find time this weekend.
Thanks,
Nathan
From: Alex Kelley [mailto:ale...@microsoft.com]
Sent: Friday, July 14, 2017 2:57 PM
To: Heldt-Sheller, Nathan <nathan.heldt-shel...@intel.com>; Mats Wichmann
<m...@wichmann.us>; iotivity-dev@lists.iotivity.org
Subject: RE: [dev] many IoTivity sample
on top of the IoTivity
stack.
The logs should tell us more about what specifically is failing.
Thanks,
Nathan
From: Heldt-Sheller, Nathan
Sent: Friday, July 14, 2017 2:13 PM
To: 'Alex Kelley' <ale...@microsoft.com>; Mats Wichmann <m...@wichmann.us>;
iotivity-dev@lists.iotivity.org
ed for Certification blockers that would prohibit us
from passing IPR with a working reference implementation).
Thanks,
Nathan
From: Alex Kelley [mailto:ale...@microsoft.com]
Sent: Friday, July 14, 2017 2:07 PM
To: Heldt-Sheller, Nathan <nathan.heldt-shel...@intel.com>; Mats Wichmann
<m.
Hi Rami,
I'm sorry this is not working for you!
To establish a baseline, can you try testing the 1.3.0 version of the two
secure apps, and see whether they work similarly to yours?
in /out/linux/x86_64/debug/resource/csdk/stack/samples/linux/secure
dir:
$ ./ocserverbasicops |& tee server.log
Thanks Uze, I was just going to ask this question, and also suggest we continue
on 1.3-rel for now rather than creating a new branch for the later tags (or
1.3.x release).
Thanks,
Nathan
From: iotivity-dev-bounces at lists.iotivity.org
[mailto:iotivity-dev-boun...@lists.iotivity.org] On
I've noticed that when I re-open an issue (via Workflow dropdown) it doesn't
change the Resolution, which remains "Fixed".
This page suggests setting JIRA up to automatically clear the Resolution field
when re-opened:
Hi folks,
Given we do not have a sufficient regression tests to catch discovery and
onboarding issues at this time, I'd like to request in the short term
(especially as we close in on release date) that if you're working on an area
that could affect discovery/onboarding, please take 2 minutes
Mihai ; Heldt-Sheller, Nathan
; Kevin Kane
Subject: MOT is broken on the latest 1.3-rel
Hi All,
MOT is broken in the latest 1.3-rel. Specifically provisioningclient is no
longer able to enable MOT on a specific device such as sampleserver_randompin.
When OCChangeMOTMode is called the callback
The bulk of the documentation for enabling and configuring security is still
roughly correct from IoTivity 1.2, but there are also a lot of minor updates
and corrections needed to these pages:
https://wiki.iotivity.org/iotivity_security
Aside from the 1.3 updates, I think the issue may be that
Hi George,
You're doing it right from the looks of what you wrote. The .dat file should
be sitting in the same directory as you executed in.
Are you able to successfully create a .dat file using one of the provided .json
files (this will tell you if the problem is likely in your .json file)?
Thanks Dwarka, Wednesday 5pm PST does work for me? I?ll join the WebEx!
Thanks,
Nathan
From: Dwarkaprasad Dayama [mailto:dwarka.day...@samsung.com]
Sent: Monday, April 24, 2017 11:31 PM
To: Heldt-Sheller, Nathan ; uzchoi at
samsung.com; iotivity-dev at lists.iotivity.org
Subject: RE: [dev
I cannot attend the Thursday meeting time; I could attend Friday a.m. PST any
time from 8am onward. Also, I am keeping the Security Dashboard up to date; it
is linked off the 1.3 release wiki. And I can provide email summary for
Thursday meeting as well.
Thanks,
Nathan
From:
-boun...@lists.iotivity.org] On Behalf Of Heldt-Sheller,
Nathan
Sent: Friday, April 21, 2017 11:26 AM
To: iotivity-dev at lists.iotivity.org
Subject: [dev] apparent deadlock in GetCASecureEndpointInfo()... known issue in
1.3-rel?
Hi folks,
I'm blocked in verifying some of my changes because
Hi folks,
I'm blocked in verifying some of my changes because the "provisioningclient"
apps seems to no longer work on 1.3-rel
(72e1ab0da3a9ce08e5423b64cb793b3b57493587). Discovery of the unowned device
works, but when I try to do JustWorks owner transfer I get:
"09:22.701 DEBUG: OIC_OTM: In
Hie JaeHwan,
Yes this is possible: the feature you are looking for is what we call ?roles?
in OCF 1.0 Security Specification. It?s implemented starting with IoTivity 1.3.
