This document species the use of CoAP over UDP as a transport medium for
, (designated as CMP in this document), and the
. In general, this document follows the HTTP transfer for CMP
specications dened in and species the requirements for using CoAP as a transfer
mechanism for CMP.
This document also provides guidance on how to use a "CoAP-to-HTTP" proxy to ease adoption of
a CoAP transfer mechanism by enabling the interconnection with existing PKI entities already
providing CMP over HTTP.
The key words " ", " ", " ", " ", " ", " ", "
", " ", " ", " ", and " " in this document are to
be interpreted as described in BCP14 when, and only when, they appear in
all capitals, as shown here.
CMP version 2
[RFC4210] CMP version 3 [RFC9480] Lightweight
CMP Prole [RFC9483]
[RFC6712]
[RFC2119] [RFC8174]
A CMP transaction consists of exchanging PKIMessages between PKI end entities (EEs),
registration authorities (RAs), and certication authorities (CAs). If the EEs are constrained
devices, then they may prefer, as a CMP client, the use of CoAP instead of HTTP as the transfer
mechanism. In general, the RAs and CAs are not constrained and can support both CoAP and
HTTP client and server implementations. This section species how to use CoAP as the transfer
mechanism for CMP.
[RFC4210]
The CoAP URI format is described in . The CoAP endpoints support
use of the path prex "/.well-known/" as dened in and the registered name "cmp" to
help with endpoint discovery and interoperability. Optional path segments be added after
the registered application name (i.e., after "/.well-known/cmp") to provide distinction. The path
segment 'p' followed by an arbitraryLabel <name> could, for example, support the dierentiation
of specic CAs or certicate proles. Further path segments, for example, as specied in
, could indicate PKI management operations using an
operationLabel <operation>. A valid full CMP URI can look like this:
Section 6 of [RFC7252]
[RFC8615]
Lightweight CMP Prole [RFC9483]
coap://www.example.com/.well-known/cmp
coap://www.example.com/.well-known/cmp/<operation>
coap://www.example.com/.well-known/cmp/p/<profileLabel>
coap://www.example.com/.well-known/cmp/p/<profileLabel>/<operation>
RFC 9482 CoAP Transfer for CMP November 2023
Sahni & Tripathi Standards Track Page 3