RD Entries
10.1.2. RDエントリ

It is assumed that access to the DNS infrastructure is not always possible during installation. Therefore, the SLAAC addresses are used in this section.


For discovery, the resource types (rt) of the devices are important. The lamps in the luminaries have,2020:light, and the presence sensor has,2020:p-sensor. The endpoints have names that are relevant to the light installation manager. In this case, luminary1, luminary2, and the presence sensor are located in room 2-4-015, where luminary1 is located at the window and luminary2 and the presence sensor are located at the door. The endpoint names reflect this physical location. The middle, left, and right lamps are accessed via path /light/middle, /light/left, and /light/right, respectively. The identifiers relevant to the RD are shown in Table 9.

発見のために、デバイスのリソースタイプ(RT)が重要です。著名人のランプにはrt =、2020:light、および存在感センサーにはrt =、2020:p-sensorがあります。エンドポイントには、Light Installation Managerに関連する名前があります。この場合、luminary1、Luminar2、および存在センサーは、窓にある部屋2-4-015にあります。Luminar1は窓にあり、Luminar2があり、存在センサーはドアにあります。エンドポイント名はこの物理的な場所を反映しています。中央、左、右のランプは、それぞれパス /ライト /ミドル、 /ライト /左、および /右 /右からアクセスできます。RDに関連する識別子を表9に示します。

   |Name     |Endpoint        |Resource| Resource Type                 |
   |         |                |Path    |                               |
   |luminary1|lm_R2-4-015_wndw|/light/ |,2020:light    |
   |         |                |left    |                               |
   |luminary1|lm_R2-4-015_wndw|/light/ |,2020:light    |
   |         |                |middle  |                               |
   |luminary1|lm_R2-4-015_wndw|/light/ |,2020:light    |
   |         |                |right   |                               |
   |luminary2|lm_R2-4-015_door|/light/ |,2020:light    |
   |         |                |left    |                               |
   |luminary2|lm_R2-4-015_door|/light/ |,2020:light    |
   |         |                |middle  |                               |
   |luminary2|lm_R2-4-015_door|/light/ |,2020:light    |
   |         |                |right   |                               |
   |Presence |ps_R2-4-015_door|/ps     |,2020:p-sensor |
   |sensor   |                |        |                               |

Table 9: RD Identifiers


It is assumed that the CT has performed RD discovery and has received a response like the one in the example in Section 4.3.


The CT inserts the endpoints of the luminaries and the sensor in the RD using the registration base URI parameter (base) to specify the interface address:


   Req: POST coap://[2001:db8:4::ff]/rd
   Res: 2.01 Created
   Location-Path: /rd/4521
   Req: POST coap://[2001:db8:4::ff]/rd
   Res: 2.01 Created
   Location-Path: /rd/4522
   Req: POST coap://[2001:db8:4::ff]/rd
   Res: 2.01 Created
   Location-Path: /rd/4523

Figure 24: Example of Registrations a CT Enters into an RD


The sector name d=R2-4-015 has been added for an efficient lookup because filtering on the "ep" name is more awkward. The same sector name is communicated to the two luminaries and the presence sensor by the CT.

セクター名D = R2-4-015は、「EP」名のフィルタリングがより厄介であるため、効率的な検索のために追加されました。同じセクター名が2つの著名人とCTによって存在感センサーに通信されます。

The group is specified in the RD. The base parameter is set to the site-local multicast address allocated to the group. In the POST in the example below, the resources supported by all group members are published.


   Req: POST coap://[2001:db8:4::ff]/rd
   Res: 2.01 Created
   Location-Path: /rd/501

Figure 25: Example of a Multicast Group a CT Enters into an RD

図25:マルチキャストグループA CTの例がRDに入ります

After the filling of the RD by the CT, the application in the luminaries can learn to which groups they belong and enable their interface for the multicast address.


The luminary, knowing its sector and being configured to join any group containing lights, searches for candidate groups and joins them:


   Req: GET coap://[2001:db8:4::ff]/rd-lookup/ep
   Res: 2.05 Content

Figure 26: Example of a Lookup Exchange to Find Suitable Multicast Addresses


From the returned base parameter value, the luminary learns the multicast address of the multicast group.


The presence sensor can learn the presence of groups that support resources with,2020:light in its own sector by sending the same request, as used by the luminary. The presence sensor learns the multicast address to use for sending messages to the luminaries.

存在感センサーは、RT =、2020:Light of the Luminaryが使用するのと同じリクエストを送信することにより、独自のセクターのライトを使用してリソースをサポートするグループの存在を学習できます。存在感センサーは、著名人にメッセージを送信するために使用するマルチキャストアドレスを学習します。

10.2. OMA Lightweight M2M (LwM2M)
10.2. OMA軽量M2M(LWM2M)

OMA LwM2M is a profile for device services based on CoAP, providing interfaces and operations for device management and device service enablement.

