Closed lhotari closed 6 years ago
I don't think the argument about the 1.1 is too strong as the spec say that it can be omitted only if it is equals to the identifier from security protocol.
So in this case, we still have an endpoint value for the BootstrapStore
API.
The LWM2M spec 1.0 propose severals format to ensure uniqueness of endpoint name :
UUID URN: Identify a device using a Universally Unique IDentifier (UUID). The UUID specifies a valid, hex digit character string as defined in [RFC4122]. The format of the URN is urn:uuid:########-####-####-############
OPS URN: Identify a device using the format
"-" "-" as defined in Section 3.4.4 of [TR-069]. The format of the URN is urn:dev:ops: "-" "-" . OS URN: Identify a device using the format "-" as defined in Section 3.4.4 of [TR-069]. The format of the URN is urn:dev:os: "-" . IMEI URN: Identify a device using an International Mobile Equipment Identifiers [3GPP-TS_23.003]. The IMEI URN specifies a valid, 15 digit IMEI. The format of the URN is urn:imei:############### ESN URN: Identify a device using an Electronic Serial Number. The ESN specifies a valid, 8 digit ESN. The format of the URN is urn:esn:######## MEID URN: Identify a device using a Mobile Equipment Identifier. The MEID URN specifies a valid, 14 digit MEID. The format of the URN is urn:meid:############## IMEI-MSISDN URN: Identify a device using a combination of International Mobile Equipment Identifier [3GPP-TS_23.003] and MSISDN. IMEI is 15 digits and MSISDN is 15 digits. The format of the URN is urn:imei-msisdn: ###############-
Anyway, we could add identity to BootstrapStore
, if this helps. But keep in mind that even if you will be able to have duplicated endpoint name, you will not be able to have duplicated security credentials. So maybe the benefits will not be so strong ?
Do you plan to provide a PR for this change ?
The LwM2M 1.1. argument wasn't my actual reason to request this change. I just happened to think that it could be related and making this interface change before Leshan 1.0 could perhaps help in adding LwM2M 1.1 support later.
Yes, I'm aware of the proposals to ensure uniqueness of the endpoint names. In the multi-tenant bootstrap server use case it could be considered a security issue to start controlling the uniqueness of endpoint names across all tenants in the system. The minor threat that there would be is that another tenant could check if some other tenant has registered devices with a specific endpoint name.
It helps to add the Identity
parameter to BootstrapStore
since that would solve the issue that I am facing with my customer's development team.
Since this is a simple change and PRs cause some legal overhead with my customer, I unfortunately wasn't planning to provide a PR for this change of a few lines of code. (I'm sorry...)
Since this is a simple change and PRs cause some legal overhead with my customer, I unfortunately wasn't planning to provide a PR for this change of a few lines of code. (I'm sorry...)
You made several contributions by the past by opening issues. I would have enjoyed you level up by contributing a very small PR :wink:, but I understand your concern I would made the change myself soon.
I create a PR #549 for this.
If you have time to have a look ?
Thanks @sbernard31, it looks good to me.
This is the example of the changed interface:
currently the
BootstrapStore
interface method only contains theString endpoint
parameter.Identity information is useful for implementing a multi-tenant Bootstrap Server where the endpoint name isn't guaranteed to be unique across multiple tenants.
In LwM2M 1.1, the endpoint name is optional in client initiated bootstrapping In 6.1.3.3. Client Initiated Bootstrap