Re: [Acme] ACME signature mechanics
Hannes Tschofenig <hannes.tschofenig@gmx.net> Thu, 18 December 2014 14:43 UTC
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B22EB1A89ED for <acme@ietfa.amsl.com>; Thu, 18 Dec 2014 06:43:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y1j55D2XOWLF for <acme@ietfa.amsl.com>; Thu, 18 Dec 2014 06:42:59 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1C3221A89F1 for <acme@ietf.org>; Thu, 18 Dec 2014 06:42:59 -0800 (PST)
Received: from [192.168.131.138] ([80.92.123.25]) by mail.gmx.com (mrgmx102) with ESMTPSA (Nemesis) id 0MZOan-1YMiyP0TK1-00LEMo; Thu, 18 Dec 2014 15:42:52 +0100
Message-ID: <5492E7EA.9000300@gmx.net>
Date: Thu, 18 Dec 2014 15:42:50 +0100
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0
MIME-Version: 1.0
To: Phillip Hallam-Baker <phill@hallambaker.com>
References: <548FF9E3.1020703@gmail.com> <CAL02cgT9iYqtX2Ui5XQYnj=yeF_QnSkKn-jE0D5d56WMzB5bBg@mail.gmail.com> <CAMm+LwjwG0dPTkByu5WZ_ev3xNxAMwunoc-A_VK4sKPSZXRYDw@mail.gmail.com> <006c01d01a33$2b086890$811939b0$@icloud.com> <CABkgnnWGQarDzpx-3f488OF2w3eyTV1iUr4GWyND+_avRHNZ6w@mail.gmail.com> <004901d01a94$55e9ebe0$01bdc3a0$@icloud.com> <54928827.9030009@gmail.com> <CAMm+Lwifqgt9e_i=froACzGW3bsY05KBiJJFBRJrqJcZrEqN8A@mail.gmail.com> <5492CF1B.7010508@gmx.net> <CAMm+LwgL0j-FjsUv4NSonvHcjJLpSB8JUbNNGmRvyqi37B+K7g@mail.gmail.com> <5492D548.4010709@gmx.net> <CAMm+LwiN9Q8wiP=uLXRtq=f12C=VGwRa_K94u+dcGf+BHxAkfg@mail.gmail.com>
In-Reply-To: <CAMm+LwiN9Q8wiP=uLXRtq=f12C=VGwRa_K94u+dcGf+BHxAkfg@mail.gmail.com>
OpenPGP: id=4D776BC9
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="oJfINucR08ewuB8aQNJFKLNn9qgJ9SgMA"
X-Provags-ID: V03:K0:DBkv5bJObmg78+oGffzF3OFEHYMr3YyhACSGU8wK9PS2WTk4JSv IhJuIy6jbqmODJ+z6KOvMp7pzmOidkPb9CIfdOcqel0WqvrdFLSe56znSl8xsvPkci5dVUk y95MJzIqaA9LWHDHYMo5/zEGNH4FUfQ9ohGQlLKUpKcmhk92cgwT+zfnZjDo4eAf9cfcp2c 0wCfU+xwrJdJ4fV53loUw==
X-UI-Out-Filterresults: notjunk:1;
Archived-At: http://mailarchive.ietf.org/arch/msg/acme/saOCHdQ4SoZjmdXBbZsDxLr4eEY
Cc: Richard Barnes <rlb@ipv.sx>, Martin Thomson <martin.thomson@gmail.com>, "acme@ietf.org" <acme@ietf.org>, Trevor Freeman <trevor.freeman99@icloud.com>, Anders Rundgren <anders.rundgren.net@gmail.com>
Subject: Re: [Acme] ACME signature mechanics
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Dec 2014 14:43:01 -0000
Hi Phillip, the relevant OMA specification can be found here: http://openmobilealliance.org/about-oma/work-program/m2m-enablers/ (Click on the 'OMA Lightweight M2M (LWM2M) protocol' for the version for IoT devices and 'OMA Device Management (DM)' for the stuff that is used on mobile phones.) Here is a tutorial: http://community.arm.com/servlet/JiveServlet/previewBody/8693-102-3-15745/ARM%20OMA%20Lightweight%20M2M%20Tutorial.pdf When you look through the tutorial then you will see that IoT devices need more than just credentials (which is why the specification talks a lot about device management). Here is open source code: https://github.com/jvermillard/leshan https://github.com/01org/liblwm2m The next interop event will take place in January 2015: http://openmobilealliance.org/oma-lwm2m-testfest-registration-now-open/ > IoT is not going to be a special case of the Internet The LWM2M specification re-uses the work from the CORE working group (including CoAP, and CoAP resource server), DTLS, JSON and many IETF other specifications. Still, the