Björn,
If you:
- have signed the Eclipse CLA form,
- you are contributing code that you wrote yourself, and
- are doing so with the permission of your employer
then you're done all the paperwork, and can make contributions to
Leshan. I hope that's not too onerous.
On 19/10/2015 10:16 AM, Björn Eriksson wrote:
Thank you for the inputs Kai!
I noticed that you could
need some help in this area and surely we will contribute our
changes/implementations when the time is ready, It will
probably take some time with that due to the "Eclipse
Foundation's strict IP policy". I haven't had any time to
figure out how it is working but I have at least signed the
agreement to do so :)
Björn,
I have to admit that I am (currently) not that
deep into the bootstrap server code. However, my
understanding is that we currently do not have a standard
way of sharing the key material between bootstrap server and
lwm2m server. That said, I think you are free to implement
whatever mechanism you feel appropriate in your environment.
The bootstrap server surely can use some improvements in
this area. In particular, we do not have standard credential
stores implemented yet that could be shared by both servers,
e.g. based on a DB or a cache server etc. Your help with
this woul be highly appreciated though. Maybe yiu could
start with a first implementation that fits your use case
and contribute the code? Regarding your second question: I
think our assumption so far has been that key creation is
handled by existing solutions for that purpose like PKI
Certificate Authority software or even some homegrown system
based on openssl. If I am not mistaken, you can also use the
standard Jave Crypto Api to create key pairs...
Again, we could really use some help in this area, so I
would like to encourage you to really think about helping
out :-)
Regards,
Kai
Hi Kai,
Thank you for your fast reply and my apologizes for vague
questions.
It is one question regarding the
secure communication and
the other one
about provisioning key material as part of lwm2m's bootstrapping process
1: establishing a
secure
communication channel for the lwm2m protocol.
We do have a successful bootstrap process which
returns the serverPublicKey, publicKey, e.t.c. in the
bootstrap config. Hence, I assume my question should
have been how does the lwm2m server and bootstrap
server share those keys? Is it approved to store it in
a database which both can utilize? Or does both of
them magically generate two identical keys?
2: provisioning key material as part of
lwm2m's bootstrapping process
Was basically asking for pointers, best practice, or
any "de facto" open source library for generating
secure, unique private and public keys used in the
RPK_SEC mode. Obviously we would like to follow the
lwm2m protocol standard in the keys
Hi Björn,
I am not 100% sure if I get your
question right. Are you talking about establishing
a secure communication channel over which the
lwm2m protocol is supposed to be run or are you
talking about provisioning key material as part of
lwm2m's bootstrapping process?
Regards,
Kai
Hello,
Could anyone explain how the client and
server are supposed to exchange their public
keys?
Are there any suggested java library
to generate the points (x,y,s) for elliptic
curve, that is
used while generating the public and
private keys?
Many thanks!
Björn
_______________________________________________
leshan-dev mailing list
leshan-dev@xxxxxxxxxxx
To change your delivery options, retrieve your
password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/leshan-dev
_______________________________________________
leshan-dev mailing list
leshan-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password,
or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/leshan-dev
_______________________________________________
leshan-dev mailing list
leshan-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/leshan-dev
|