Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [m2m-iwg] Authentication in CoAP

Hi

 

Indeed authentication in CoAP is fully done through DTLS. There is a sub-group in CoRE that discusses the specifics of authentication/authorization with the plan to select an appropriate security framework. A summary of the last meeting can be found here:

 

http://tools.ietf.org/agenda/88/slides/slides-88-core-0.pdf (slides 76-106)

 

So, for questions that are not answered in the drafts, the CoRE mailing list (core@xxxxxxxx) might also be a good place.

 

Ciao

Matthias

 

 

From: Ian Skerrett [mailto:ian.skerrett@xxxxxxxxxxx]
Sent: Mittwoch, 29. Januar 2014 17:04
To: 'm2m Industry Working Group'
Cc: Kovatsch Matthias
Subject: RE: [m2m-iwg] Authentication in CoAP

 

Fwiw, I suggest Tim to ask the question here since I have no other place. I think once Californium becomes an Eclipse project, using their mailing list would be appropriate.

 

Adding Matthias Kovatsch to the cc to make sure he sees this email thread. He might also have a better place to have this conversation. I would encourage we keep in on a public mailing list or forum so everyone can learn from it.

 

Ian

 

 

From: m2m-iwg-bounces@xxxxxxxxxxx [mailto:m2m-iwg-bounces@xxxxxxxxxxx] On Behalf Of Tim Kellogg
Sent: January-29-14 10:59 AM
To: m2m Industry Working Group
Subject: Re: [m2m-iwg] Authentication in CoAP

 

Hi Julien,

 

Could you elaborate on how to use DTLS for authentication? Is this similar to how Github uses public keys to identify & authenticate when pushing?

 

Tim Kellogg

Sr. Software Engineer, Protocols

2lemetry

 

On January 29, 2014 at 8:56:41 AM, Julien Vermillard (jvermillard@xxxxxxxxx) wrote:

Hi,
I'm not sure it's the good mailing list for this kind of question, but
I'm not sure which one is the good one :)

CoAP doesn't support auth in the way HTTP.
I think if you want to add security (authentication) on top of CoAP
the usual way is to use DTLS (which is supported by Californium).

The LWM2M ACL model is really specific to the problem it's solving:
device management with multiple servers, I don't think it's what you
are looking for.

HTH
Julien

--
Julien Vermillard :::: http://people.apache.org/~jvermillard/

On Wed, Jan 29, 2014 at 4:18 PM, Tim Kellogg <tim@xxxxxxxxxxxx> wrote:
> Hi,
>
> I'm working with Californium and I'm stuck on authenticating the sender. Is
> there some sort of analogous construct to HTTP's Authorization header?
>
> I've heard that lwm2m has an ACL object that might be used for this, but
> does lwm2m integrate with Californium?
>
> Thanks,
> Tim
>
>
> _______________________________________________
> m2m-iwg mailing list
> m2m-iwg@xxxxxxxxxxx
> https://dev.eclipse.org/mailman/listinfo/m2m-iwg
>
_______________________________________________
m2m-iwg mailing list
m2m-iwg@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/m2m-iwg

Back to the top