Hello all
I tried all possible combinations of conntype subjectuuiid in the ACE and
also set the sct in the doxm record to support group key but it does not
seem to work. Is this unsupported in current Iotivity? Maybe it needs a
certificate to work?
Has anyone tried to work with group keys?
BR,
Khaled
On Mon, Nov 12, 2018 at 5:23 PM, Khaled Elsayed <khaledi...@gmail.com>
wrote:
> Hi Nathan and all,
>
> So, if I would like to create a credential for a group all members of
> which can access a certain resource, I should create:
>
> {
> "credid": 1,
> "subjectuuid": "12345678-1234-1234-1234-123456789012", /* The group uuid*/
> "credtype": 2, /* symmetric group key */
> "privatedata": {
> "data": "AAAAAAAAAAAAAAAA",
> "encoding": "oic.sec.encoding.raw"
> },
> "period": "20150630T060000/20990920T220000"
> }
>
> Specs says group key establishes group membership but not authentication.
> It specifically states "Group level access is implemented using Role
> Credentials and/or connection type". What shall I use in the ACL for the
> resource that has group-level access? Would the ACL below work? I don't
> think so.
> {
> "aceid": 1,
> "subject": { "conntype": "auth-crypt" }, /* if we want to add
> roletype, do we need a certificate with roleid?*/
> "resources": [
> { "href": "/a/myresource" }
> ],
> "permission": 14
> }
>
> Best regards,
>
> Khaled
>
>
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#10012):
https://lists.iotivity.org/g/iotivity-dev/message/10012
Mute This Topic: https://lists.iotivity.org/mt/28091827/21656
Group Owner: iotivity-dev+ow...@lists.iotivity.org
Unsubscribe: https://lists.iotivity.org/g/iotivity-dev/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
