We (SICS and neXus) have been working on this since September last year and designed and implemented an enrollment protocol over secure CoAP. Both the specifications and the Contiki source code will be available soon. This is done under the umbrella of a Swedish project called CEBOT: Certificate Enrollment in Billions of Things.
Regards, Shahid > On 03 Jun 2016, at 17:08, Samuel Erdtman <[email protected]> wrote: > > The company I previously worked for where looking into adopting EST for this > purpose, the benefit of EST compared to cmp or scep was that it defined the > process for server side generated keys, which could be beneficial if key > generation would be to cumbersome for the device or if you don't trust the > device to generate a "good" key. > > Maybe Shahid could give sold more updates since he was helping us with this > project > > On Thursday, 2 June 2016, Julien Vermillard <[email protected] > <mailto:[email protected]>> wrote: > Hi, > In industrial or enterprise M2M/IoT application we often use PSK for > authentication, but more and more user want to enroll the device on their > public key infrastructure like they does with some routers using SCEP/CMP. > > I wonder if it was explored to enroll devices, and renew certificates on PKI > only using CoAP and not HTTP? > > -- > Julien Vermillard > _______________________________________________ > Ace mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ace
_______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
