Hi,
I am trying to build the Thread network using nRF52840 and nRF5_SDK_for_Thread_and_Zigbee_v3.2 SDK. I tried to load the \examples\thread\cli\ftd\uart\pca10056 exampl on the board and it works fine. Thanks for the nice example and documentation!
Now I have some issues about the Thread security property. When we tried to generate the new Thread dataset using CLI, we will get the network parameters such as PANID, EX PAN ID, master key, etc, shown as the following figure:
For my understanding, I have the following questions:
1. Is there any other ways to build a Thread network? For example, without CLI, can we use the hardcoded program to generate and test the OpenThread Network?
2. For my view, the Master Key is used to encrypt the UDP packages between the Thread nodes during their communication. It is automately and randomly generated when the "dataset" command is input. And the UDP communication is encrypted by AES-CCM, is that right?
3. May I know the purpose of "PSKc"? From this tutorial, the "J01NME" should be the PSKd between the commissioner and new incoming device. And the new incoming device will be certified using the DTLS PSK mode. If so, what will "PSKc" be used for?
4. A follow up question for question 3. I searched the DTLS documentation and found there are two modes, raw public keys or pre-shared keys. I guess the "J01NME" uses the second approach. Is there any reference we can find for the first approach? We are trying to build a Thread network with the PKI and we think the first approach (raw public key) might be more suitable for our project.
Thanks for your patient and any advice is welcomed. Thank you.
Best,
Zhonghao
