|CoAP via DTLS with secure transport only [message #1718283]
||Tue, 22 December 2015 06:19
| Klaus Schroiff
Registered: December 2015
I am a bit confused regarding the way how CoAP works over DTLS - probably also because of the research papers out there suggesting what could be done so I'm now in a state where I don't know anymore what has been done actually.
The thing that produces headaches on my side is the definition of authentication. Is it the authentication solely on packet level for creating the secure transport or is it the authentication on tenant (application-) level ?
During testing I created two separate keystores for client and server (client key not stored in the server keystore). Now whatever I set as "ClientAuthenticationRequired" on the server - it doesn't make a difference - the request comes through anyway (which is good enough for us as long as the connection is encrypted).
Our problem scenario:
We are offering a multi-tenant cloud service. The idea is to use a CoAP cross proxy (farm) to map from CoAP(s) to HTTP for further processing. The Cross-Proxy instances have _no_ tenant notion so I'd like to use DTLS for secure transport only. The credentials will be provided in the (encrypted) payload.
[Updated on: Wed, 23 December 2015 04:50]
Report message to a moderator
Powered by FUDForum
. Page generated in 0.01993 seconds