Re: [cf-dev] Request/Response matching for DTLS-Secured exchange

["Kovatsch Matthias" <kovatsch@xxxxxxxxxxx>]

I'm agree with the "strict mode", I think we could do that in a second time. Do you think there is a chance we will be able to change the spec?

This requires more research and experience. The spec currently uses this conservative approach, because at the time of writing, it was not clear what attacks would become possible. I want the support in Californium so we can figure this out by using it in appropriate cases. Only then we should think about updating the spec.

The complexity will be to get the security context from scandium to the Matcher class in an elegant way. The principle is not really needed, we need :
- the session ID + the epoch for strict mode.
- the session ID + the cipher suite for flexible mode.

I was thinking about a similar mechanism as the Principle for requests. We could use something like the strategy pattern to create the right hashmap key for matching (by returning the proper key object similar to the current KeyMID, KeyToken, KeyUri). When the message comes from a normal CoapEndpoint, it returns the remote endpoint address; for DTLS the security context.

I suppose we could add Security Contex at message level in a same way we add the principle but this is done only at request reception and we need it when we send a message too. (to fill the exchangeBy* maps).
Maybe we could had a getSecurityContext(InetSocketAddress) on Connector, we can call it to fill the exchangeBy* maps before we send a message ? But this solution seems to have a "transactional" issue. (I mean If an handshake is done between the "getSecurityContext" and the "Connector.send" :(

Yes. Also this implies security for the normal CoapEndpoint, and hence also a dependency on Scandium, even when it is not used.