lwm2m-node-lib icon indicating copy to clipboard operation
lwm2m-node-lib copied to clipboard

Published 20 hours ago verified publisher icon telefonicaid

[WIP] DTLS Implementation

Open m4n3dw0lf opened this issue 6 years ago • 4 comments

Described here: https://github.com/m4n3dw0lf/SecureFiware Not shure if need some adjustments or something to merge in the master branch, any feedback will be appreciated.

m4n3dw0lf avatar Apr 03 '18 03:04 m4n3dw0lf

@m4n3dw0lf First of all, thanks for your contribution! :) I particularly find this PR very interesting in order to add security to the link between devices and the IOTA.

Some very high-level comments before doing a more deep review:

  • I have seen that you PR relies on https://github.com/Rantanen/node-dtls. As it is stated, this is a WIP and 'No Maintenance Intended'. It also says that ' there has been no effort to protect it against well known TLS attacks'. I am not sure if this is the best baseline technology to implement DTLS in this library. What do you think?
  • You PR does not contain any kind of test that covers specifically the extensions you are adding. This would be require in order to go on with the PR process.

dcalvoalonso avatar Apr 03 '18 06:04 dcalvoalonso

@dcalvoalonso I agree with you that this is not the perfect approach to DTLS implementation in the library, but because of lack of resources and lack of dtls support in the coap library, this was the only simple and quick way to implement such a solution that at my view is crucial, I see the solution at the moment just as a proof of concept, SecureFiware's intention is to improve over time and improve not only this DTLS solution but also the security in other components of the Fiware.

As for the DTLS library, I have already performed the fork of the same and intend to do a review and improve it as far as possible.

Regarding this extension tests cases, I intend to implement as soon as possible, in fact I am quite perfectionist, I just opened the pull request for the fact that @fgalan have requested the same, as I still think the SecureFiware project is well in the beginning v0.0.1 however I believe it has margin to help the platform that I believe will predominate in the internet of the future.

PS: It might be better to support DTLS but not have the best implementation than not support

m4n3dw0lf avatar Apr 03 '18 14:04 m4n3dw0lf

any news about this pull request?

dherykw avatar Jul 03 '20 09:07 dherykw

any news about this pull request?

Last news on this is (from @m4n3dw0lf ):

Regarding this extension tests cases, I intend to implement as soon as possible, in fact I am quite perfectionist, I just opened the pull request for the fact that @fgalan have requested the same, as I still think the SecureFiware project is well in the beginning v0.0.1 however I believe it has margin to help the platform that I believe will predominate in the internet of the future.

Maybe @m4n3dw0lf could provide an update.

fgalan avatar Jul 07 '20 13:07 fgalan