| Björn, 
      If you:
       
        have signed the Eclipse CLA form, 
you are contributing code that you wrote yourself, andare doing so with the permission of your employer
 
      then you're done all the paperwork, and can make contributions to
      Leshan. I hope that's not too onerous.
       
      On 19/10/2015 10:16 AM, Björn Eriksson wrote:
    
      
      
      Thank you for the inputs Kai!
 
 I noticed that you could
          need some help in this area and surely we will contribute our
          changes/implementations when the time is ready, It will
          probably take some time with that due to the "Eclipse
            Foundation's strict IP policy". I haven't had any time to
          figure out how it is working but I have at least signed the
          agreement to do so :)
 
 
        
 
          Björn,
 I have to admit that I am (currently) not that
            deep into the bootstrap server code. However, my
            understanding is that we currently do not have a standard
            way of sharing the key material between bootstrap server and
            lwm2m server. That said, I think you are free to implement
            whatever mechanism you feel appropriate in your environment.
            The bootstrap server surely can use some improvements in
            this area. In particular, we do not have standard credential
            stores implemented yet that could be shared by both servers,
            e.g. based on a DB or a cache server etc. Your help with
            this woul be highly appreciated though. Maybe yiu could
            start with a first implementation that fits your use case
            and contribute the code? Regarding your second question: I
            think our assumption so far has been that key creation is
            handled by existing solutions for that purpose like PKI
            Certificate Authority software or even some homegrown system
            based on openssl. If I am not mistaken, you can also use the
            standard Jave Crypto Api to create key pairs...Again, we could really use some help in this area, so I
            would like to encourage you to really think about helping
            out :-)
 Regards,Kai
 
 
            
            
              
                Hi Kai,  
 Thank you for your fast reply and my apologizes for vague
                    questions.  It is one question regarding the
                    secure communication and
                  the other one
                  about provisioning key material as part of lwm2m's bootstrapping process 
 1: establishing a
                  secure
                    communication channel for the lwm2m protocol.  We do have a successful bootstrap process which
                  returns the serverPublicKey, publicKey, e.t.c. in the
                  bootstrap config. Hence, I assume my question should
                  have been how does the lwm2m server and bootstrap
                  server share those keys? Is it approved to store it in
                  a database which both can utilize? Or does both of
                  them magically generate two identical keys?
 2: provisioning key material as part of
                    lwm2m's bootstrapping process
 Was basically asking for pointers, best practice, or
                  any "de facto" open source library for generating
                  secure, unique private and public keys used in the
                  RPK_SEC mode. Obviously we would like to follow the
                  lwm2m protocol standard in the keys
 
 
 
 
                _______________________________________________
                  
                    Hi Björn, I am not 100% sure if I get your
                      question right. Are you talking about establishing
                      a secure communication channel over which the
                      lwm2m protocol is supposed to be run or are you
                      talking about provisioning key material as part of
                      lwm2m's bootstrapping process? Regards,Kai
 
                      
                      
                        
                          _______________________________________________Hello,
 
 Could anyone explain how the client and
                            server are supposed to exchange their public
                            keys? 
 Are there any suggested java library
                            to generate the points (x,y,s) for elliptic
                            curve, that is
                              used while generating the public and
                              private keys?  
 Many thanks!
 Björn
 
                           leshan-dev mailing list
 leshan-dev@xxxxxxxxxxx
 To change your delivery options, retrieve your
                        password, or unsubscribe from this list, visit
 https://dev.eclipse.org/mailman/listinfo/leshan-dev
 
 leshan-dev mailing list
 leshan-dev@xxxxxxxxxxx
 To change your delivery options, retrieve your password,
              or unsubscribe from this list, visit
 https://dev.eclipse.org/mailman/listinfo/leshan-dev
 
 
 
 _______________________________________________
leshan-dev mailing list
leshan-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/leshan-dev
 
 
 |