You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mynewt.apache.org by GitBox <gi...@apache.org> on 2019/07/23 23:40:29 UTC
[GitHub] [mynewt-newtmgr] ccollins476ad opened a new pull request #132:
Remove security requirements from CoAP commands
ccollins476ad opened a new pull request #132: Remove security requirements from CoAP commands
URL: https://github.com/apache/mynewt-newtmgr/pull/132
This PR removes a feature that has been unused for years.
Initially, the idea was that each CoAP resource would be defined with one of the following security levels:
* public (no security)
* unauthenticated (encryption)
* secure (encryption and authentication)
A session (connection) would be secured in a transport-specific way, but the main transport under consideration was Bluetooth. In Bluetooth, characteristics are assigned security levels resembling the three above. To implement this defunct security mechanism in CoAP-over-Bluetooth, we would need three different characteristics, one corresponding to each security level. When sending a CoAP request, the newtmgr client would choose the correct characteristic based on the secure state of the connection.
This security policy has not been supported in Mynewt for a few years. The code implementing it is unused and unmaintained, so I am removing it now.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services