On 06/26/2015 07:31 AM, Light, John J wrote: > Abhishek, > > The current use of assigned numbers in the security code violates > Internet conventions, so it must change. I have written about this, and > I am incorporating the needed infrastructure changes in the IPv6 rewrite > of the IP Adapter. Once the IP Adapter is merged, the security code can > be re-aligned to use sockets differently. >
Agree with John here. He is planning to to update 'IP Port' handling in CA layer for IPv6 changes where '5684' will be effectively used 'ONLY' for 'multicasting' for secure resources and therefore it will be invoked with 'reuse_address' option. Until that happens, it is preferable to continue using ?5684? for unicast secure communication by first Iotivity instance(and later instances on the same machine can pick up a random port for secure communication). This will allow us to use Iotivity stack for security testing in upcoming PlugFest 3 and also for any internal testing and adding new features for Security. > John Light > > > > *From:*Abhishek Sharma [mailto:ce.abhishek at samsung.com] > *Sent:* Friday, June 26, 2015 2:05 AM > *To:* Agrawal, Sachin; Light, John J; hyuna jo > *Cc:* iotivity-dev at lists.iotivity.org > *Subject:* Re: [dev] dtls issue for "IP address plumbing changes to > support IPv6" changed > > > > Hi Sachin > > > > Yes as per the change, if a fixed port is requested, it is shared with > other applications. This was also suggested in review comments. > > Query: Is it ok to have secure communication on any other port than the > mandated 5684 ? > > If yes, we can patch caipserver to not set "reuse_address" option when > secure unicast port is requested. > > > > In any case, this should not affect if client and server are running on > different machines. > > Hyuna, can you update your test scenario ? > > > > Regards > > Abhishek Sharma > > >