OMA LWM2Mは、COAPに基づいたデバイスサービスのプロファイルであり、デバイス管理とデバイスサービスの有効化にインターフェイスと操作を提供します。

An LwM2M server is an instance of an LwM2M middleware service layer, containing an RD ([LwM2M], starting at page 36).


That RD only implements the registration interface, and no lookup is implemented. Instead, the LwM2M server provides access to the registered resources in a similar way to a reverse proxy.


The location of the LwM2M server and RD URI path is provided by the LwM2M bootstrap process, so no dynamic discovery of the RD is used. LwM2M servers and endpoints are not required to implement the /.well-known/core resource.

LWM2MサーバーとRD URIパスの位置は、LWM2Mブートストラッププロセスによって提供されるため、RDの動的な発見は使用されません。LWM2Mサーバーとエンドポイントは、 /.well-nown /coreリソースを実装するために必要はありません。

11. References
11. 参考文献
11.1. Normative References
11.1. 引用文献

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <>.

[RFC2119] Bradner、S。、「要件レベルを示すためにRFCで使用するためのキーワード」、BCP 14、RFC 2119、DOI 10.17487/RFC2119、1997年3月、<>。

[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform Resource Identifier (URI): Generic Syntax", STD 66, RFC 3986, DOI 10.17487/RFC3986, January 2005, <>.

[RFC3986] Berners-Lee、T.、Fielding、R。、およびL. Masinter、「Uniform Resource Identifier(URI):Generic Syntax」、Std 66、RFC 3986、DOI 10.17487/RFC3986、2005年1月、<>。

[RFC6570] Gregorio, J., Fielding, R., Hadley, M., Nottingham, M., and D. Orchard, "URI Template", RFC 6570, DOI 10.17487/RFC6570, March 2012, <>.

[RFC6570]グレゴリオ、J。、フィールディング、R。、ハドリー、M。、ノッティンガム、M。、およびD.オーチャード、「URIテンプレート」、RFC 6570、DOI 10.17487/RFC6570、2012年3月、<https://>。

[RFC6690] Shelby, Z., "Constrained RESTful Environments (CoRE) Link Format", RFC 6690, DOI 10.17487/RFC6690, August 2012, <>.

[RFC6690]シェルビー、Z。、「制約付き安静環境(コア)リンク形式」、RFC 6690、DOI 10.17487/RFC6690、2012年8月、<>

[RFC6763] Cheshire, S. and M. Krochmal, "DNS-Based Service Discovery", RFC 6763, DOI 10.17487/RFC6763, February 2013, <>.

[RFC6763] Cheshire、S。およびM. Krochmal、「DNSベースのサービスディスカバリー」、RFC 6763、DOI 10.17487/RFC6763、2013年2月、<>

[RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing", RFC 7230, DOI 10.17487/RFC7230, June 2014, <>.

[RFC7230] Fielding、R.、ed。and J. Reschke、ed。、「HyperText Transfer Protocol(HTTP/1.1):メッセージの構文とルーティング」、RFC 7230、DOI 10.17487/RFC7230、2014年6月、<>。

[RFC7252] Shelby, Z., Hartke, K., and C. Bormann, "The Constrained Application Protocol (CoAP)", RFC 7252, DOI 10.17487/RFC7252, June 2014, <>.

[RFC7252] Shelby、Z.、Hartke、K。、およびC. Bormann、「制約付きアプリケーションプロトコル(COAP)」、RFC 7252、DOI 10.17487/RFC7252、2014年6月、<https://www.rfc-editor。org/info/rfc7252>。

[RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 8126, DOI 10.17487/RFC8126, June 2017, <>.

[RFC8126] Cotton、M.、Leiba、B。、およびT. Narten、「RFCSでIANA考慮事項セクションを書くためのガイドライン」、BCP 26、RFC 8126、DOI 10.17487/RFC8126、2017年6月、<https://>。

[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, <>.

[RFC8174] Leiba、B。、「RFC 2119キーワードの大文字と小文字のあいまいさ」、BCP 14、RFC 8174、DOI 10.17487/RFC8174、2017年5月、<>。

[RFC8288] Nottingham, M., "Web Linking", RFC 8288, DOI 10.17487/RFC8288, October 2017, <>.

[RFC8288]ノッティンガム、M。、「Webリンク」、RFC 8288、DOI 10.17487/RFC8288、2017年10月、<>。

[RFC9175] Amsüss, C., Preuß Mattsson, J., and G. Selander, "Constrained Application Protocol (CoAP): Echo, Request-Tag, and Token Processing", RFC 9175, DOI 10.17487/RFC9175, February 2022, <>.

[RFC9175]Amsüss、C.、PreußMattsson、J。、およびG. Selander、「制約付きアプリケーションプロトコル(COAP):Echo、Request-Tag、およびToken Processing」、RFC 9175、DOI 10.17487/RFC9175、2月2022年、<<<<>。

11.2. Informative References
11.2. 参考引用

[ACE-OAUTH-AUTHZ] Seitz, L., Selander, G., Wahlstroem, E., Erdtman, S., and H. Tschofenig, "Authentication and Authorization for Constrained Environments (ACE) using the OAuth 2.0 Framework (ACE-OAuth)", Work in Progress, Internet-Draft, draft-ietf-ace-oauth-authz-46, 8 November 2021, <>.

