@misc{rfc9175,
    series =    {Request for Comments},
    number =    9175,
    howpublished =  {RFC 9175},
    publisher = {RFC Editor},
    doi =       {10.17487/RFC9175},
    url =       {https://www.rfc-editor.org/info/rfc9175},
    author =    {Christian Amsüss and John Preuß Mattsson and Göran Selander},
    title =     {{Constrained Application Protocol (CoAP): Echo, Request-Tag, and Token Processing}},
    pagetotal = 27,
    year =      2022,
    month =     feb,
    abstract =  {This document specifies enhancements to the Constrained Application Protocol (CoAP) that mitigate security issues in particular use cases. The Echo option enables a CoAP server to verify the freshness of a request or to force a client to demonstrate reachability at its claimed network address. The Request-Tag option allows the CoAP server to match block-wise message fragments belonging to the same request. This document updates RFC 7252 with respect to the following: processing requirements for client Tokens, forbidding non-secure reuse of Tokens to ensure response-to-request binding when CoAP is used with a security protocol, and amplification mitigation (where the use of the Echo option is now recommended).},
}