Thanks,
Nathan
From: iotivity-dev-bounces at lists.iotivity.org [mailto:iotivity-dev-bounces
at lists.iotivity.org] On
' ; Heldt-Sheller, Nathan
; iotivity-dev at lists.iotivity.org; oswg
at openconnectivity.org; security_os_tg at openconnectivity.org
Cc: '??? ?? OCF Sec'
Subject: RE: [OCF oswg] RE: Request to postpone IoTivity 1.3-rel branch date
from April 7th to April 17th
Thank you Nathan and Mitch,
I know
Hello OSWG, IoTivity-dev and OSWG Security TG,
As many of you know, being a volunteer project, we've been short-handed on
developers, and struggling to find resources for several Security features.
I've been asking for months for additional help with a few features, but being
unable to find
Hello IoTivity Dev,
We've just merged a patch (https://gerrit.iotivity.org/gerrit/#/c/17993/) into
IoTivity Master branch that implements the "dos" Property on the pstat
Resource. This Property is mandatory as of OCF 1.0 and all OCF 1.0 devices
must implement it.
The IoTivity security stack
Hi folks,
FYI I also scrubbed the entire open JIRA tickets list and:
1. Applied a ?security? label to anything security-related that I found.
2. Marked as Resolved several ?security? issues that were outdated or
fixed.
3. Found many ?security? issues that were assigned to
Hi Mats,
Actually I considered the same question and couldn't come up with a perfect
answer. It seems to me that we either a) don't include the information (which
is very useful to project/release managers) or b) link to Kavi because there is
OCF only information in some of the documents
]
Sent: Monday, March 13, 2017 2:02 PM
To: Thiago Moura
Cc: iotivity-dev at lists.iotivity.org; Heldt-Sheller, Nathan
Subject: Re: [dev] svr db, static provisioning - help needed
hi thiago
On Mar 11, 2017 8:28 PM, "Thiago Moura" mailto:thiagogcm at gmail.com>> wrote:
Hi
I am facing a
Hi Uze, others,
As expected, there are still Security features that are not merged into Master.
The latest dashboard is available on Kavi and linked to from the 1.3 release
plan wiki page (https://wiki.iotivity.org/1.3_release_plan), which I am taking
as definitive.
As discussed, we expect
This is a good agenda start.
Can we add ?OIC 1.1 vs. OCF 1.0 Client User Guide? or some such? Basically, an
effort to create a document to describe very clearly the differences in
behavior between the two versions which Client must understand? I think Dwarka
has started such a document
Thanks for bringing this up against Mats, Phil,
I've been asking the same question... the Security features for 2.0 are being
developed against Master where possible, but for the most part, the changes are
still dependent on patches that haven't been cherry picked to Master. So we
have
I think this question was already answered by Prakash on Tuesday 12/20, but
there are also additional documents that should be helpful in understanding
IoTivity security on the wiki:
https://wiki.iotivity.org/iotivity_security
They are not entirely up to date, but still mostly accurate and
Hi Gregg, Nivedita,
I ran into the same build issue yesterday. IoTivity 1.2.0 worked without
issues when it was released. But it looks like the update to TinyCBOR since
then has broken the 1.2.0 release. As Kevin pointed out, 1.2.0 release
requires v0.3.2 of TinyCBOR.
This seems to be a
Hello, welcome and thanks for sharing your paper! Some interesting data points
in there? may I ask where the vulnerabilities data points come from (e.g. 90%
of devices with PII, etc.)?
For your reading, there is some useful information on the IoTivity security
code and design on the IoTivity
Hi Uze,
Thank you for managing another point release for 1.2.1.
May I suggest that we cannot freeze the 1.2-rel branch this time until CTT
successfully passes ALL tests? This way, we know we are truly not going to
have to make a 1.2.2 :)
We will certainly push as hard as possible to get all
Thanks Uze,
Agree fully with your plan to create 1.2.1 release. I suggest that we also
create a single patch that can be applied to 1.2.0-based projects, so Vendors
do not necessarily have to re-base. That way, there is a good chance that
Vendor only needs to apply patch to pass CTT 1.4.
So all maintainers must have a +1 from Uze before merging anything into 1.2-rel
branch. This is a good plan. Is there any way to enforce this in Gerrit?
At the very least, all developers/maintainers should ensure that Uze is
included as a reviewer on any patch submitted against 1.2-rel.
