Jonathan BeriDec 20, 2022
All rightly, trying out this server. 👋
Show threadchrysnDec 20, 2022
@jberi Nice, someone providing cloud solutions that support #CoAP and #SUIT – we've been looking for something like that at @RIOT_OS.
Is Golioth something that'd also be reasonably usable by a device with an existing CoAP stack (not pulling extra SDK)? Any plans for #OSCORE support?
Show threadJonathan BeriJan 2, 2023

@chrysn @RIOT_OS we have two flavors - one natively built on Zephyr and a portable SDK. See the porting guide - https://github.com/golioth/golioth-firmware-sdk/blob/main/docs/Porting_Guide.md. libcoap is the main requirement but folks have written their own implementations (ex. MicroPython.)

OSCORE is not on the immediate roadmap but something we'd consider. Hard to find a good Go implementation (even DTLS was a challenge!) We just launched Cert support: https://blog.golioth.io/introducing-golioth-certificate-based-authentication/

Would love to know what you think!

golioth-firmware-sdk/Porting_Guide.md at main · golioth/golioth-firmware-sdk

Golioth Firmware SDK. Contribute to golioth/golioth-firmware-sdk development by creating an account on GitHub.

GitHub
Show threadchrysnJan 2, 2023

@jberi @RIOT_OS Yeah, it's hard to find even good DTLS libs, I've struggled in Python (and didn't get beyond PSK).

I'll have a look at the OSCORE plug test participants for a Go implementation (but I don't remember having seen any). I've implemented it myself 2½ times (FLOSS libraries with commercial services), but Go is sadly not a language I can help much with. On the upside, it's way lighter than DTLS on messages and code, and you can easily keep arbitrarily many "connections" on the server.

Show threadchrysn
@jberi Nobody seems to have a Go implementation yet, but you may want to keep an eye on https://github.com/plgd-dev/go-coap/issues/331.
(This necropost was brought to you by skimming your colleague's latest CoAP article on https://blog.golioth.io/life-of-a-coap-message/ and noticing that it's about 50% DTLS).
Add support for OSCORE · Issue #331 · plgd-dev/go-coap

Is there any Support for OSCORE planned? RFC: Object Security for Constrained RESTful Environments I'm mentioning this, because we might need this in future for our devices. I might even start with...

GitHub
Jul 9, 2023 at 7:23pmWeb
Show threadJonathan BeriJul 9, 2023
@chrysn thanks for the pointer! We're pretty focused on DTLS for the time being but continue to keep our eyes on OSCORE for the future. /cc @hasheddan for the mention!
Show threadchrysnJun 25, 2024
@jberi @hasheddan @chris_gammell In case it helps spark more interest in OSCORE: the latest aiocoap release integrates EDHOC and OSCORE, our demos for RIOT-rs are constantly improving (like, accessing over EDHOC without a custom client), and are being factored out into even more general purpose EDHOC+OSCORE tools.