needs for provisioning a certificate to a Web server are, however, different from provisioning a light bulb. Judging from the abstract of the ACME specification their document is focused on the Web and nothing else. That's fine (delta the duplication of already existing work in that area). Ciao Hannes On 12/18/2014 03:11 PM, Phillip Hallam-Baker wrote: > > > On Thu, Dec 18, 2014 at 8:23 AM, Hannes Tschofenig > <hannes.tschofenig@gmx.net <mailto:hannes.tschofenig@gmx.net>> wrote: > > Hi Phillip, > > we already have a mechanism for issuing certificates to embedded > devices, namely OMA Lightweight M2M. It is already used today. > That specification is a version of the OMA device management protocol > (which is also widely used) but uses different protocols that are more > suitable for the embedded side, such as CoAP and JSON. > > Hence, I doubt that this work is something the IoT community is > asking for. > > > Is there a pointer to the spec that is publicly accessible? > > In the short term that might be the case. But in the longer term IoT is > not going to be a special case of the Internet, it is going to be the > Internet. > > I think you are making a case for looking at the OMA protocol and > deciding if we can use it. >
- [Acme] ACME signature mechanics Manger, James
- Re: [Acme] ACME signature mechanics Richard Barnes
- Re: [Acme] ACME signature mechanics Manger, James
- Re: [Acme] ACME signature mechanics Richard Barnes
- Re: [Acme] ACME signature mechanics Anders Rundgren
- Re: [Acme] ACME signature mechanics Richard Barnes
- Re: [Acme] ACME signature mechanics Anders Rundgren
- Re: [Acme] ACME signature mechanics Anders Rundgren
- Re: [Acme] ACME signature mechanics Nico Williams
- Re: [Acme] ACME signature mechanics Nico Williams
- Re: [Acme] ACME signature mechanics Anders Rundgren
- Re: [Acme] ACME signature mechanics Phillip Hallam-Baker
- Re: [Acme] ACME signature mechanics Nico Williams
- [Acme] Integrated with CSR. Re: ACME signature me… Anders Rundgren
- Re: [Acme] ACME signature mechanics Trevor Freeman
- Re: [Acme] ACME signature mechanics Martin Thomson
- Re: [Acme] ACME signature mechanics Phillip Hallam-Baker
- Re: [Acme] ACME signature mechanics Phillip Hallam-Baker
- Re: [Acme] ACME signature mechanics Nico Williams
- Re: [Acme] ACME signature mechanics Phillip Hallam-Baker
- Re: [Acme] ACME signature mechanics Nico Williams
- Re: [Acme] ACME signature mechanics Phillip Hallam-Baker
- Re: [Acme] ACME signature mechanics Trevor Freeman
- Re: [Acme] ACME signature mechanics Anders Rundgren
- Re: [Acme] ACME signature mechanics Anders Rundgren
- Re: [Acme] ACME signature mechanics Anders Rundgren
- Re: [Acme] ACME signature mechanics Phillip Hallam-Baker
- Re: [Acme] ACME signature mechanics Phillip Hallam-Baker
- Re: [Acme] ACME signature mechanics Hannes Tschofenig
- Re: [Acme] ACME signature mechanics Hannes Tschofenig
- Re: [Acme] ACME signature mechanics Phillip Hallam-Baker
- Re: [Acme] ACME signature mechanics Hannes Tschofenig
- Re: [Acme] ACME signature mechanics Anders Rundgren
- Re: [Acme] ACME signature mechanics Trevor Freeman
- Re: [Acme] ACME signature mechanics Phillip Hallam-Baker
- Re: [Acme] ACME signature mechanics Anders Rundgren
- Re: [Acme] ACME signature mechanics Anders Rundgren
- Re: [Acme] ACME signature mechanics Martin Thomson
- Re: [Acme] ACME signature mechanics Anders Rundgren