Hello,
Have you looked at the source for the provisioning tool? I believe that
?removing? a device in this app simply removes the provisioning information
from the tool side. The device itself is not necessarily reset (reverting to
owned=false is part of resetting, FYI). Resetting the
These are ALL certification issues.
The good news is I believe they are all resolved?
Thanks,
Nathan
From: ???(Uze Choi) [mailto:uzc...@samsung.com]
Sent: Thursday, October 6, 2016 4:00 AM
To: Heldt-Sheller, Nathan ; RANDEEP SINGH
Cc: iotivity-dev at lists.iotivity.org
Subject: Query
Hi Gregg,
Yes, you should be able to statically provision the .db file (i.e. provision
the device out-of-band/sidechannel, without going through for example the
JustWorks Owner Transfer Method per-se).
However, please note that there is more to that than just providing ACLs. The
onboarding
Hello!
Have you installed libboost?
$ sudo apt-get install libboost-all-dev
That's the first thing to try.
Thanks,
Nathan
From: iotivity-dev-bounces at lists.iotivity.org
[mailto:iotivity-dev-boun...@lists.iotivity.org] On Behalf Of Ward, Robert
Sent: Wednesday, September 28, 2016 11:35 PM
Hi folks,
To clarify, the ?runtime option? (#2 and #3) is not equivalent to the compile
switch Greg was describing.
The runtime option simply allows for ?unsecure? vertical resources (aka
application resources) to be created in such a way that they can be accessed
anonymously (e.g. via CoAP).
al Message-
From: ???(Uze Choi) [mailto:uzc...@samsung.com]
Sent: Tuesday, June 14, 2016 5:53 AM
To: Maloor, Kishen ; Heldt-Sheller, Nathan
; 'Clark, Steve' ;
Smith, Ned
Cc: 'Ih, Ronald' ; 'RANDEEP SINGH' ; iotivity-dev at lists.iotivity.org; security_wg at
openconnectivity.org
Subject: RE: [s
you know, it must be compiled with
SECURED=1 or 0.
Thanks,
Nathan
-Original Message-
From: Maloor, Kishen
Sent: Sunday, June 5, 2016 10:13 PM
To: Clark, Steve ; Smith, Ned
Cc: Heldt-Sheller, Nathan ; Ih, Ronald
; uzchoi at samsung.com; RANDEEP SINGH ; iotivity-dev at lists.iotivity.org;
Sent: Friday, June 3, 2016 5:09 PM
To: Ih, Ronald ; Heldt-Sheller, Nathan
; uzchoi at samsung.com; 'RANDEEP SINGH'
Cc: iotivity-dev at lists.iotivity.org; security_wg at openconnectivity.org
Subject: Re: [security_wg] RE: [dev] [feature request] merging
secure/non-secure IoTivity build binaries
by default, and
not certifiable.
Please share your thoughts and let me know if this is clear,
Thanks,
Nathan
From: ???(Uze Choi) [mailto:uzc...@samsung.com]
Sent: Thursday, June 2, 2016 6:41 PM
To: Heldt-Sheller, Nathan ; 'RANDEEP SINGH'
Cc: iotivity-dev at lists.iotivity.org; security_wg
to comment
From: ???(Uze Choi) [mailto:uzc...@samsung.com]
Sent: Wednesday, June 1, 2016 9:37 PM
To: Heldt-Sheller, Nathan ; 'RANDEEP SINGH'
Cc: iotivity-dev at lists.iotivity.org
Subject: RE: [dev] [feature request] merging secure/non-secure IoTivity build
binaries
Hi Nathan,
I?m sorry I missed
Hi Kyle,
The AMS as implemented in IoTivity is only a partial implementation of an
optional feature, and is slated for removal in the next release, because we
felt it was confusing. It's also mostly untested and was meant as a reference
beginning point but never was completed, the original
Hi Gabriel!
Here?s a wiki to get you started:
https://wiki.iotivity.org/security_resource_manager
If reading through this doesn?t get you going, please circle back to the dev
list, and we can try to help you get un-stuck.
Thanks,
Nathan
From: iotivity-dev-bounces at lists.iotivity.org
Hi John,
Strange that it would go from working to not working... it's working for me
(this morning and also checked just now).
Are you sure you have the correct (new) private key in your ~/.ssh dir?
Also, the public key update interface on gerrit is a bit strange... did you go
back and verify
Hello Hauke,
Somebody from Samsung (perhaps Randeep Singh?) will have to provide the
step-by-step for creating this file, as I do not know the process details.
