The bulk of the documentation for enabling and configuring security is still roughly correct from IoTivity 1.2, but there are also a lot of minor updates and corrections needed to these pages:
https://wiki.iotivity.org/iotivity_security Aside from the 1.3 updates, I think the issue may be that there is too much info there, and it's not clear what the bare minimum "README" info is. I think that 90% of IoTivity app developers just want to know a small subset of this info, and it would be great if someone can take the time to create an overview with links to the various in-depth pages for more detail. As for the example apps, if an individual app is found to be "broken" by 1.3 changes, it may be a matter of updating the apps persistent storage callbacks to correctly differentiate between the separate files for introspection, security, and settings (maybe others I'm not aware of). Many current examples ignore the filename in the callback and use the same file to attempt to store everything, which AFAIK is likely to break. If fixing the persistent storage callback implementation doesn't get the example working, it may be that the security settings .dat file (e.g. "oic_svr_db_server.dat") needs to be updated. We're trying to keep all the security settings .json and .dat files updated, but if a particular app is missed or incorrectly updated, the steps for grabbing a reference .json file, making app-specific edits, and encoding to CBOR, are covered here: https://wiki.iotivity.org/steps_for_enabling_security_in_iotivity_applications and specifically using the json2cbor tool is covered here: https://wiki.iotivity.org/security_resource_manager (search for "json2cbor") Obviously this critical info is too buried, and I see lots of things that are outdated. I'm not informed on what the wiki maintenance plan is. Thanks, Nathan -----Original Message----- From: iotivity-dev-bounces at lists.iotivity.org [mailto:[email protected]] On Behalf Of Philippe Coval Sent: Thursday, April 27, 2017 1:04 AM To: iotivity-dev at lists.iotivity.org Subject: Re: [dev] svr db, static provisioning - help needed On 23/04/17 18:18, Thiago Moura wrote: > Hi Alex. Thanks for looking into it. > (...) > Anyway, I think this is not the right approach on making breaking > changes (asking if anyone will be affected). > IoTivity has a really weird release cycle. If it follows a semantic > versioning developers are aware that the new release has potentially > breaking changes (1.x.x -> 2.0). And I guess lot's of breaking changes > are already present in the upcoming 1.3 (like secured=1 by the > default) Yea, I expected issues when we turned on security, Are there any open bug to track issues about samples ? I guess simpleserver / simpleclient from resource/examples, are not working on 1.3-rel as they used to be in 1.2-rel, are they ? Please security team can you update this page with latest info that matters to developers: https://wiki.iotivity.org/1.3-rel Thanks -- mailto:philippe.coval at osg.samsung.com gpg:0x467094BC https://blogs.s-osg.org/author/pcoval/ _______________________________________________ iotivity-dev mailing list iotivity-dev at lists.iotivity.org https://lists.iotivity.org/mailman/listinfo/iotivity-dev
