mqtt message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Re: [mqtt] Reviewing the kickoff material ...
- From: Richard J Coppen <COPPEN@uk.ibm.com>
- To: paduffy@cisco.com
- Date: Tue, 9 Apr 2013 18:08:55 +0100
Hi Paul,
Many thanks for your questions. Responses
under headed sections below.
Footprint:
Client and server library size can vary
depending on the level of functionality they include and the OS they are
implemented for.
As a guide, the Open source Paho C clients
are between 60k and 100k of compiled code, and the Paho Java client jar
is 106k. IBM ships a 53k Java client jar with WebSphere MQ. A minimal server
implementation could be in the region of 100k of compiled code.
Security:
The 3.1 spec itself contains provision
for a userid/password and can be used over a TLS/SSL channel. The charter
reflects the view that it is better to compose MQTT with existing proven
security technology, rather than to add further MQTT-specific security
features. As you say, security is very important in many applications
of MQTT, and we should consider including security considerations guidance
in the MQTT best practices paper.
Best regards
Richard
|
|
|
| Richard Coppen CEng
FBCS
| IBM United Kingdom
|
|
| Software Engineer
| Hursley Park
|
| WebSphere MQ
| Winchester
|
|
|
| SO21 2JN
|
|
| Phone:
| +44 (0)1962 817164
| England
|
|
| e-mail:
| coppen@uk.ibm.com
|
|
|
| blog:
| testingblues.com
|
| |
From:
Paul Duffy <paduffy@cisco.com>
To:
mqtt@lists.oasis-open.org,
Date:
05/04/2013 23:13
Subject:
[mqtt] Reviewing
the kickoff material ...
Sent by:
<mqtt@lists.oasis-open.org>
Folks
A couple questions.
- Footprint. One of the decks speaks to "Tiny footprint MQTT client
(and
server) libraries e.g. a c client lib in 30Kb and a Java lib in 64Kb ".
Much appreciated if I could be pointed to more detail re: client and
server footprint for Java, C, etc. impls.
- Security. The charter identifies the issue as out of scope beyond
what's in the 3.1 submission. Best I can tell, 3.1 briefly discusses
username/password? Does this effort intend to offer the equivalent
of
IETF Security Considerations guidance? I ask this as it seems MQTT
is
headed for critical infrastructure, and thus security is a huge issue.
Cheers
---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail. Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number
741598.
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6
3AU
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
