On 2018-02-12 20:03, PAVAN YADAV 16MCA1050 wrote:
How many resources can be connected to the resource server? Is there any
There is no limitation in the standards draft, you probably have some
hardware limitations, but these are dependent on the specific device you
are deploying the ACE framework on.
What is the max time limit for an access token for clien.
Again no limit in the draft. It's implementation dependent.
In my code I made that a unsigned long (i.e. up to 2^64-1 ms).
... but: This is just the implementation limit, since we are dealing
with constrained environments, where tokens and the corresponding pop
key can get stolen, keeping the lifetime short is probably a good idea
What will be the bit size of Proof-of-Possession digital token and key?
The size of the token depends on several parameters:
1.) If it is a CWT or something else (e.g. just a reference)
2.) If it is a CWT: what kind of COSE wrapper it has
3.) If it is a CWT: what claims does the token contain
You will get the smallest token size by just using a reference (but then
the RS needs to do introspection or know the tokens beforehand).
If you need a compact CWT, using some symmetric key wrapper (MAC or
Encrypt) will help you, and minimizing the number of claims (perhaps you
can have some default claims that all involved parties know beforehand,
like e.g. the profile they are using).
As a ballpark number, I create some CWT's in my junit tests that are
roughly 200 bytes large. They contain a lot of claims including a public
key, so that's probably at the larger end of the scale.
Size of the key depends on how your are performing the
proof-of-possession. If you e.g. use DTLS-PSK you would typically use a
128 bit AES key.
Hope that helps
Ludwig Seitz, PhD
Security Lab, RISE SICS
Phone +46(0)70-349 92 51
Ace mailing list