[riot-notifications] [RIOT-OS/RIOT] sys: new sock submodule for DTLS (#11909)

Martine Lenders notifications at github.com
Mon Jul 29 18:15:07 CEST 2019


> I think it is better to expose it in tinydtls pkg instead of DTLS sock as `DTLS_PSK` and `DTLS_ECC` is tinydtls specific and other DTLS implementation may not have/use defines to enable support for specific cipher suites (e.g. wolfSSL uses [`wolfSSL_CTX_set_cipher_list()`](https://www.wolfssl.com/doxygen/group__Setup.html#gac5835a41f08b90828e72ec20d46d6399)). There are also other defines that are not documented anywhere other than [examples/dtls-echo README](https://github.com/RIOT-OS/RIOT/blob/master/examples/dtls-echo/README.md#handling-the-static-memory-allocation) such as DTLS_CONTEXT_MAX and more.

> > Also, it's not clear to me, if the two are mutually exclusive
> 
> No, it is not mutually exclusive. A DTLS sock should be able to use multiple cipher suites.

This should not be part of this PR. But how about making these (pseudo) submodules of `tinydtls` then: `tinydtls_psk` and `tinydtls_ecc`. `DTLS_CONTEXT_MAX` seems to be more of a configuration variable.

> Or would documenting it all in a new doxygen group (e.g. net_encryption) be better? The group could also describe caveats and configuration options of each DTLS implementation and explain how to use credman with DTLS sock. In general, information on how to get started with using (D)TLS in RIOT.

I don't see why a new group would be necessary. If those variables are `tinycrypt` specific, they should go into `pkg_tinycrypt` (maybe also exposed to `config`). The doc for the caveats and how to get started would be better suited in a new group `net_dtls` maybe (which may refer to `sock_dtls` and the various implementation, but not group them specifically, see e.g. `net_ipv6` or `net_udp`), the usage of credman with `dtls_sock` should go into `net_dtls_sock` as it is important for its usage.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/RIOT-OS/RIOT/pull/11909#issuecomment-516058452
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/notifications/attachments/20190729/ab86b4d4/attachment.htm>


More information about the notifications mailing list