Weave appears to have two different session establishment protocols, CASE and PASE. Why are there two and when would I use each?
Asked
Active
Viewed 196 times
1 Answers
0
Weave supports the use of symmetric encryption keys for point-to-point communications generated using one of two session establishment protocols, CASE and PASE.
CASE, which stands for Certificate-authenticated Session Establishment, uses provisioned, compact peer certificates (based on EDCH and ECDSA) with a simplified certificate validation path to establish the session and to generate the key. CASE is used for all device-to-service interactions and may also be used for mobile-to-device and device-to-device interactions.
PASE, which stands for Password-authenticated Session Establishment, uses provisioned, human-readable entry keys to establish the session and to generate the key. PASE is primarily used for manual, human-mediated mobile-to-device or automatic, device-mediated device-to-device out-of-box provisioning, setup, and configuration. PASE is essential for interactions, such as provisioning, in which proof-of-possession is an essential facet of the interaction model.
Dan Holevoet
- 9,183
- 1
- 33
- 49