[Ace-oauth-authz] Seitz、L.、Selander、G.、Wahlstroem、E.、Erdtman、S。、およびH. Tschofenig、「OAUTH 2.0フレームワークを使用した制約環境(ACE)の認証と認証(ACE)(ACE-oauth) "、進行中の作業、インターネットドラフト、ドラフト-iitf-ace-oauth-authz-46、2021年11月8日、<>。

[COAP-PROT-NEG] Silverajan, B. and M. Ocak, "CoAP Protocol Negotiation", Work in Progress, Internet-Draft, draft-silverajan-core-coap-protocol-negotiation-09, 2 July 2018, <>.

[Coap-Prot-neg] Silverajan、B。and M. Ocak、「Coap Protocol Negotiation」、Work in Progress、Internet-Draft、Draft-Silverajan-Core-Coap-Protocol-Negotiation-09、2018、<>。

[CORE-CORAL] Amsüss, C. and T. Fossati, "The Constrained RESTful Application Language (CoRAL)", Work in Progress, Internet-Draft, draft-ietf-core-coral-05, 7 March 2022, <>.

[Core-coral]Amsüss、C。and T. Fossati、「The Constared Restful Application Language(Coral)」、Progress、Internet-Draft、Draft-Itef-Core-Coral-05、2022年3月7日、<HTTPS://>。

[CORE-LINKS-JSON] Li, K., Rahman, A., and C. Bormann, Ed., "Representing Constrained RESTful Environments (CoRE) Link Format in JSON and CBOR", Work in Progress, Internet-Draft, draft-ietf-core-links-json-10, 26 February 2018, <>.

[Core-Links-Json] Li、K.、Rahman、A。、およびC. Bormann、ed。、「JSONおよびCBORの制約された安らかな環境(コア)リンク形式を表す」、進行中の作業、インターネットドラフト、ドラフト-ietf-core-links-json-10、2018年2月26日、<>。

[CORE-RD-DNS-SD] van der Stok, P., Koster, M., and C. Amsuess, "CoRE Resource Directory: DNS-SD mapping", Work in Progress, Internet-Draft, draft-ietf-core-rd-dns-sd-05, 7 July 2019, <>.

[core-rd-dns-sd] van der Stok、P.、Koster、M。、およびC. Amsuess、「コアリソースディレクトリ:DNS-SDマッピング」、進行中の作業、インターネットドラフト、ドラフト-ITEF-CORE-rd-dns-sd-05、2019年7月7日、<>。

[ER] Chen, P., "The entity-relationship model--toward a unified view of data", ACM Transactions on Database Systems, Vol. 1, pp. 9-36, DOI 10.1145/320434.320440, March 1976, <>.

[ER] Chen、P。、「エンティティ関連モデル - データの統一ビュー」、データベースシステムのACMトランザクション、Vol。1、pp。9-36、DOI 10.1145/320434.320440、1976年3月、<>。

[LwM2M] Open Mobile Alliance, "Lightweight Machine to Machine Technical Specification: Transport Bindings (Candidate Version 1.1)", June 2018, < V1_1-20180612-C/OMA-TS-LightweightM2M_Transport-V1_1-20180612-C.pdf>.

[LWM2M]オープンモバイルアライアンス、「機械技術仕様への軽量マシン:輸送バインディング(候補バージョン1.1)」、2018年6月、< V1_1-20180612-C/OMA-TS-LightWeightM2M_TRANSPORT-V1_1-20180612-C.PDF>。

[RFC3306] Haberman, B. and D. Thaler, "Unicast-Prefix-based IPv6 Multicast Addresses", RFC 3306, DOI 10.17487/RFC3306, August 2002, <>.

[RFC3306] Haberman、B。and D. Thaler、「Unicast-PrefixベースのIPv6マルチキャストアドレス」、RFC 3306、DOI 10.17487/RFC3306、2002年8月、<>。

[RFC3307] Haberman, B., "Allocation Guidelines for IPv6 Multicast Addresses", RFC 3307, DOI 10.17487/RFC3307, August 2002, <>.

[RFC3307] Haberman、B。、「IPv6マルチキャストアドレスの割り当てガイドライン」、RFC 3307、DOI 10.17487/RFC3307、2002年8月、<>。

[RFC3849] Huston, G., Lord, A., and P. Smith, "IPv6 Address Prefix Reserved for Documentation", RFC 3849, DOI 10.17487/RFC3849, July 2004, <>.

[RFC3849] Huston、G.、Lord、A。、およびP. Smith、「IPv6アドレスはドキュメント用に予約されている」、RFC 3849、DOI 10.17487/RFC3849、2004年7月、<>。

[RFC4122] Leach, P., Mealling, M., and R. Salz, "A Universally Unique IDentifier (UUID) URN Namespace", RFC 4122, DOI 10.17487/RFC4122, July 2005, <>.

