Also, if you can clearly identify what is happening, please share your
findings. I had a look but still not totally clear about the exact
procedure.
On Wed, Nov 28, 2018 at 4:07 PM Khaled Elsayed via Lists.Iotivity.Org
<khaledieee=gmail....@lists.iotivity.org> wrote:
> This can be done via certificates. You can find the example for the
> provisionclient. I am still trying to figure out myself as it is not very
> well documented. Quoting Nathan reply on my question sent last week or so.
> There is indeed an example of Certificate-based Client/Server
> authentication in the IoTivity example “sampleserver_mfg”, which is in the
> resource/csdk/securitiy/provisioning/sample folder.
>
> On Wed, Nov 28, 2018 at 2:56 PM Max <max...@gmail.com> wrote:
>
>>
>> Hi,
>>
>> I am looking for a technical advice on how a *secure UDP endpoint *("coaps")
>> exposed by IoTivity-powered server - may be accessed *from any
>> IoTivity-powered client*, without prior coordination between the client
>> and the server.
>>
>> This is similar to the idea that any browser in the world can access a
>> web site via SSL, while the server isn't blocking any particular browser
>> from the access.
>>
>> *[Note: this is a technology POC, not related to the OCF specification.
>> So the question is in the context of IoTivity library capabilities, not in
>> the context of the OCF security and compliance]*
>>
>> I would appreciate some advice from the people who understand how the
>> DTLS "handshake" in IoTivity works.
>>
>> Looking at the sample code... The "simpleclient" and "simpleserver"
>> sample solve the issue, via placing a shared "credential" into the security
>> configuration file.
>>
>> Below is the server configuration file.
>>
>> However, this isn't good for me, since the server needs a section per
>> specific "di" of the connecting client, while my goal is to allow DTLS
>> (secure) session for any client.
>>
>> I would appreciate ideas on how it can be done.
>>
>> Thanks in advance,
>>
>> Max.
>>
>> "cred": {
>> "creds": [
>> {
>> "credid": 1,
>> "subjectuuid": "32323232-3232-3232-3232-323232323232",
>> "credtype": 1,
>> "period": "20150630T060000/20990920T220000",
>> "privatedata": {
>> "data": "AAAAAAAAAAAAAAAA",
>> "encoding": "oic.sec.encoding.raw"
>> }
>> },
>> {
>> "credid": 2,
>> "subjectuuid": "31393139-3139-3139-3139-313931393139",
>> "credtype": 1,
>> "period": "20150630T060000/20990920T220000",
>> "privatedata": {
>> "data": "BBBBBBBBBBBBBBBB",
>> "encoding": "oic.sec.encoding.raw"
>> }
>> }
>> ],
>> "rowneruuid": "32323232-3232-3232-3232-323232323232"
>> }
>>
>>
>>
>>
>>
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#10036):
https://lists.iotivity.org/g/iotivity-dev/message/10036
Mute This Topic: https://lists.iotivity.org/mt/28430313/21656
Group Owner: iotivity-dev+ow...@lists.iotivity.org
Unsubscribe: https://lists.iotivity.org/g/iotivity-dev/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
