RFC 8609
Content-Centric Networking (CCNx) Messages in TLV Format
3.5. Top-Level Types
The top-level TLV types listed below exist at the outermost level of a CCNx Message TLV. +----------------------+------------+-------------------------------+ | Abbrev | Name | Description | +----------------------+------------+-------------------------------+ | T_INTEREST | Interest | An Interest MessageType. | | | (Section | | | | 3.6) | | | | | | | T_OBJECT | Content | A Content Object MessageType | | | Object | | | | (Section | | | | 3.6) | | | | | | | T_VALIDATION_ALG | Validation | The method of message | | | Algorithm | verification such as a | | | (Section | Message Integrity Check | | | 3.6.4.1) | (MIC), Message Authentication | | | | Code (MAC), or cryptographic | | | | signature. | | | | | | T_VALIDATION_PAYLOAD | Validation | The validation output, such | | | Payload | as the CRC32C code or the RSA | | | (Section | signature. | | | 3.6.4.2) | | +----------------------+------------+-------------------------------+ Table 5: CCNx Top Level Types
3.6. CCNx Message TLV
This is the format for the CCNx Message itself. The CCNx Message TLV is the portion of the CCNx Packet between the hop-by-hop headers and the Validation TLVs. The figure below is an expansion of the "CCNx Message TLV" depicted in the beginning of Section 3. The CCNx Message TLV begins with MessageType and runs through the optional Payload. The same general format is used for both Interest and Content Object messages which are differentiated by the MessageType field. The first enclosed TLV of a CCNx Message TLV is always the Name TLV, if present. This is followed by an optional Message TLVs and an optional Payload TLV. 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+---------------+---------------+ | MessageType | MessageLength | +---------------+---------------+---------------+---------------+ / Name TLV (Type = T_NAME) / +---------------+---------------+---------------+---------------+ / Optional Message TLVs (Various Types) / +---------------+---------------+---------------+---------------+ / Optional Payload TLV (Type = T_PAYLOAD) / +---------------+---------------+---------------+---------------+ Figure 14: CCNx Message TLV Encoding +-----------+---------------+---------------------------------------+ | Abbrev | Name | Description | +-----------+---------------+---------------------------------------+ | T_NAME | Name (Section | The CCNx Name requested in an | | | 3.6.1) | Interest or published in a Content | | | | Object. | | | | | | T_PAYLOAD | Payload | The message payload. | | | (Section | | | | 3.6.3) | | +-----------+---------------+---------------------------------------+ Table 6: CCNx Message TLV Types
3.6.1. Name
A Name is a TLV encoded sequence of segments. The table below lists the type values appropriate for these name segments. A Name MUST NOT include Pad TLVs. As described in CCNx Semantics [RFC8569], using the CCNx URI [CCNxURI] notation, a T_NAME with zero length corresponds to "ccnx:/" (the default route). The message grammar does not allow the first name segment to have zero length in a CCNx Message TLV Name. In the TLV encoding, "ccnx:/" corresponds to T_NAME with zero length. 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+---------------+---------------+ | T_NAME | Length | +---------------+---------------+---------------+---------------+ / Name segment TLVs / +---------------+---------------+---------------+---------------+ Figure 15: Name Encoding +---------------+-------------+-------------------------------------+ | Symbolic Name | Name | Description | +---------------+-------------+-------------------------------------+ | T_NAMESEGMENT | Name | A generic name segment. | | | segment | | | | (Section | | | | 3.6.1.1) | | | | | | | T_IPID | Interest | An identifier that represents the | | | Payload ID | Interest Payload field. As an | | | (Section | example, the Payload ID might be a | | | 3.6.1.2) | hash of the Interest Payload. This | | | | provides a way to differentiate | | | | between Interests based on their | | | | payloads without having to parse | | | | all the bytes of the payload | | | | itself, and instead using only this | | | | Payload ID name segment. | | | | | | T_APP:00 - | Application | Application-specific payload in a | | T_APP:4096 | Components | name segment. An application may | | | (Section | apply its own semantics to the 4096 | | | 3.6.1.1) | reserved types. | +---------------+-------------+-------------------------------------+ Table 7: CCNx Name Types
3.6.1.1. Name Segments
