Hi All , Security team is developing 'Access Management Service (oic.sec.ams)' feature which allows a resource server(RS) to query oic.sec.ams(hosted on a different device) to query for ACL's.
RS achieves this by sending a multicast query to the network to first retrieve the end-point info (IP address and port) of the oic.sec.ams and then goes on to set a secure channel with it and do its task. The multicast query would be something like this: GET /oic/d?di=XXXXXXXX (send as NON-CONFIRMABLE) The problem with current Iotivity stack is that.....every end-point in the network will respond to this query by sending a packet (with empty payload) even if it does not have anything useful to send. (As per CoAP specification (https://tools.ietf.org/html/rfc7252#section-8.2), if a request is received via multicast and server does not have anything useful to respond, it should silently ignore the request. This approach is critical to conserve power and make network less noisy in an environment with multiple devices.) Once John L. is done with updating the socket logic handling in CA, we can add this functionality by updating the received request data structure to add a flag (or something else) to indicate the arrival of packet via multicast. Some more details are added in Jira ticket which is created to track this issue. https://jira.iotivity.org/browse/IOT-589 Thanks Sachin -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 7768 bytes Desc: not available URL: <http://lists.iotivity.org/pipermail/iotivity-dev/attachments/20150701/c33d97cb/attachment.p7s>
