Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp3924438ybe;
        Mon, 16 Sep 2019 03:49:21 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxAOPesSRx1UWcvV9FHe/uzZevpO5NyUa/bD9wXko4pB5+m4sgjfGEOpBfCpzcYew8BZJkl
X-Received: by 2002:a05:6402:6da:: with SMTP id n26mr40481490edy.234.1568630960971;
        Mon, 16 Sep 2019 03:49:20 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1568630960; cv=none;
        d=google.com; s=arc-20160816;
        b=U2iRdi2+InNiX67Jc9MYhAh3NdIc4oVhqsVReb41EdqM8mqcCv2FmSdyDLzAunG+XK
         pT6yeEbyG2byUO8P6c1PeRYp+8LQ/nPX5Z9Z41d7I8+DKt8+LCgY22gp3zyynLR5DIsz
         TBU01oVkvaXGpGxqM5p3qo0Za9OUamyzgs1aAkI22+jA0NoPeK3Srr67YvWXoNUzxWAp
         zJODa506G8TFi3KKS/RJgN8+k+ivGEApXQKmqOnRtcor3nO0P6XIKEjftT49BP44gTF8
         kseXnFTv6E+21XQ3/MRYVQly57L80ASzrNGrUymjZFKyYqtKXC3dXQwFSjHCYYbFQ+/n
         Q/ig==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-transfer-encoding:content-disposition:mime-version
         :references:mail-followup-to:message-id:subject:cc:to:from:date
         :dkim-signature;
        bh=4cSjx5XG6x6AMPYVQpdUv5oPngfbEAO99TqRxKNWknw=;
        b=PbcpP5dFJJmVWpp+jrwVIg6IWtYGplurIeenS2/rycVSxigU/wBXi7x0Kff4SmoQFM
         oeMwYtG06LCNEQN3H0ia5ImfYCWIqn65I8zheL1GNHIOtD4pLWhYGkoyB1lBri9ZEDxS
         fNEyHs8MhgnfVbYTODjJptQfDFzj+zXeukCfCzqW6N0eMHoXZPzN/IJAzenK3p11Wy5h
         qllUIFJCuBAwKNFOj85IfuUSAAwgSN0M8WR/3vqhD/ZnYOwEZUrpoZ+d6i9l6FE0pSWE
         mF5wBFW7sBYJXqOJs6eTYjHsvYQ0LJgT/GXXIz8P/1D4hPZBxo8ovHQ2Yj2I2g2edwu/
         JnCw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@silvair-com.20150623.gappssmtp.com header.s=20150623 header.b=yS2QpV94;
       spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org
Return-Path: <linux-bluetooth-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id y50si24104964edd.237.2019.09.16.03.48.56;
        Mon, 16 Sep 2019 03:49:20 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@silvair-com.20150623.gappssmtp.com header.s=20150623 header.b=yS2QpV94;
       spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726927AbfIPJ6u (ORCPT <rfc822;maohongyicn@gmail.com>
        + 99 others); Mon, 16 Sep 2019 05:58:50 -0400
Received: from mail-wm1-f65.google.com ([209.85.128.65]:35858 "EHLO
        mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726569AbfIPJ6t (ORCPT
        <rfc822;linux-bluetooth@vger.kernel.org>);
        Mon, 16 Sep 2019 05:58:49 -0400
Received: by mail-wm1-f65.google.com with SMTP id t3so9521476wmj.1
        for <linux-bluetooth@vger.kernel.org>; Mon, 16 Sep 2019 02:58:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=silvair-com.20150623.gappssmtp.com; s=20150623;
        h=date:from:to:cc:subject:message-id:mail-followup-to:references
         :mime-version:content-disposition:content-transfer-encoding
         :in-reply-to:user-agent;
        bh=4cSjx5XG6x6AMPYVQpdUv5oPngfbEAO99TqRxKNWknw=;
        b=yS2QpV94dMlDN98C05w6czON2BkTl8qCFg6c+vWS/xpPWNLLOx7Z/vEo/HpSLdj1XM
         fUoha1ur9usQVo8uGs6hklOYlFEvhGoKMaVbDqOB7R0gQ/UEqDDoUOScWt6RbJlt4IJY
         /XwAfaR8P2yMO628VPE0L2TntvWmto5UUE2Su33q6Opi6ze9V8Uf+NDCg/G/cFgtcIg1
         kjbeuwaM00HmoqYUb6AtELBvXpRPU0B/8YY/5W4q0+c1n9WUH3YKxc2O2GffgthLkSrk
         TkRijLbeQoECqhBWONBqe2DPstXLMhweF1dsTGnLPqv/gC9mghEvIqsYknp5RP6o5OcX
         BpFA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id
