IoT SIG - 2019-12-18


  1. debacle has left
  2. Alacer has left
  3. Alacer has joined
  4. Tobi has joined
  5. Alacer has left
  6. Alacer has joined
  7. debacle has joined
  8. flow COM8 congrats :)
  9. flow debacle, can you use TLS client certs without signing and encrypting the stream? If not, how is using OpenPGP heavier than TLS (client certs)?
  10. flow It really depends on your use case. I could be wrong, but assuming that using a TLS client cert requires the stream to get signed and encrypted, OpenPGP would at least provide you with the flexibilty to sign only specific parts
  11. flow But on the other hand, if you do IoT with XMPP you most certainly want to use TLS, so using a TLS client cert only adds a little bit more to the TLS handshake but next to nothing after that
  12. flow But if your IoT device needs to connect with different XMPP services, then using a (single) TLS client cert sounds not like the right approach
  13. Alacer has left
  14. Alacer has joined
  15. debacle has left
  16. debacle has joined
  17. debacle flow, the connection is TLS anyway, i.e. PGP would come on top and therefore were heavier.
  18. debacle Btw, if I wanted to use PGP, it would make sense to sign only the payload, not the stanza, so that I can pass that payload even outside of the XMPP world, while the signature still could be validated.
  19. Alacer has left
  20. Alacer has joined
  21. COM8 has joined
  22. COM8 has left
  23. Syndace has left
  24. Syndace has joined
  25. flow ok, but if you don't PGP everything, and already do TLS, then I'd argue the PGP overhead is probably not an issue
  26. flow debacle, ^
  27. flow of course, it really depends on the used hardware, software stack and what you actually want to do
  28. debacle our hardware is very ancient, but probably PGP still runs fine
  29. debacle and we have only to sign one file per second
  30. debacle not hundreds
  31. debacle has left
  32. Alacer has left
  33. Alacer has joined
  34. flow depends on the size of that one file ;)
  35. debacle has joined
  36. debacle has left
  37. Tobi has left
  38. debacle has joined
  39. debacle has left