Patch: wtls provision

Nikos Balkanas nbalkanas at gmail.com
Wed May 12 10:28:30 CEST 2010 

Thanks, Alex.

I wouldn't worry much about security, this is as solid (or as weak) as 
described in the spec. I have not seen any memory corruptions, just a couple 
of minor leaks that will be addressed in time.

BR,
Nikos
----- Original Message ----- 
From: "Alexander Malysh" <amalysh at kannel.org>
To: "Nikos Balkanas" <nbalkanas at gmail.com>
Cc: "Kannel Devel" <devel at kannel.org>; "Kannel Users" <users at kannel.org>
Sent: Wednesday, May 12, 2010 10:49 AM
Subject: Re: Patch: wtls provision


Hi Nikos,

sorry for delay, patch commited to branch and after testing will be merged 
to trunk.

This branch can be found at: 
https://svn.kannel.org/gateway/branches/wtls_provision

I would like to see more people that can test/review this patch.

Thanks,
Alexander Malysh

Am 26.04.2010 um 01:34 schrieb Nikos Balkanas:

> Hi Alex,
>
> As stressed I never implied any wrongdoing from your part. If anything you 
> are the only person dedicated to this project like a regular job. Rest of 
> us are mostly daydreaming small snippets in our free time. There can be no 
> kannel without you.
>
> The Patch is back. Reformatted according to your specs. Let me know if you 
> need anything more.
>
> Like in the original, it will provide for the following wtls 
> functionality:
>
> A) Supported MACs:
>
>       SHA_0,
>       SHA_40,
>       SHA_80,
>       SHA_NOLIMIT,
>       MD5_40,
>       MD5_80,
>       MD5_NOLIMIT
>
> MIA's:
>        SHA_XOR_40
>
> B) Supported Ciphers:
>
>       RC5_CBC_40,
>       RC5_CBC_56,
>       RC5_CBC,
>       DES_CBC,
>       DES_CBC_40
>
> MIA's:
>       NULL_bulk,
>       TRIPLE_DES_CBC_EDE,
>       IDEA_CBC_40,
>       IDEA_CBC_56,
>       IDEA_CBC
>
> C) Supported Keys:
>
>       RSA_anon
>
> MIA's:
>       RSA_anon_512,
>       RSA_anon_768,
>       RSA_NOLIMIT,
>       RSA_512,
>       RSA_768,
>       ECDH_anon,
>       ECDH_anon_113,
>       ECDH_anon_131,
>       ECDH_ECDSA_NOLIMIT
>
> Keys might seem a shortcoming, but I have yet to see a mobile that doesn't 
> support RSA_anon. I do expect that a few of the rest of the keys are 
> supported as well (i.e. RSA_anon_512, RSA_anon_768) just didn't have the 
> chance to test them.
>
> D) Spec States
>
> All wtls states are supported except:
>
>   1) Suspend/resume wtls session
>   2) Cipher change when already connected
>
> I have not come across these states when testing with a variety of 
> mobiles. In practice (2) is implemented through another client hello while 
> already connected to the same client.
>
> BR,
> Nikos
> ----- Original Message ----- From: Alexander Malysh
> To: Nikos Balkanas
> Cc: devel at kannel.org
> Sent: Tuesday, April 13, 2010 12:49 AM
> Subject: Re: Patch: wtls provision
>
>
> Hi Nikos,
>
>
> sorry for delay but I hope you saw that WAP is not my part...
> if you still want to contribute this patch then I'm willing to help you 
> with it.
>
>
> What I need from you:
> 1) patch with white spaces ignore
> 2) description how I can test your patch
>
>
> You can send me these things in private email but please understand that 
> we are all volunteers and don't
> receive salary for our work and make this only in our private time. So for 
> such large patches it may take
> some time to review, test and commit it.
>
>
> Thanks for your understanding and contribution,
> Alexander Malysh
> <kannel.diff.gz>

More information about the devel mailing list