Forum

PSK based TLS

Grant
2 August 2016, 08:17
Hi there,
I would please like to know if Hiawatha supports PSK based TLS. The PSK keys are unique per client (can have millions), thus the server would have to retrieve the correct key during each TLS handshake. I did not see any configuration entry allowing for such lockups. If this is supported, I would greatly appreciate a pointer to any documentation indicating how this is setup.

Many thanks
Grant
Hugo Leisink
2 August 2016, 10:35
No, this is not supported. As far as I know, browsers do not support this. So, there is no point in supporting it in a webserver.
Grant
2 August 2016, 12:22
Thanks for the response,
PSK based TLS is widely used in the smart card industry, a release 8 compliant "SIM" in a LTE handset utilizes PSK TLS for HTTP based communication for SIM updates. The rational for not supporting PSK TLS in a generic web-servers is however understandable, however since mbedtls supports PSK, I was hoping Hiawatha would also include such support.
Thanks
This topic has been closed.