On Tue, 19 Sep 2017 19:48:01 -0500 M. wrote: MWT> I'm working on a project using net-snmp with DTLS and would MWT> like to know the plans for DTLS support going forward. It is MWT> my understanding that SNMP using TLS/DLTS is the path forward MWT> but there isn't much information regarding a time line. Is MWT> there any way we could know the planned schedule for full DTLS MWT> support? MWT> MWT> We've been testing with 5.7.3 compiled from source with MWT> DTLSUDP/TSM enabled. A few issues we've come across are: MWT> - No support for SHA256/384 MWT> - No support for AES192/156 MWT> - Certificates are not being verified even though MWT> CA.crt/Intermediate.crt files are provided to (and discovered MWT> by) SNMP. MWT> - The query is still successful even though the certificates MWT> are not verified
Have your tried the master branch? SHA2 has been added there. I'm looking into support for the non-standard AES protocols. They will likely be off by default and require a configure option to enable. MWT> With regards to the AES192/256 comment, we are currently MWT> looking into the patch 1346 (v3 Encryption Support for 3Des, MWT> AES-256, AES-192). Looks good but we are continuing to test. MWT> Any ideas when/if this patch may be accepted? When is the next MWT> anticipated release? Luckily we are starting to ramp up for a new release cycle. You can help by trying the master branch. I'll get back with you on the new AES stuff after I've had time to review your patch. Robert ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