4096 special application payload name segments are allocated. These have application semantics applied to them. A good convention is to put the application's identity in the name prior to using these name segments. For example, a name like "ccnx:/foo/bar/hi" would be encoded as: 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+---------------+---------------+ | (T_NAME) | 0x14 (20) | +---------------+---------------+---------------+---------------+ | (T_NAME_SEGMENT) | 0x03 (3) | +---------------+---------------+---------------+---------------+ | f o o |(T_NAME_SEGMENT) +---------------+---------------+---------------+---------------+ | | 0x03 (3) | b | +---------------+---------------+---------------+---------------+ | a r | (T_NAME_SEGMENT) | +---------------+---------------+---------------+---------------+ | 0x02 (2) | h | i | +---------------+---------------+---------------+---------------+ Figure 16: Name Encoding Example3.6.1.2. Interest Payload ID
The InterestPayloadID is a name segment created by the origin of an Interest to represent the Interest Payload. This allows the proper multiplexing of Interests based on their name if they have different payloads. A common representation is to use a hash of the Interest Payload as the InterestPayloadID. As part of the Value of the TLV, the InterestPayloadID contains a one-octet identifier of the method used to create the InterestPayloadID followed by a variable-length octet string. An implementation is not required to implement any of the methods to receive an Interest; the InterestPayloadID may be treated only as an opaque octet string for the purposes of multiplexing Interests with different payloads. Only a device creating an InterestPayloadID name segment or a device verifying such a segment needs to implement the algorithms. It uses the encoding of hash values specified in Section 3.3.3.
In normal operations, we recommend displaying the InterestPayloadID as an opaque octet string in a CCNx URI, as this is the common denominator for implementation parsing. The InterestPayloadID, even if it is a hash, should not convey any security context. If a system requires confirmation that a specific entity created the InterestPayload, it should use a cryptographic signature on the Interest via the ValidationAlgorithm and ValidationPayload or use its own methods inside the Interest Payload.3.6.2. Message TLVs
Each message type (Interest or Content Object) is associated with a set of optional Message TLVs. Additional specification documents may extend the types associated with each.3.6.2.1. Interest Message TLVs
There are two Message TLVs currently associated with an Interest message: the KeyIdRestriction selector and the ContentObjectHashRestr selector are used to narrow the universe of acceptable Content Objects that would satisfy the Interest. 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+---------------+---------------+ | MessageType | MessageLength | +---------------+---------------+---------------+---------------+ | Name TLV | +---------------+---------------+---------------+---------------+ / Optional KeyIdRestriction TLV / +---------------------------------------------------------------+ / Optional ContentObjectHashRestriction TLV / +---------------------------------------------------------------+ Figure 17: Interest Message TLVs
+----------------+------------------------------+-------------------+ | Abbrev | Name | Description | +----------------+------------------------------+-------------------+ | T_KEYIDRESTR | KeyIdRestriction (Section | A representation | | | 3.6.2.1.1) | (as per Section | | | | 3.3.3) of the | | | | KeyId | | | | | | T_OBJHASHRESTR | ContentObjectHashRestriction | A representation | | | (Section 3.6.2.1.2) | (as per Section | | | | 3.3.3) of the | | | | hash of the | | | | specific Content | | | | Object that would | | | | satisfy the | | | | Interest. | +----------------+------------------------------+-------------------+ Table 8: CCNx Interest Message TLV Types3.6.2.1.1. KeyIdRestriction
An Interest MAY include a KeyIdRestriction selector. This ensures that only Content Objects with matching KeyIds will satisfy the Interest. See Section 3.6.4.1.4.1 for the format of a KeyId.3.6.2.1.2. ContentObjectHashRestriction
An Interest MAY contain a ContentObjectHashRestriction selector. This is the hash of the Content Object -- the self-certifying name restriction that must be verified in the network, if an Interest carried this restriction (see Message Hash (Section 3.4.3)). The LENGTH MUST be from one of the allowed values for that hash (see Section 3.3.3). The ContentObjectHashRestriction SHOULD be of type T_SHA-256 and of length 32 bytes.
