Also, if you can clearly identify what is happening, please share your findings. I had a look but still not totally clear about the exact procedure.
On Wed, Nov 28, 2018 at 4:07 PM Khaled Elsayed via Lists.Iotivity.Org <khaledieee=gmail....@lists.iotivity.org> wrote: > This can be done via certificates. You can find the example for the > provisionclient. I am still trying to figure out myself as it is not very > well documented. Quoting Nathan reply on my question sent last week or so. > There is indeed an example of Certificate-based Client/Server > authentication in the IoTivity example “sampleserver_mfg”, which is in the > resource/csdk/securitiy/provisioning/sample folder. > > On Wed, Nov 28, 2018 at 2:56 PM Max <max...@gmail.com> wrote: > >> >> Hi, >> >> I am looking for a technical advice on how a *secure UDP endpoint *("coaps") >> exposed by IoTivity-powered server - may be accessed *from any >> IoTivity-powered client*, without prior coordination between the client >> and the server. >> >> This is similar to the idea that any browser in the world can access a >> web site via SSL, while the server isn't blocking any particular browser >> from the access. >> >> *[Note: this is a technology POC, not related to the OCF specification. >> So the question is in the context of IoTivity library capabilities, not in >> the context of the OCF security and compliance]* >> >> I would appreciate some advice from the people who understand how the >> DTLS "handshake" in IoTivity works. >> >> Looking at the sample code... The "simpleclient" and "simpleserver" >> sample solve the issue, via placing a shared "credential" into the security >> configuration file. >> >> Below is the server configuration file. >> >> However, this isn't good for me, since the server needs a section per >> specific "di" of the connecting client, while my goal is to allow DTLS >> (secure) session for any client. >> >> I would appreciate ideas on how it can be done. >> >> Thanks in advance, >> >> Max. >> >> "cred": { >> "creds": [ >> { >> "credid": 1, >> "subjectuuid": "32323232-3232-3232-3232-323232323232", >> "credtype": 1, >> "period": "20150630T060000/20990920T220000", >> "privatedata": { >> "data": "AAAAAAAAAAAAAAAA", >> "encoding": "oic.sec.encoding.raw" >> } >> }, >> { >> "credid": 2, >> "subjectuuid": "31393139-3139-3139-3139-313931393139", >> "credtype": 1, >> "period": "20150630T060000/20990920T220000", >> "privatedata": { >> "data": "BBBBBBBBBBBBBBBB", >> "encoding": "oic.sec.encoding.raw" >> } >> } >> ], >> "rowneruuid": "32323232-3232-3232-3232-323232323232" >> } >> >> >> >> >> > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#10036): https://lists.iotivity.org/g/iotivity-dev/message/10036 Mute This Topic: https://lists.iotivity.org/mt/28430313/21656 Group Owner: iotivity-dev+ow...@lists.iotivity.org Unsubscribe: https://lists.iotivity.org/g/iotivity-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-