[RFC4122] Leach、P.、Mealling、M.、およびR. Salz、「普遍的にユニークな識別子(UUID)URNネームスペース」、RFC 4122、DOI 10.17487/RFC4122、2005年7月、<>。

[RFC4944] Montenegro, G., Kushalnagar, N., Hui, J., and D. Culler, "Transmission of IPv6 Packets over IEEE 802.15.4 Networks", RFC 4944, DOI 10.17487/RFC4944, September 2007, <>.

[RFC4944] Montenegro、G.、Kushalnagar、N.、Hui、J。、およびD. Culler、「IEEE 802.15.4ネットワークを介したIPv6パケットの送信」、RFC 4944、DOI 10.17487/RFC4944、2007年9月、<HTPS://>。

[RFC5771] Cotton, M., Vegoda, L., and D. Meyer, "IANA Guidelines for IPv4 Multicast Address Assignments", BCP 51, RFC 5771, DOI 10.17487/RFC5771, March 2010, <>.

[RFC5771] Cotton、M.、Vegoda、L。、およびD. Meyer、「IPv4マルチキャストアドレス割り当てのIANAガイドライン」、BCP 51、RFC 5771、DOI 10.17487/RFC5771、2010年3月、<>。

[RFC6724] Thaler, D., Ed., Draves, R., Matsumoto, A., and T. Chown, "Default Address Selection for Internet Protocol Version 6 (IPv6)", RFC 6724, DOI 10.17487/RFC6724, September 2012, <>.

[RFC6724] Thaler、D.、Ed。、ed。、Draves、R.、Matsumoto、A。、およびT. Chown、「インターネットプロトコルバージョン6(IPv6)のデフォルトアドレス選択」、RFC 6724、DOI 10.17487/RFC6724、2012年9月、<>。

[RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C. Bormann, "Neighbor Discovery Optimization for IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs)", RFC 6775, DOI 10.17487/RFC6775, November 2012, <>.

[RFC6775] Shelby、Z.、Ed。、Chakrabarti、S.、Nordmark、E。、およびC. Bormann、「低電力ワイヤレスパーソナルエリアネットワーク(6lowpans)を超えるIPv6の近隣発見最適化」、RFC 6775、DOI 10.17487/RFC6775、2012年11月、<>。

[RFC6874] Carpenter, B., Cheshire, S., and R. Hinden, "Representing IPv6 Zone Identifiers in Address Literals and Uniform Resource Identifiers", RFC 6874, DOI 10.17487/RFC6874, February 2013, <>.

[RFC6874] Carpenter、B.、Cheshire、S。、およびR. Hinden、「住所リテラルおよび均一なリソース識別子のIPv6ゾーン識別子を表す」、RFC 6874、DOI 10.17487/RFC6874、2013年2月、<https:// www。>。

[RFC7228] Bormann, C., Ersue, M., and A. Keranen, "Terminology for Constrained-Node Networks", RFC 7228, DOI 10.17487/RFC7228, May 2014, <>.

[RFC7228] Bormann、C.、Ersue、M。、およびA. Keranen、「制約ノードネットワークの用語」、RFC 7228、DOI 10.17487/RFC7228、2014年5月、<>。

[RFC7641] Hartke, K., "Observing Resources in the Constrained Application Protocol (CoAP)", RFC 7641, DOI 10.17487/RFC7641, September 2015, <>.

[RFC7641] Hartke、K。、「制約付きアプリケーションプロトコル(COAP)のリソースの観察」、RFC 7641、DOI 10.17487/RFC7641、2015年9月、<>。

[RFC8106] Jeong, J., Park, S., Beloeil, L., and S. Madanapalli, "IPv6 Router Advertisement Options for DNS Configuration", RFC 8106, DOI 10.17487/RFC8106, March 2017, <>.

[RFC8106] Jeong、J.、Park、S.、Beloeil、L。、およびS. Madanapalli、「DNS構成のIPv6ルーター広告オプション」、RFC 8106、DOI 10.17487/RFC8106、2017年3月、<>。

[RFC8132] van der Stok, P., Bormann, C., and A. Sehgal, "PATCH and FETCH Methods for the Constrained Application Protocol (CoAP)", RFC 8132, DOI 10.17487/RFC8132, April 2017, <>.

[RFC8132] van der Stok、P.、Bormann、C。、およびA. Sehgal、「制約付きアプリケーションプロトコル(COAP)のパッチおよびフェッチ方法」、RFC 8132、DOI 10.17487/RFC8132、2017年4月、<https:/<>。

[RFC8141] Saint-Andre, P. and J. Klensin, "Uniform Resource Names (URNs)", RFC 8141, DOI 10.17487/RFC8141, April 2017, <>.

