Closed biboc closed 6 months ago
tinydtls is a DTLS 1.2 (RFC 6347) implementation.
Do you follow CVE for DTLS/tinyDTLS and do you update the library?
We consider all here reported issues, at least, if we are able to reproduce it or we are able to follow the explanations. For now, tinydtls has not reached version 1.0 and we didn't publish newer releases as the old 0.8.6. That makes reporting CVE somehow ineffective. The point for no newer releases is mainly, that tinydtls is used in a couple of different OS and so such a binary release would be either pretty complex or would not cover the the wide range of usage. The most are pretty happy by just compile it on there self.
Some have been released over the years on contiki implementation:
We don't maintain the tinydtls fork of the contiki(-ng) project. I've asked that project about their interest, but I didn't receive an answer. They way to fix issues there is to update that fork to this origin, but that's the task for the contiki-ng project, not for this one.
Great, thanks
Could you add to the Readme that tinyDTLS is a DTLS 1.2 (RFC 6347) implementation?
For Contiki, I was mentioning it since they use a fork of tinyDTLS so if bugs are there, they may be in tinyDTLS repo :)
Concerning 1.0 release, I understand your point but I'm not sure releasing binaries is a mandatory. You could simply say that tinyDTLS has reach a satisfying version and you tag it 1.0 (as you did for previous tags https://github.com/eclipse/tinydtls/tags (release only source code)) Then OSes will download your 1.0 tag and compile it for their architecture It's up to you :)
Thanks for this DTLS implementation and your work
I'll close this "issue"
Could you add to the Readme that tinyDTLS is a DTLS 1.2 (RFC 6347) implementation?
Sure.
See PR #234 .
Hi,
Is DTLS implementation compatible with TLS1.1, 1.2 and/or 1.3?
Do you follow CVE for DTLS/tinyDTLS and do you update the library? Some have been released over the years on contiki implementation: https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=tinydtls
Thanks,