However the background explanation is that this file stores the Security
Virtual Resource (SVR) data. This data defines the
Hi folks,
This is a gentle suggestion that you begin testing SECURED=1 builds if you are
not already, as the Certification Test Tool will require Security functions to
be enabled in order to pass. In other words, there are Security Tests in the
Certification Test Spec, and if your device
to do anything more on my end w.r.t. TinyDTLS, unless Craig
requests help from OSWG? is there something more you think I need to do?
Thanks,
Nathan
From: Lee, Dongik [mailto:dongik@samsung.com]
Sent: Wednesday, March 9, 2016 2:55 AM
To: RANDEEP SINGH ; Heldt-Sheller, Nathan
Cc: Macieira, Thiago
-Original Message-
From: Macieira, Thiago
Sent: Tuesday, March 8, 2016 3:45 PM
To: Heldt-Sheller, Nathan
Cc: iotivity-dev at lists.iotivity.org
Subject: Re: [dev] Tinydtls Fork
On ter?a-feira, 8 de mar?o de 2016 14:19:16 PST Heldt-Sheller, Nathan wrote:
> We have OIC-specific chan
We have OIC-specific changes to tinyDTLS that we should not lose, so we should
not drop our version. I didn't participate in those changes but I know they
are there and required to meet OIC Security Spec.
Thiago I wasn't aware we had resolved the TinyDTLS licensing issues... that's
good to
The persistent storage code for security is required for proper functionality.
You should not be disabling it unless you want your device to reset to a
'factory default' state every time it is rebooted.
If this is your intention, then you can implement a version that disables
persistent
Sachin, a HUGE thanks for all your hard work. Without your contribution we
would not have nearly the same progress we?ve had! You?ll be missed.
Whenever you get bored feel free to pop in and review some patches ;)
Thanks,
Nathan
From: iotivity-dev-bounces at lists.iotivity.org
than one
OIC stack, each stack must have a unique device ID within the platform.
Hope that helps,
Nathan
-Original Message-
From: Kis, Zoltan [mailto:zoltan@intel.com]
Sent: Wednesday, December 2, 2015 12:04 PM
To: Heldt-Sheller, Nathan
Cc: iotivity-dev at lists.iotivity.org
Subject
Hello Zoltan,
You are correct in your observation that DeviceID is not maintained across
resets in most of the test applications.
You are also correct that it is the job of the IoTivity stack to maintain the
DeviceID. Specifically, the Secure Resource Manager (SRM) owns the
oic.sec.doxm
author needs to be responsible for maintaining
an accurate set of ACE entries on the Server.
Thanks,
Nathan
From: Ashwini Sharma [mailto:ak.ashwini1...@gmail.com]
Sent: Thursday, November 26, 2015 1:29 AM
To: Heldt-Sheller, Nathan
Cc: iotivity-dev; Agrawal, Sachin
Subject: RE: [dev] SRM ACL/Policy
Hi Ashwini,
Good observation, and yes, this is correct: the Policy Engine will apply the
first ACE that matches the request?s subject and resource. It is up to the
policy author to ensure that the intended policy is reflected in the ACL of the
device.
Ambiguities such as duplicate ACE for
Thanks Sachin,
I don?t want to derail the main questions Sachin posed, regarding fallback
behavior and integration plan. However I?d like to elaborate a little more on
the highlighted section below, since we have already discussed several ways to
implement this platform-specific persistent
const char* source, size_t
maxSrcSize);
I was using strncpy_S from microsoft as my template. Additionally, I want to
guarantee that it will append \0 in the last spot of the dest array.
-Erich
On Wed, 2015-05-20 at 23:02 +0000, Heldt-Sheller, Nathan wrote:
> Erich can you share what "
Erich can you share what "safe" version you are using as a replacement? Are
you aware of strlcpy and strlcat?
Thanks,
Nathan
-Original Message-
From: iotivity-dev-bounces at lists.iotivity.org
[mailto:iotivity-dev-boun...@lists.iotivity.org] On Behalf Of Lankswert, Patrick
Sent:
Hi Sandeep,
No, sorry there is no guide for building security-M3 branch for Android.
This is something that needs doing, certainly. I suspect it will percolate to
the top of someone?s priority list when Android support is merged into Master
and security-M3 is getting ready to be merged into
Good point Pat, since the board is ?not supported? issues may develop and not
be found in testing, especially as time goes on and the tested version diverges
from the head.
However currently, the Edison board example for IoTivity is pretty
well-documented? I?ve followed the instructions on the
59 matches
Mail list logo