[RFC8141] Saint-Andre、P。and J. Klensin、「Uniform Resource名(URNS)」、RFC 8141、DOI 10.17487/RFC8141、2017年4月、<>。

[RFC8613] Selander, G., Mattsson, J., Palombini, F., and L. Seitz, "Object Security for Constrained RESTful Environments (OSCORE)", RFC 8613, DOI 10.17487/RFC8613, July 2019, <>.

[RFC8613] Selander、G.、Mattsson、J.、Palombini、F.、およびL. Seitz、「制約された安らかな環境のオブジェクトセキュリティ(OSCORE)」、RFC 8613、DOI 10.17487/RFC8613、2019年7月、<HTTPS://>。

[T2TRG-REL-IMPL] Bormann, C., "impl-info: A link relation type for disclosing implementation information", Work in Progress, Internet-Draft, draft-bormann-t2trg-rel-impl-02, 27 September 2020, < draft-bormann-t2trg-rel-impl-02>.

[T2TRG-REL-IMPL] Bormann、C。、「Impl-info:実装情報を開示するためのリンク関係タイプ」、進行中の作業、インターネットドラフト、ドラフトボルマン-T2TRG-REL-IMPL-02、2020年9月27日、< draft-bormann-t2trg-rel-impl-02>。

Appendix A. Groups Registration and Lookup

The RD-Group's usage pattern allows announcing application groups inside an RD.


Groups are represented by endpoint registrations. Their base address is a multicast address, and they SHOULD be entered with the endpoint type core.rd-group. The endpoint name can also be referred to as a group name in this context.


The registration is inserted into the RD by a Commissioning Tool, which might also be known as a group manager here. It performs third-party registration and registration updates.


The links it registers SHOULD be available on all members that join the group. Depending on the application, members that lack some resources MAY be permissible if requests to them fail gracefully.


The following example shows a CT registering a group with the name "lights", which provides two resources. The directory resource path /rd is an example RD location discovered in a request similar to Figure 5. The group address in the example is constructed from the reserved 2001:db8:: prefix in [RFC3849] as a unicast-prefix-based site-local address (see [RFC3306]).

次の例は、2つのリソースを提供する「Lights」という名前のグループを登録するCTを示しています。ディレクトリリソースパス /RDは、図5と同様のリクエストで発見されたRDの例です。例のグループアドレスは、2001年に予約された2001年から構築されています。ローカルアドレス([RFC3306]を参照)。

   Req: POST coap://
   Content-Format: 40
   Res: 2.01 Created
   Location-Path: /rd/12

Figure 27: Example Registration of a Group


In this example, the group manager can easily permit devices that have no writable color-temperature to join, as they would still respond to brightness-changing commands. Had the group instead contained a single resource that sets brightness and color-temperature atomically, endpoints would need to support both properties.


The resources of a group can be looked up like any other resource, and the group registrations (along with any additional registration parameters) can be looked up using the endpoint lookup interface.


The following example shows a client performing an endpoint lookup for all groups:


   Req: GET /rd-lookup/ep?et=core.rd-group
   Res: 2.05 Content

Figure 28: Example Lookup of Groups


The following example shows a client performing a lookup of all resources of all endpoints (groups) with et=core.rd-group:

次の例は、ET = Core.RD-Groupを使用して、すべてのエンドポイント(グループ)のすべてのリソースのルックアップを実行するクライアントを示しています。

   Req: GET /rd-lookup/res?et=core.rd-group
   Res: 2.05 Content

Figure 29: Example Lookup of Resources Inside Groups


Appendix B. Web Links and the Resource Directory
付録B. Webリンクとリソースディレクトリ

Understanding the semantics of a link-format document and its URI references is a journey through different documents ([RFC3986] defining URIs, [RFC6690] defining link-format documents based on [RFC8288], which defines Link header fields, and [RFC7252] providing the transport). This appendix summarizes the mechanisms and semantics at play from an entry in /.well-known/core to a resource lookup.

リンクフォーマットドキュメントとそのURI参照のセマンティクスを理解することは、さまざまなドキュメントを通る旅です([RFC3986] URIS、[RFC6690]リンクヘッダーフィールドを定義する[RFC8288]に基づくリンク形式ドキュメントを定義し、[RFC72522]を定義する[RFC7252]輸送を提供する)。この付録は、 /.well-known /coreのエントリからリソースルックアップまでのメカニズムとセマンティクスを要約しています。

This text is primarily aimed at people entering the field of Constrained Restful Environments from applications that previously did not use web mechanisms.


B.1. A Simple Example
B.1. 簡単な例

Let's start this example with a very simple host, 2001:db8:f0::1. A client that follows classical CoAP discovery ([RFC7252], Section 7) sends the following multicast request to learn about neighbors supporting resources with resource-type "temperature".

この例を非常にシンプルなホスト、2001:db8:f0 :: 1から始めましょう。古典的なCOAPディスカバリー([RFC7252]、セクション7)に続くクライアントは、次のマルチキャストリクエストを送信して、リソースタイプの「温度」でリソースをサポートする隣人について学習します。

The client sends a link-local multicast:


   Req: GET coap://[ff02::fd]:5683/.well-known/core?rt=temperature
   Res: 2.05 Content

Figure 30: Example of Direct Resource Discovery


where the response is sent by the server, [2001:db8:f0::1]:5683.

