[6lbr-dev] Web Administration SSL/TLS Support?

Ron Segal ron at suretronic.com
Mon Nov 16 19:37:04 UTC 2015


Hi Mátyás
Actually I'm just after encryption between the border router and the WSN, for
which purpose AES would be the most efficient, particularly given that a common
key is being used in any case.  So the key requirement (forgive the pun) is to
secure access to this key via 6lbr's administrative web pages.  Actually I
probably already have a solution. My current border router setup terminates an
SSL/TLS http connection using NGINX, for the purpose of passing IPV4 REST
requests (with embedded CoAP) to an http-coap reverse proxy translator  (simple
one that I wrote in Python), then on to 6lbr as a standard IPV6 CoAP request.
NGINX and 6lbr are running on the same box (RPi).  So NGINX (which is also a
load balancer) could easily be used to terminate http/s requests to the 6lbr web
administration pages, forwarding them as plain http directly to 6lbr.  Will have
to test this, but can't see any reason why it wouldn't work.
Best wishes, Ron



On 17/11/15 08:18, Mátyás Kiss wrote:
> Hello Ron,
>
> Is there any crypto module for the 6LBR? Contiki has one DTLS, which doesn't
> compatible with the original OpenSSL. I am thinking about to (re)write a
> complete crypto module especially for the contiki. But this is a huge work.
>
>
> M
>
> 2015-11-16 19:53 GMT+01:00 Ron Segal <ron at suretronic.com
> <mailto:ron at suretronic.com>>:
>
>     Hi Cetic Guys
>     Are you planning to implement http SSL/TLS support for securing access to
>     administration web pages?
>     Particularly with the new AES administration functionality, access control
>     would
>     seem to be pretty essential.
>     (Also, following the recent atrocities, just wanting to pledge support to you
>     guys in Europe)
>     Best wishes, Ron - Wellington, New Zealand
>
>     _______________________________________________
>     6lbr-dev mailing list
>     6lbr-dev at lists.cetic.be <mailto:6lbr-dev at lists.cetic.be>
>     http://lists.cetic.be/cgi-bin/mailman/listinfo/6lbr-dev
>
>


-- 
suretronic_labs_sig.html
R o n   S e g a l
MSc, CEng, CITPNZ
suretronic labs
Wellington, New Zealand
Tel: 64 4 5288806Cell: 64 21 678009

This e-mail message and any attachments are confidential to the addressee(s). 
If you are not the intended addressee, please notify me as soon as possible and
immediately delete the e-mail, including any attachments.  Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cetic.be/archives/6lbr-dev/attachments/20151117/1e28fd4e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: suretronic_labs_signature_58_40_icon.png
Type: image/png
Size: 4068 bytes
Desc: not available
URL: <http://lists.cetic.be/archives/6lbr-dev/attachments/20151117/1e28fd4e/attachment.png>


More information about the 6lbr-dev mailing list