CoAP is a web transfer protocol that provides basic RESTful services for IoT devices. Since CoAP operates on top of UDP, CoAP must support additional congestion control and reliability mechanisms. However, CoAP is originally designed to allow implementations that do not maintain any end-to-end connection information. Thus, the default congestion control mechanisms are not capable of adapting to network conditions. A few enhancements of the basic congestion control mechanism of CoAP have been recently proposed, and CoCoA+ is commonly considered the most mature of these proposals. However, the shortcomings of CoCoA+ have not been sufficiently investigated in the literature. In this paper, we present an in-depth analysis of the congestion control mechanisms of CoCoA+ and CoAP for a variety of traffic patterns under realistic IoT setups. The results of this evaluation indicate that CoCoA+ can perform significantly worse than default CoAP, especially with bursty traffic and in networks with few clients as a result of an improper selection of the retransmission timeouts. Furthermore, large variability of RTO values in CoCoA+ makes difficult to meet end-to-end delay requirements of typical IoT monitoring applications.