1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+---------------+---------------+ | T_OBJHASHRESTR | (LENGTH+4) | +---------------+---------------+---------------+---------------+ | hash type | LENGTH | +---------------+---------------+---------------+---------------+ / LENGTH octets of hash / +---------------+---------------+---------------+---------------+ Figure 18: ContentObjectHashRestriction Encoding3.6.2.2. Content Object Message TLVs
The following message TLVs are currently defined for Content Objects: PayloadType (optional) and ExpiryTime (optional). 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+---------------+---------------+ | MessageType | MessageLength | +---------------+---------------+---------------+---------------+ | Name TLV | +---------------+---------------+---------------+---------------+ / Optional PayloadType TLV / +---------------------------------------------------------------+ / Optional ExpiryTime TLV / +---------------------------------------------------------------+ Figure 19: Content Object Message TLVs +-------------+-------------+---------------------------------------+ | Abbrev | Name | Description | +-------------+-------------+---------------------------------------+ | T_PAYLDTYPE | PayloadType | Indicates the type of Payload | | | (Section | contents. | | | 3.6.2.2.1) | | | | | | | T_EXPIRY | ExpiryTime | The time at which the Payload | | | (Section | expires, as expressed in the number | | | 3.6.2.2.2) | of milliseconds since the epoch in | | | | UTC. If missing, Content Object may | | | | be used as long as desired. | +-------------+-------------+---------------------------------------+ Table 9: CCNx Content Object Message TLV Types
3.6.2.2.1. PayloadType
The PayloadType is an octet representing the general type of the Payload TLV. o T_PAYLOADTYPE_DATA: Data (possibly encrypted) o T_PAYLOADTYPE_KEY: Key o T_PAYLOADTYPE_LINK: Link The Data type indicates that the Payload of the ContentObject is opaque application bytes. The Key type indicates that the Payload is a DER-encoded public key. The Link type indicates that the Payload is one or more Links (Section 3.3.4). If this field is missing, a Data type is assumed. 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+---------------+---------------+ | T_PAYLDTYPE | 1 | +---------------+---------------+---------------+---------------+ | PayloadType | +---------------+ Figure 20: PayloadType Encoding3.6.2.2.2. ExpiryTime
The ExpiryTime is the time at which the Payload expires, as expressed by a timestamp containing the number of milliseconds since the epoch in UTC. It is a network byte order unsigned integer in a 64-bit field. A cache or end system should not respond with a Content Object past its ExpiryTime. Routers forwarding a Content Object do not need to check the ExpiryTime. If the ExpiryTime field is missing, the Content Object has no expressed expiration, and a cache or end system may use the Content Object for as long as desired. 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+---------------+---------------+ | T_EXPIRY | 8 | +---------------+---------------+---------------+---------------+ / ExpiryTime / / / +---------------+---------------+---------------+---------------+ Figure 21: ExpiryTime encoding
3.6.3. Payload
The Payload TLV contains the content of the packet. It MAY be of zero length. If a packet does not have any payload, this field SHOULD be omitted, rather than being of zero length. 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+---------------+---------------+ | T_PAYLOAD | Length | +---------------+---------------+---------------+---------------+ / Payload Contents / +---------------+---------------+---------------+---------------+ Figure 22: Payload Encoding3.6.4. Validation
Both Interests and Content Objects have the option to include information about how to validate the CCNx Message. This information is contained in two TLVs: the ValidationAlgorithm TLV and the ValidationPayload TLV. The ValidationAlgorithm TLV specifies the mechanism to be used to verify the CCNx Message. Examples include verification with a Message Integrity Check (MIC), a Message Authentication Code (MAC), or a cryptographic signature. The ValidationPayload TLV contains the validation output, such as the CRC32C code or the RSA signature. An Interest would most likely only use a MIC type of validation -- a CRC, checksum, or digest.3.6.4.1. Validation Algorithm
The ValidationAlgorithm is a set of nested TLVs containing all of the information needed to verify the message. The outermost container has type = T_VALIDATION_ALG. The first nested TLV defines the specific type of validation to be performed on the message. The type is identified with the "ValidationType" as shown in the figure below and elaborated in the table below. Nested within that container are the TLVs for any ValidationType-dependent data -- for example, a Key Id, Key Locator, etc. Complete examples of several types may be found in Section 3.6.4.1.5.
