Hi,
I am looking for a technical advice on how a *secure UDP endpoint *("coaps")
exposed by IoTivity-powered server - may be accessed *from any
IoTivity-powered client*, without prior coordination between the client and
the server.
This is similar to the idea that any browser in the world can access a web
site via SSL, while the server isn't blocking any particular browser from
the access.
*[Note: this is a technology POC, not related to the OCF specification. So
the question is in the context of IoTivity library capabilities, not in the
context of the OCF security and compliance]*
I would appreciate some advice from the people who understand how the DTLS
"handshake" in IoTivity works.
Looking at the sample code... The "simpleclient" and "simpleserver" sample
solve the issue, via placing a shared "credential" into the security
configuration file.
Below is the server configuration file.
However, this isn't good for me, since the server needs a section per
specific "di" of the connecting client, while my goal is to allow DTLS
(secure) session for any client.
I would appreciate ideas on how it can be done.
Thanks in advance,
Max.
"cred": {
"creds": [
{
"credid": 1,
"subjectuuid": "32323232-3232-3232-3232-323232323232",
"credtype": 1,
"period": "20150630T060000/20990920T220000",
"privatedata": {
"data": "AAAAAAAAAAAAAAAA",
"encoding": "oic.sec.encoding.raw"
}
},
{
"credid": 2,
"subjectuuid": "31393139-3139-3139-3139-313931393139",
"credtype": 1,
"period": "20150630T060000/20990920T220000",
"privatedata": {
"data": "BBBBBBBBBBBBBBBB",
"encoding": "oic.sec.encoding.raw"
}
}
],
"rowneruuid": "32323232-3232-3232-3232-323232323232"
}
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#10034):
https://lists.iotivity.org/g/iotivity-dev/message/10034
Mute This Topic: https://lists.iotivity.org/mt/28430313/21656
Group Owner: iotivity-dev+ow...@lists.iotivity.org
Unsubscribe: https://lists.iotivity.org/g/iotivity-dev/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