応答がサーバーによって送信される場所[2001:DB8:F0 :: 1]:5683。

While a practical client side implementation might just go ahead and create a new request to [2001:db8:f0::1]:5683 with Uri-Path sensors and temp, the full resolution steps for insertion into and retrieval from the RD without any shortcuts are as follows.

実際のクライアント側の実装が先に進み、[2001:DB8:F0 :: 1]への新しいリクエストを作成するかもしれませんが、URI-PATHセンサーと温度を使用して、RDへの挿入と検索の完全な解像度の手順は、ショートカットは次のとおりです。

B.1.1. Resolving the URIs
B.1.1. URIの解決

The client parses the single returned link. Its target (sometimes called "href") is /sensors/temp, which is a relative URI that needs resolving. The base URI coap://[ff02::fd]:5683/.well-known/core is used to resolve the reference against /sensors/temp.

クライアントは、シングルリンクリンクを解析します。そのターゲット(「HREF」と呼ばれることもあります)は /センサー /温度であり、解決が必要な相対的なURIです。ベースURI COAP:// [FF02 :: FD]:5683/.Well-known/Coreは、/センサー/温度に対する参照を解決するために使用されます。

The base URI of the requested resource can be composed from the options of the CoAP GET request by following the steps of [RFC7252], Section 6.5 (with an addition at the end of Section 8.2) into coap://[2001:db8:f0::1]/.well-known/core.

要求されたリソースのベースURIは、[RFC7252]の手順に従って、セクション6.5(セクション8.2の終わりに追加)の手順に従って、COAP GETリクエストのオプションから構成できます:// [2001:DB8:f0 :: 1]/。有名/コア。

Because /sensors/temp starts with a single slash, the link's target is resolved by replacing the path /.well-known/core from the base URI ([RFC3986], Section 5.2) with the relative target URI /sensors/temp into coap://[2001:db8:f0::1]/sensors/temp.

/センサー /温度は単一のスラッシュで始まるため、リンクのターゲットは、ベースURI([RFC3986]、セクション5.2)のパス /.Well-NownS/Coreを相対ターゲットURI /センサー /TEMPからCOAPに置き換えることで解決されます。:// [2001:db8:f0 :: 1]/センサー/温度。

B.1.2. Interpreting Attributes and Relations
B.1.2. 属性と関係の解釈

Some more information about the link's target can be obtained from the payload: the resource type of the target is "temperature", and its content format is text/plain (ct=0).

リンクのターゲットに関するいくつかの情報は、ペイロードから取得できます。ターゲットのリソースタイプは「温度」であり、そのコンテンツ形式はテキスト/プレーン(CT = 0)です。

A relation in a web link is a three-part statement that specifies a named relation between the so-called "context resource" and the target resource, like "_This page_ has _its table of contents_ at _/ toc.html_". In link-format documents, there is an implicit "host relation" specified with default parameter rel="hosts".

Webリンクの関係は、いわゆる「コンテキストリソース」とターゲットリソースの間の名前付き関係を指定する3部構成のステートメントです。リンク形式のドキュメントには、デフォルトのパラメーターrel = "hosts"で指定された暗黙の「ホスト関係」があります。

In our example, the context resource of the link is implied to be coap:://[2001:db8:f0::1] by the default value of the anchor (see Appendix B.4). A full English expression of the "host relation" is:

この例では、リンクのコンテキストリソースは、アンカーのデフォルト値によってCOAP :: // [2001:DB8:F0 :: 1]であることを暗示しています(付録B.4を参照)。「ホスト関係」の完全な英語の表現は次のとおりです。

coap://[2001:db8:f0::1] is hosting the resource coap://[2001:db8:f0::1]/sensors/temp, which is of the resource type "temperature" and can be read in the text/plain content format.

coap:// [2001:db8:f0 :: 1]はリソースをホストしていますcoap:// [2001:db8:f0 :: 1]/センサー/温度は、リソースタイプの「温度」であり、読むことができますテキスト/プレーンコンテンツ形式。

B.2. A Slightly More Complex Example
B.2. 少し複雑な例

Omitting the rt=temperature filter, the discovery query would have given some more links in the payload:

RT =温度フィルターを省略すると、ディスカバリークエリはペイロードにさらにいくつかのリンクが与えられます。

   Req: GET coap://[ff02::fd]:5683/.well-known/core
   Res: 2.05 Content

Figure 31: Extended Example of Direct Resource Discovery


Parsing the third link, the client encounters the "anchor" parameter. It is a URI relative to the base URI of the request and is thus resolved to coap://[2001:db8:f0::1]/sensors/temp. That is the context resource of the link, so the "rel" statement is not about the target and the base URI any more but about the target and the resolved URI. Thus, the third link could be read as:

