Skip to content

[WIP] DTLS Implementation #127

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
m4n3dw0lf wants to merge 3 commits into
base: master
Choose a base branch
from
Open

[WIP] DTLS Implementation #127

m4n3dw0lf wants to merge 3 commits into from

Conversation

@m4n3dw0lf
Copy link

@m4n3dw0lf m4n3dw0lf commented Apr 3, 2018

Described here: https://github.com/m4n3dw0lf/SecureFiware
Not shure if need some adjustments or something to merge in the master branch, any feedback will be appreciated.

@dcalvoalonso
Copy link
Contributor

dcalvoalonso commented Apr 3, 2018

@m4n3dw0lf First of all, thanks for your contribution! :) I particularly find this PR very interesting in order to add security to the link between devices and the IOTA.

Some very high-level comments before doing a more deep review:

  • I have seen that you PR relies on https://github.com/Rantanen/node-dtls. As it is stated, this is a WIP and 'No Maintenance Intended'. It also says that ' there has been no effort to protect it against well known TLS attacks'. I am not sure if this is the best baseline technology to implement DTLS in this library. What do you think?
  • You PR does not contain any kind of test that covers specifically the extensions you are adding. This would be require in order to go on with the PR process.

@m4n3dw0lf
Copy link
Author

m4n3dw0lf commented Apr 3, 2018
edited
Loading

@dcalvoalonso I agree with you that this is not the perfect approach to DTLS implementation in the library, but because of lack of resources and lack of dtls support in the coap library, this was the only simple and quick way to implement such a solution that at my view is crucial, I see the solution at the moment just as a proof of concept, SecureFiware's intention is to improve over time and improve not only this DTLS solution but also the security in other components of the Fiware.

As for the DTLS library, I have already performed the fork of the same and intend to do a review and improve it as far as possible.

Regarding this extension tests cases, I intend to implement as soon as possible, in fact I am quite perfectionist, I just opened the pull request for the fact that @fgalan have requested the same, as I still think the SecureFiware project is well in the beginning v0.0.1 however I believe it has margin to help the platform that I believe will predominate in the internet of the future.

PS: It might be better to support DTLS but not have the best implementation than not support

@m4n3dw0lf m4n3dw0lf mentioned this pull request Apr 3, 2018
Open
@m4n3dw0lf m4n3dw0lf changed the title DTLS Implementation [WIP] DTLS Implementation Apr 4, 2018
@dherykw
Copy link

dherykw commented Jul 3, 2020

any news about this pull request?

@fgalan
Copy link
Member

fgalan commented Jul 7, 2020

any news about this pull request?

Last news on this is (from @m4n3dw0lf ):

Regarding this extension tests cases, I intend to implement as soon as possible, in fact I am quite perfectionist, I just opened the pull request for the fact that @fgalan have requested the same, as I still think the SecureFiware project is well in the beginning v0.0.1 however I believe it has margin to help the platform that I believe will predominate in the internet of the future.

Maybe @m4n3dw0lf could provide an update.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@m4n3dw0lf @dcalvoalonso @dherykw @fgalan