Hi Rich, M2M might be common TLS, but with something else at the application layer. I’ll give this example, but admittedly the terminology is confusing: there is another protocol that is called EtherNet/IP (here IP stands for Industrial Protocol, hence the concern about confusion). In this case this protocol is built upon TCP and UDP, but then above that there is a different protocol meant for machine to machine communication that will enable a number of industrial applications. What we did in ODVA was to add TLS (and DTLS in some cases) to protect this communication. This communication is often high speed and latency is a major concern. So it is standard TLS, but rather than HTTP on top of the TLS, it is an Industrial Protocol. Even if the device is “capable” of encryption, encrypting the data adds overhead and is unnecessary in some applications. So capable might mean it can do encryption, but not at the speeds necessary for machine to machine I/O.
Thanks and Best Regards, --Jack From: Salz, Rich [mailto:rs...@akamai.com] Sent: Tuesday, August 21, 2018 1:46 PM To: Jack Visoky <jmvis...@ra.rockwell.com>; Salz, Rich <rsalz=40akamai....@dmarc.ietf.org>; Fries, Steffen <steffen.fr...@siemens.com> Cc: ncamwing=40cisco....@dmarc.ietf.org; tls@ietf.org Subject: Re: [TLS] EXTERNAL: Re: integrity only ciphersuites Ø I’m not sure if I’m following the question, but what was meant was that these ciphers are generally NOT used for browser access. Machine to machine communication usually does not involve a browser. Apologies if I’ve misunderstood the question. You understood me. So the devices (or rather at least some of them since they are splendiferous in their variances) do speak common TLS. But not for M2M. That part confuses me, since “too small to encrypt” was a reason given.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