3番目のリンクを解析すると、クライアントは「アンカー」パラメーターに遭遇します。これは、リクエストのベースURIに対するURIであるため、Coap:// [2001:db8:f0 :: 1]/センサー/温度に解決されます。これがリンクのコンテキストリソースであるため、「Rel」ステートメントは、ターゲットとベースURIに関するものではなく、ターゲットと解決されたURIに関するものではありません。したがって、3番目のリンクは次のように読み取ることができます。

coap://[2001:db8:f0::1]/sensors/temp has an alternate representation at coap://[2001:db8:f0::1]/t.

coap:// [2001:db8:f0 :: 1]/センサー/温度には、coap:// [2001:db8:f0 :: 1]/tで代替表現があります。

Following the same resolution steps, the fourth link can be read as coap://[2001:db8:f0::1]/sensors/temp is described by

同じ解像度の手順に続いて、4番目のリンクはcoap:// [2001:db8:f0:1]/センサー/温度として読み取ることができます。

B.3. Enter the Resource Directory
B.3. リソースディレクトリを入力します

The RD tries to carry the semantics obtainable by classical CoAP discovery over to the resource lookup interface as faithfully as possible.


For the following queries, we will assume that the simple host has used simple registration to register at the RD that was announced to it, sending this request from its UDP port [2001:db8:f0::1]:6553:

次のクエリでは、Simple HostがSimple登録を使用して発表されたRDに登録し、UDPポート[2001:DB8:F0 :: 1]:6553からこのリクエストを送信したと仮定します。

   Req: POST coap://[2001:db8:f0::ff]/.well-known/rd?ep=simple-host1

Res: 2.04 Changed


Figure 32: Example of a Simple Registration


The RD would have accepted the registration and queried the simple host's /.well-known/core by itself. As a result, the host is registered as an endpoint in the RD with the name "simple-host1". The registration is active for 90000 seconds, and the endpoint registration base URI is coap://[2001:db8:f0::1], following the resolution steps described in Appendix B.1.1. It should be remarked that the base URI constructed that way always yields a URI of the form scheme://authority without path suffix.

RDは登録を受け入れ、シンプルなホストの /.Well-known/Coreを単独で照会しました。その結果、ホストは「Simple-Host1」という名前のRDのエンドポイントとして登録されます。登録は90000秒間アクティブであり、エンドポイント登録ベースのURIはCOAP:// [2001:db8:f0 :: 1]であり、付録B.1.1で説明されている解決手順に従います。そのように構築されたベースのURIは、常にフォームのscheme:// authorityの接尾辞のないuriを生成することに注意する必要があります。

If the client now queries the RD as it would previously have issued a multicast request, it would go through the RD discovery steps by fetching coap://[2001:db8:f0::ff]/.well-known/core?rt=core.rd-lookup-res, obtain coap://[2001:db8:f0::ff]/rd-lookup/res as the resource lookup endpoint, and ask it for all temperature resources:

クライアントが以前にマルチキャストリクエストを発行したようにRDを照会した場合、coap:// [2001:db8:f0 :: ff]/.well-nown/core?rtを取得することにより、RDディスカバリーステップを通過します。= core.rd-lookup-res、coap:// [2001:db8:f0 :: ff]/rd-lookup/resをリソースルックアップエンドポイントとして取得し、すべての温度リソースを尋ねます。

   Req: GET coap://[2001:db8:f0::ff]/rd-lookup/res?rt=temperature
   Res: 2.05 Content

Figure 33: Example Exchange Performing Resource Lookup

図33:リソース検索を実行するExchange Exchange

This is not _literally_ the same response that it would have received from a multicast request, but it contains the equivalent statement:


coap://[2001:db8:f0::1] is hosting the resource coap://[2001:db8:f0::1]/sensors/temp, which is of the resource type "temperature" and can be accessed using the text/plain content format.

coap:// [2001:db8:f0 :: 1]はリソースをホストしていますcoap:// [2001:db8:f0 :: 1]/センサー/温度は、リソースタイプの「温度」であり、アクセスできますテキスト/プレーンコンテンツ形式を使用します。

To complete the examples, the client could also query all resources hosted at the endpoint with the known endpoint name "simple-host1":


   Req: GET coap://[2001:db8:f0::ff]/rd-lookup/res?ep=simple-host1
   Res: 2.05 Content

Figure 34: Extended Example Exchange Performing Resource Lookup


All the target and anchor references are already in absolute form there, which don't need to be resolved any further.


Had the simple host done an equivalent full registration with a base= parameter (e.g., ?ep=simple-host1&base=coap+tcp://, that context would have been used to resolve the relative anchor values instead, giving the following and analogous links:

Simple HostがBase = Parameter(例えば、?ep = simple-host1&base = coap tcp://で同等の完全な登録を行った場合、そのコンテキストは代わりに相対アンカー値を解決するために使用されていました。次のリンクと類似のリンクを与える:


Figure 35: Example Payload of a Response to a Resource Lookup with a Dedicated Base URI


B.4. A Note on Differences between Link-Format and Link Header Fields
B.4. リンクフォーマットとリンクヘッダーフィールドの違いに関するメモ

While link-format and Link header fields look very similar and are based on the same model of typed links, there are some differences between [RFC6690] and [RFC8288]. When implementing an RD or interacting with an RD, care must be taken to follow the behavior described in [RFC6690] whenever application/link-format representations are used.