         :mail-followup-to:references:mime-version:content-disposition
         :content-transfer-encoding:in-reply-to:user-agent;
        bh=4cSjx5XG6x6AMPYVQpdUv5oPngfbEAO99TqRxKNWknw=;
        b=UTPQhd8i2RdG8E1SMcnOv8aalrWJhgq3ACAywfGZ+CxrvTBU+Jsi+KkbNPC3NXg9cr
         cHNethHaaHAzjXyLMgoyEd+RxAbdrW7sslpF/t0syw+Q6Ar1V4rTQMQ0C7JmooGfrmQH
         At22hqN/G6+OB7g4x2/G5OIdGrNKQDXIya/zsQblHsEFP3IT+QLtfnHxVudBY+xDql43
         L6/4sGY7scilvnavHVRrCu2yNmq2kgwWGCNCh/1MEy4ajt/thf90Jc/SkEqmJf38CCc/
         jeyD1KseXdGs4/M870SFiyb+6E4WogJgB46BXK9XKpx8fWfI1/cmvxeUqjhTySnlEtIV
         9VYw==
X-Gm-Message-State: APjAAAUk8OvVj3L376gpsfFw0Oo6z6woIbH8XDxno2bzK7EA4ThvO/26
        pvmO9cXq4VtnmNORlosE00eIQonvnLo=
X-Received: by 2002:a1c:ef14:: with SMTP id n20mr14192477wmh.89.1568627927487;
        Mon, 16 Sep 2019 02:58:47 -0700 (PDT)
Received: from mlowasrzechonek2133 ([217.153.94.18])
        by smtp.gmail.com with ESMTPSA id u11sm8101956wmd.32.2019.09.16.02.58.46
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 16 Sep 2019 02:58:46 -0700 (PDT)
Date:   Mon, 16 Sep 2019 11:58:45 +0200
From:   =?utf-8?Q?Micha=C5=82?= Lowas-Rzechonek 
        <michal.lowas-rzechonek@silvair.com>
To:     Brian Gix <brian.gix@intel.com>
Cc:     linux-bluetooth@vger.kernel.org, inga.stotland@intel.com
Subject: Re: [PATCH BlueZ 1/1] mesh: Add local/remote bools to DevKey
 transactions
Message-ID: <20190916095845.htvyalekgr4k2ybt@mlowasrzechonek2133>
Mail-Followup-To: Brian Gix <brian.gix@intel.com>,
        linux-bluetooth@vger.kernel.org, inga.stotland@intel.com
References: <20190915081408.18116-1-brian.gix@intel.com>
 <20190915081408.18116-2-brian.gix@intel.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <20190915081408.18116-2-brian.gix@intel.com>
User-Agent: NeoMutt/20180716
Sender: linux-bluetooth-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-bluetooth.vger.kernel.org>
X-Mailing-List: linux-bluetooth@vger.kernel.org

Hi Brian,

On 09/15, Brian Gix wrote:
> DevKey operations require authorization on the part of the applications
> making the requests. Messages to state changing Servers should use keys
> from the local Key Database to demonstrate authority.

Alright, so if I understand this correctly:

1. If the application would like to change Config Server states on the
   local node, it would need to:
    - call ImportRemoteNode, passing the address of a *local* node and
      the device key obtained from provisioner
    - call DevKeySend to a *local* address, with remote flag set to true
    - receive responses via DevKeyMessageReceived from *local* node,
      with remote flag set to true

   Essentially this means that talking to a local node using device
   security behaves in the same manner as if the node was a remote one.

2. If the application would like to implement an external model that
   uses device security, it would:
    - receive DevKeyMessageReceived calls from remote nodes, with remote
      flag set to false
    - send responses by calling DevKeySend to a *remote* address with
      remote flag set to false

This means that calling DevKeySend to a *local* address with remote flag
false would be forbidden, in order to force the application to use
ImportRemoteNode first?

-- 
Michał Lowas-Rzechonek <michal.lowas-rzechonek@silvair.com>
Silvair http://silvair.com
Jasnogórska 44, 31-358 Krakow, POLAND