1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+---------------+---------------+ | T_VALIDATION_ALG | ValidationAlgLength | +---------------+---------------+---------------+---------------+ | ValidationType | Length | +---------------+---------------+---------------+---------------+ / ValidationType-dependent data / +---------------+---------------+---------------+---------------+ Figure 23: Validation Algorithm Encoding +-----------------+---------------+---------------------------------+ | Abbrev | Name | Description | +-----------------+---------------+---------------------------------+ | T_CRC32C | CRC32C | Castagnoli CRC32 (iSCSI, ext4, | | | (Section | etc.) with normal form | | | 3.6.4.1.1) | polynomial 0x1EDC6F41. | | | | | | T_HMAC-SHA256 | HMAC-SHA256 | HMAC (RFC 2104) using SHA256 | | | (Section | hash. | | | 3.6.4.1.2) | | | | | | | T_RSA-SHA256 | RSA-SHA256 | RSA public-key signature using | | | (Section | SHA256 digest. | | | 3.6.4.1.3) | | | | | | | T_EC-SECP-256K1 | SECP-256K1 | Elliptic Curve signature with | | | (Section | SECP-256K1 parameters (see | | | 3.6.4.1.3) | [ECC]). | | | | | | T_EC-SECP-384R1 | SECP-384R1 | Elliptic Curve signature with | | | (Section | SECP-384R1 parameters (see | | | 3.6.4.1.3) | [ECC]). | +-----------------+---------------+---------------------------------+ Table 10: CCNx Validation Types3.6.4.1.1. Message Integrity Checks
MICs do not require additional data in order to perform the verification. An example is CRC32C that has a zero-length value.
3.6.4.1.2. Message Authentication Codes
MACs are useful for communication between two trusting parties who have already shared secret keys. An example is the HMAC algorithm. A MAC uses the KeyId field to identify which shared secret is in use. The meaning of the KeyId is specific to the two parties involved and could be simply an integer to enumerate keys. If a new MAC requires an additional field, such as an Initialization Vector, that field would need to be defined as part of the updated specification.3.6.4.1.3. Signature
Signature type Validators specify a digest mechanism and a signing algorithm to verify the message. Examples include an RSA signature on a SHA256 digest, an Elliptic Curve signature with SECP-256K1 parameters, etc. These Validators require a KeyId and a mechanism for locating the publisher's public key (a KeyLocator) -- and optionally a PublicKey or Certificate or KeyLink.3.6.4.1.4. Validation-Dependent Data
Different Validation Algorithms require access to different pieces of data contained in the ValidationAlgorithm TLV. As described above, Key Ids, Key Locators, Public Keys, Certificates, Links, and Key Names all play a role in different Validation Algorithms. Any number of Validation-Dependent Data containers can be present in a Validation Algorithm TLV.
Below is a table of CCNx ValidationType-dependent data types: +-------------+-----------------+-----------------------------------+ | Abbrev | Name | Description | +-------------+-----------------+-----------------------------------+ | T_KEYID | SignerKeyId | An identifier of the shared | | | (Section | secret or public key associated | | | 3.6.4.1.4.1) | with a MAC or Signature. | | | | | | T_PUBLICKEY | Public Key | DER-encoded public key. | | | (Section | | | | 3.6.4.1.4.2) | | | | | | | T_CERT | Certificate | DER-encoded X.509 certificate. | | | (Section | | | | 3.6.4.1.4.3) | | | | | | | T_KEYLINK | KeyLink | A CCNx Link object. | | | (Section | | | | 3.6.4.1.4.4) | | | | | | | T_SIGTIME | SignatureTime | A millisecond timestamp | | | (Section | indicating the time when the | | | 3.6.4.1.4.5) | signature was created. | +-------------+-----------------+-----------------------------------+ Table 11: CCNx Validation-Dependent Data Types3.6.4.1.4.1. KeyId The KeyId for a signature is the publisher key identifier. It is similar to a Subject Key Identifier from X.509 (see Section 4.2.1.2 of [RFC5280]). It should be derived from the key used to sign, such as from the SHA-256 hash of the key. It applies to both public and private key systems and to symmetric key systems. The KeyId is represented using the hash format in Section 3.3.3. If an application protocol uses a non-hash identifier, it should use one of the reserved values.