* "Default value of anchor": Under both [RFC6690] and [RFC8288], relative references in the term inside the angle brackets (the target) and the anchor attribute are resolved against the relevant base URI (which usually is the URI used to retrieve the entity) and independent of each other.

* 「アンカーのデフォルト値」:[RFC6690]と[RFC8288]の両方で、角度ブラケット(ターゲット)内の用語の相対的な参照とアンカー属性は、関連するベースURIに対して解決されます(通常、これはURIです。エンティティ)および互いに独立しています。

When, in a Link header [RFC8288], the anchor attribute is absent, the link's context is the URI of the selected representation (and usually equal to the base URI).


In links per [RFC6690], if the anchor attribute is absent, the default value is the Origin of (for all relevant cases, the URI reference / resolved against) the link's target.

[RFC6690]あたりのリンクでは、アンカー属性が存在しない場合、デフォルト値は(関連するすべての場合、URI参照 /解決)の原点です。

* There is no percent encoding in link-format documents.

* リンクフォーマットドキュメントにエンコードパーセントはありません。

A link-format document is a UTF-8-encoded string of Unicode characters and does not have percent encoding, while Link header fields are practically ASCII strings that use percent encoding for non-ASCII characters, stating the encoding explicitly when required.


For example, while a Link header field in a page about a Swedish city might read:


      Link: </temperature/Malm%C3%B6>;rel=live-environment-data

a link-format document from the same source might describe the link as:


Appendix C. Limited Link Format

The CoRE Link Format, as described in [RFC6690], has been interpreted differently by implementers, and a strict implementation rules out some use cases of an RD (e.g., base values with path components in combination with absent anchors).


This appendix describes a subset of link format documents called the Limited Link Format. The one rule herein is not very limiting in practice -- all examples in [RFC6690] and all deployments the authors are aware of already stick to them -- but eases the implementation of RD servers.

この付録では、Limited Link形式と呼ばれるリンク形式ドキュメントのサブセットについて説明しています。ここでの1つのルールは実際にはそれほど制限されていません - [RFC6690]のすべての例とすべての展開は、著者がすでにそれらに固執していることを認識していますが、RDサーバーの実装を緩和します。

It is applicable to representations in the application/link-format media type and any other media types that inherit [RFC6690], Section 2.1.


A link format representation is in the Limited Link Format if, for each link in it, the following applies:


All URI references either follow the URI or the path-absolute ABNF rule of [RFC3986] (i.e., the target and anchor each either start with a scheme or with a single slash).




Oscar Novo, Srdjan Krco, Szymon Sasin, Kerry Lynn, Esko Dijk, Anders Brandt, Matthieu Vial, Jim Schaad, Mohit Sethi, Hauke Petersen, Hannes Tschofenig, Sampo Ukkola, Linyi Tian, Jan Newmarch, Matthias Kovatsch, Jaime Jimenez, and Ted Lemon have provided helpful comments, discussions, and ideas to improve and shape this document. Zach would also like to thank his colleagues from the EU FP7 SENSEI project, where many of the RD concepts were originally developed.

オスカー・ノヴォ、Srdjan Krco、Szymon Sasin、Kerry Lynn、Esko Dijk、Anders Brandt、Matthieu Vial、Jim Schaad、Mohit Sethi、Hauke Petersen、Hannes Tschofenig、Sampo Ukkola、Linyi Tian、Jan New Newmarkias kovatsch、レモンは、このドキュメントを改善および形成するための有益なコメント、ディスカッション、アイデアを提供しています。ザックはまた、RDコンセプトの多くが元々開発されたEU FP7先生プロジェクトの同僚に感謝したいと思います。

Authors' Addresses


Christian Amsüss (editor) Email:


Zach Shelby Edge Impulse 3031 Tisch Way San Jose, 95128 United States of America Email:

Zach Shelby Edge Impulse 3031 Tisch Way San Jose、95128 United States of America

Michael Koster PassiveLogic 524 H Street Antioch, CA 94509 United States of America Phone: +1-707-502-5136 Email:

Michael Koster Passivelogic 524 H Street Antioch、CA 94509アメリカ合衆国電話:1-707-502-5136メール

Carsten Bormann Universität Bremen TZI Postfach 330440 D-28359 Bremen Germany Phone: +49-421-218-63921 Email:

Carsten BormannUniversitätBremenTziPostfach 330440 D-28359 Bremen Germany電話:49-421-218-63921メール

Peter van der Stok vanderstok consultancy Email:

Peter van der Stok Vanderstok Consultancyメール