SPAKE, DTLS and passwords
Joseph Reynolds
jrey at linux.ibm.com
Wed Oct 6 01:50:01 AEDT 2021
On 10/4/21 4:47 PM, Michael Richardson wrote:
> Joseph Reynolds <jrey at linux.ibm.com> wrote:
> > The planned IPMI over DLTS function will have certificate-based
> > authuentication.
>
> Do you mean that the server will be authenticated with a certificate, or that
> it will use mutual authentication?
I understand this means mutual-TLS.
Based on the gerrit design:
https://gerrit.openbmc-project.xyz/c/openbmc/docs/+/31548/4/designs/ipmi-over-dtls.md
Note that design also says the server will have an identity certificate;
same as the HTTPS certificate described in
https://github.com/openbmc/bmcweb/blob/master/README.md
Joseph
...snip...
> --
> ] Never tell me the odds! | ipv6 mesh networks [
> ] Michael Richardson, Sandelman Software Works | IoT architect [
> ] mcr at sandelman.ca http://www.sandelman.ca/ | ruby on rails [
>
>
>
>
More information about the openbmc
mailing list