Hi all
I’m interested to know what the perceived level of security is if implementing non-TLS websocket or HTTP connections on the electron.
I’m assuming this practice is more secure than it would be with the photon, as there is no local network that can be used as a point of entry?
I would like to establish a websocket connection between electrons and a server, I’m not sending anything overly sensitive but this is intended for commercial use so security and reliability is a concern.
Cheers
I would say that having TLS is a better option. Are there obstacles that makes non-TLS a consideration?
Thanks @kennethlimcp
I’ve continued researching since I wrote this and it looks like that’s the general consensus - in part just that many admins won’t want to have any unsecured connections to their server, whether they originate from a 3G device or not.
I suppose the obstacles are implementing the TLS library. I know of the glowfish library but as far as I know it’s not really open source (this is a commercial product).
I have also looked at the Real Time Logic library - which does have a cost associated with it, although it’s not prohibitive.
I just found the STM32 crytpo library - http://www.st.com/resource/en/user_manual/cd00208802.pdf
I wonder if this would be useful for implementing TLS with an RSA certificate?
This really isn’t my area of expertise and although I’d love to learn, I’m a bit short of time and kind of looking for a quick solution (which I know is not always possible).
Hello @G65434_2.
Do you have viewed this post: TlsTcpClient library on WebIDE published
Developed by @hirotakaster. It is based on Mbed TLS library and you are free to use them.
Just you need to have in mind that you have a high consumption of RAM, flash and high utilization of data that may be a problem for 3G devices.
But always you can use the Publish feature that is already encrypted.
Thanks @developer_bt
I had just noticed that, interesting development, although it does look like I might struggle to fit it as I already have quite a large firmware.
Problem with the publish feature is only that it cannot be used to create a persistent websocket connection.