On Thu, Jul 12, 2018 at 09:30:40AM +0000, Wang Haiguang wrote: > Hello, everyone, > > To solve the complex issue caused by the certification, in RFC 7250, > it is recommended to use raw public for authentication. > However, when using RAW public directly for authentication, > identity and public key binding is required. That is, server need > to maintain a large table to map the public key and identity. > For networks with huge amount of IoT devices, the maintenance of > such a huge database might be a challenge issue.
It seems to me that getting the information to provisioning to the database is the biggest issue. Any semi-decent database program should not even be breaking sweat with million row table on quite low-end server hardware (if the indexing is even remotely sane). > Currently we are thinking to use identity-base public key to solve > the issue. Is there any better solution to solve the identity binding > issue? If you do not want to use server-side database, create an internal CA and issue as compact certificates as possible. The overhead should be in low two hundred bytes. But this does not save you from having to figure out what those IoT devices actually are! > Can anyone give us some comments regarding using IBC as raw public > key for TLS for massive IoT authentication? I do not think there is any way currently to do that. The only defined signature algorithms are ([*] means removed from TLS 1.3): - RSA PKCS#1 v1.5[*] - DSA[*] - ECDSA - EdDSA2 (Ed25519 and Ed448) These are also the only algorithms that can be used with raw public key authentication. None of these is IBC algorithm.. Also, the way the raw public keys work is the same in both TLS 1.2 and 1.3 (the precise messages are different, but it still works the same). -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
