> HTTP/HTTPs are related to out-of-control webservers (weather or any ). our > control is between OCF devices using coaps. and as long as the ?out-of-control? http data path stays out of ?our control? OCF devices (i.e. out of its OCF SSE), the attack vector will not be increased. But if the two paths cross, then we should at a minimum require https on the ?out-of-control? webserver?s data path.
From: ?? [mailto:[email protected]] Sent: Monday, 01 August, 2016 7:19 AM To: Stephane Lejeune (stlejeun); ????; ???; thiago.macieira at intel.com<mailto:thiago.macieira at intel.com> Cc: iotivity-dev at lists.iotivity.org<mailto:iotivity-dev at lists.iotivity.org> Subject: Re: RE: Re: [dev] FW: Re: Re: CoAP - HTTP Proxy Review Request So by generalizing this existing mechanism (to cover http too) you could not only tackle this use case a proxy exposing resources from coap(s) through http(s) --> Proxy solution is exposing resources from http (weather) through coap(s). But not other way. HTTP/HTTPs are related to out-of-control webservers (weather or any ). our control is between OCF devices using coaps. Regards, Ashok ------- Original Message ------- Sender : Stephane Lejeune (stlejeun)<stlejeun at cisco.com<mailto:stlejeun at cisco.com>> Date : Jul 29, 2016 19:00 (GMT+05:30) Title : RE: Re: [dev] FW: Re: Re: CoAP - HTTP Proxy Review Request ?and that is exactly what you would want for the http, isn?t it? So by generalizing this existing mechanism (to cover http too) you could not only tackle this use case: a proxy exposing resources from coap(s) through http(s) but also existing OCF use cases an OCF device exposing its resources directly through multiple endpoints, including http(s) and so keep everything secured under the same flag. From: ???? [mailto:[email protected]] Sent: Friday, 29 July, 2016 1:09 PM To: Stephane Lejeune (stlejeun); ???; 'Thiago Macieira'; ?? Cc: iotivity-dev at lists.iotivity.org<mailto:iotivity-dev at lists.iotivity.org>; ???? Subject: RE: Re: [dev] FW: Re: Re: CoAP - HTTP Proxy Review Request SECURED flag does not build unsecured resource but allows the resource to be accessed through COAP due to wild-card. ---------------------------------------------------------------------------------- Sr. Technical Manager, Software Architect. SRI-B, IoT Division/ IoTivity, Samsung Electronics Co., Ltd. +91-9880709710 ---------------------------------------------------------------------------------- [cid:image001.png at 01D1EBD8.83961750] -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.iotivity.org/pipermail/iotivity-dev/attachments/20160801/fe0ada3f/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 33527 bytes Desc: image001.png URL: <http://lists.iotivity.org/pipermail/iotivity-dev/attachments/20160801/fe0ada3f/attachment.png>