1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+---------------+---------------+ | T_KEYID | LENGTH+4 | +---------------+---------------+---------------+---------------+ | <hash type> | LENGTH | +---------------+---------------+---------------+---------------+ / LENGTH octets of hash / +---------------+---------------+---------------+---------------+ Figure 24: KeyId Encoding3.6.4.1.4.2. Public Key A Public Key is a DER-encoded Subject Public Key Info block, as in an X.509 certificate. 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+---------------+---------------+ | T_PUBLICKEY | Length | +---------------+---------------+---------------+---------------+ / Public Key (DER-encoded SPKI) / +---------------+---------------+---------------+---------------+ Figure 25: Public Key Encoding3.6.4.1.4.3. Certificate A Certificate is a DER-encoded X.509 certificate. The KeyId (Section 3.6.4.1.4.1) is derived from this encoding. 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+---------------+---------------+ | T_CERT | Length | +---------------+---------------+---------------+---------------+ / Certificate (DER-encoded X.509) / +---------------+---------------+---------------+---------------+ Figure 26: Certificate Encoding
3.6.4.1.4.4. KeyLink A KeyLink type KeyLocator is a Link. The KeyLink ContentObjectHashRestr, if included, is the digest of the Content Object identified by KeyLink, not the digest of the public key. Likewise, the KeyIdRestr of the KeyLink is the KeyId of the ContentObject, not necessarily of the wrapped key. 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+-------------------------------+ | T_KEYLINK | Length | +---------------+---------------+-------------------------------+ / Link / +---------------------------------------------------------------+ Figure 27: KeyLink Encoding3.6.4.1.4.5. SignatureTime The SignatureTime is a millisecond timestamp indicating the time at which a signature was created. The signer sets this field to the current time when creating a signature. A verifier may use this time to determine whether or not the signature was created during the validity period of a key, or if it occurred in a reasonable sequence with other associated signatures. The SignatureTime is unrelated to any time associated with the actual CCNx Message, which could have been created long before the signature. The default behavior is to always include a SignatureTime when creating an authenticated message (e.g., HMAC or RSA). SignatureTime is an unsigned integer in network byte order that indicates when the signature was created (as the number of milliseconds since the epoch in UTC). It is a fixed 64-bit field. 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+-------------------------------+ | T_SIGTIME | 8 | +---------------+---------------+-------------------------------+ / SignatureTime / +---------------------------------------------------------------+ Figure 28: SignatureTime Encoding
3.6.4.1.5. Validation Examples
As an example of a MIC-type validation, the encoding for CRC32C validation would be: 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+---------------+---------------+ | T_VALIDATION_ALG | 4 | +---------------+---------------+---------------+---------------+ | T_CRC32C | 0 | +---------------+---------------+---------------+---------------+ Figure 29: CRC32C Encoding Example As an example of a MAC-type validation, the encoding for an HMAC using a SHA256 hash would be: 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+---------------+---------------+ | T_VALIDATION_ALG | 40 | +---------------+---------------+---------------+---------------+ | T_HMAC-SHA256 | 36 | +---------------+---------------+---------------+---------------+ | T_KEYID | 32 | +---------------+---------------+---------------+---------------+ / KeyId / /---------------+---------------+-------------------------------+ Figure 30: HMAC-SHA256 Encoding Example
As an example of a Signature-type validation, the encoding for an RSA public-key signature using a SHA256 digest and Public Key would be: 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+---------------+---------------+ | T_VALIDATION_ALG | 44 octets + Variable Length | +---------------+---------------+---------------+---------------+ | T_RSA-SHA256 | 40 octets + Variable Length | +---------------+---------------+---------------+---------------+ | T_KEYID | 32 | +---------------+---------------+---------------+---------------+ / KeyId / /---------------+---------------+-------------------------------+ | T_PUBLICKEY | Variable Length (~160 octets)| +---------------+---------------+---------------+---------------+ / Public Key (DER-encoded SPKI) / +---------------+---------------+---------------+---------------+ Figure 31: RSA-SHA256 Encoding Example3.6.4.2. Validation Payload
1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------+---------------+---------------+---------------+ | T_VALIDATION_PAYLOAD | ValidationPayloadLength | +---------------+---------------+---------------+---------------+ / Type-dependent data / +---------------+---------------+---------------+---------------+ Figure 32: Validation Payload Encoding The ValidationPayload contains the validation output, such as the CRC32C code or the RSA signature.
(next page on part 3)
