To. Simon Bernard
Thanks for your reply.
I have used server authentication only for OMA DM X.509 certificate mode before.
So, I guess same method could apply to LwM2M rpk mode instead of x.509 certificate mode.
Use case is firmware update over NB-IoT.
To. Hudalla Kai.
> In your setup, do you want to prevent the client from being authenticated at all
> or do you want to use an X.509 certificate on the client and a RawPublicKey on
> the server?
I want no client authentication at all.
--------- Original Mail ---------
From: Simon Bernard , Date: 2017/2/13, 11:32:48 +0900
Leshan does not support Server authentication only (I mean
without client authentication).
I don't think the LWM2M specification allow this.
May I ask what exactly is your use case ?
Simon
Le 10/02/2017 à 01:39, Joseph Cho a
écrit :
Hi,
>The leshan-server-demo supports only PSK and
RPK
Thanks for your reply.
Let me rephrase my question.
For rpk , I test the case
"Client and Server Use Raw Public Keys"
(cf https://tools.ietf.org/html/rfc7250#section-5.2 )
and handshake is ok (see Fig.1 below).
I test another one , which is the case "
Server Uses a Raw Public Key"
(cf. https://tools.ietf.org/html/rfc7250#section-5.1 ).
My question is here.
If client does not use a raw public and server use a
raw public,
it seems leshan-server doesn't work properly after
client hello in handshake protocol.
Hello Verify Request doesn't come from server. (see
Fig.2 below)
Does leshan-server or leshan-server-demo supports
both "Client and Server Use Raw Public Keys" case and
"Server Uses a Raw Public Key" case?
Thanks,
Joseph
[Fig.1]
[Fig.2]
--------- Original Mail ---------
From: Simon Bernard
, Date: 2017/2/9 Thur, 14:47:46 +0900
Hi,
The leshan-server-demo supports only PSK and
RPK. (x509 is not supported)
Simon
Hi, all
I modified the wakaama client for
supporting rpk mode (both server and
client)
and sucessfully work with leshan
server.
But I have no respone after client
hello in handshake protocol for
setting server rpk mode only.
Using wireshark I checked extension
client_certificate_type info is
omitted in client hello
and other info. is same as rpk mode
supporting both server and client
side.
My question is "Doesn't leshan
server support server rpk mode only?"
FYI, I use leshan server version
getting from here
https://hudson.eclipse.org/leshan/job/leshan/lastSuccessfulBuild/artifact/leshan-server-demo.jar
Thank you.
|
|