Re: [leshan-dev] no response after client hello with server rpk mode onl

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [leshan-dev] no response after client hello with server rpk mode only

From: Joseph Cho <pspice27@xxxxxxxxxxx>
Date: Tue, 14 Feb 2017 10:32:59 +0900 (KST)
Delivered-to: leshan-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/leshan-dev>
List-help: <mailto:leshan-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/leshan-dev>, <mailto:leshan-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/leshan-dev>, <mailto:leshan-dev-request@eclipse.org?subject=unsubscribe>

To. Simon Bernard

Thanks for your reply.

I have used server authentication only for OMA DM X.509 certificate mode before.

So, I guess same method could apply to LwM2M rpk mode instead of x.509 certificate mode.

Use case is firmware update over NB-IoT.

To. Hudalla Kai.

> In your setup, do you want to prevent the client from being authenticated at all

> or do you want to use an X.509 certificate on the client and a RawPublicKey on

> the server?

I want no client authentication at all.

--------- Original Mail ---------

From: Simon Bernard , Date: 2017/2/13, 11:32:48 +0900

Leshan does not support Server authentication only (I mean without client authentication).

I don't think the LWM2M specification allow this.

May I ask what exactly is your use case ?

Simon

Le 10/02/2017 à 01:39, Joseph Cho a écrit :

Hi,

>The leshan-server-demo supports only PSK and RPK

Thanks for your reply.

Let me rephrase my question.

For rpk , I test the case

"Client and Server Use Raw Public Keys"

(cf https://tools.ietf.org/html/rfc7250#section-5.2 )

and handshake is ok (see Fig.1 below).

I test another one , which is the case "

Server Uses a Raw Public Key"

(cf. https://tools.ietf.org/html/rfc7250#section-5.1 ).

My question is here.

If client does not use a raw public and server use a raw public,

it seems leshan-server doesn't work properly after client hello in handshake protocol.

Hello Verify Request doesn't come from server. (see Fig.2 below)

Does leshan-server or leshan-server-demo supports

both "Client and Server Use Raw Public Keys" case and

"Server Uses a Raw Public Key" case?

Thanks,

Joseph

[Fig.1]

[Fig.2]

--------- Original Mail ---------

        From: Simon Bernard , Date: 2017/2/9 Thur, 14:47:46 +0900


Hi,

   The leshan-server-demo supports only PSK and RPK. (x509 is not supported)

Simon

Le 09/02/2017 à 11:42, pspice27@xxxxxxxxxxx a écrit :

Hi, all

I modified the wakaama client for supporting rpk mode (both server and client)

and sucessfully work with leshan server.

But I have no respone after client hello in handshake protocol for setting server rpk mode only.

Using wireshark I checked extension client_certificate_type info is omitted in client hello

and other info. is same as rpk mode supporting both server and client side.

My question is  "Doesn't leshan server support server rpk mode only?"

FYI, I use leshan server version getting from here

https://hudson.eclipse.org/leshan/job/leshan/lastSuccessfulBuild/artifact/leshan-server-demo.jar

Thank you.

Follow-Ups:
- Re: [leshan-dev] no response after client hello with server rpk mode only
  - From: Hudalla Kai (INST/ESY1)

Prev by Date: Re: [leshan-dev] no response after client hello with server rpk mode only
Next by Date: Re: [leshan-dev] no response after client hello with server rpk mode only
Previous by thread: Re: [leshan-dev] no response after client hello with server rpk mode only
Next by thread: Re: [leshan-dev] no response after client hello with server rpk mode only
Index(es):
- Date
- Thread

Breadcrumbs

"Client and Server Use Raw Public Keys"

Server Uses a Raw Public Key"

both "Client and Server Use Raw Public Keys" case and

"Server Uses a Raw Public Key" case?