-
Notifications
You must be signed in to change notification settings - Fork 423
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Encrypted multicast #1299
Comments
Interesting question, not sure that it has properly been solved. Part of the challenge here is that if the data / file information does not fit into a single packet, then following the current CoAP RFCs, the second and subsequent packets needed to transfer the remainder of the data have to be done using Unicast. It maybe that you need to consider using Group OSCORE to do the encryption rather than DTLS. This is not currently supported by libcoap (no plans) see I-D.ietf-core-oscore-groupcomm possibly using a mechanism as described in I-D.ietf-core-observe-multicast-notification |
For DTLS: |
Hello,
I have a network with multiple nodes and I have to send the same data or file to each of them, e.g., a firmware update. I am currently evaluating CoAP (+DTLS) for the "regular" data exchange and I wonder how I could transfer also short data or files using multicast. I understand that DTLS and multicast is not possible. Do you have an idea how (lib)CoAP could help here or would I have to simply handle all the encryption/signatures myself in the CoAP payload?
Simply encrypting CoAP packets using an own session PSK (that is distributed, e.g., using regular CoAP+DTLS at startup) would already help here, I think. Would the CoAP message id already suffice as replay protection in such a case? Is this something libcoap could do in the future or do you think this would be out of scope or a bad idea in general?
Thank you!
The text was updated successfully, but these errors were encountered: