Transport layer security (TLS) is becoming the de facto standard to provide end-to-end security in the current Internet. IoT and M2M scenarios are not an exception since TLS is also being adopted there. The ability of TLS for negotiating any security parameter, its flexibility and extensibility are responsible for its wide adoption but also for several attacks. Moreover, as it relies on public key infrastructure (PKI) for authentication, it is also affected by PKI problems. Considering the advent of IoT/M2M scenarios and their particularities, it is necessary to have a closer look at TLS history to evaluate the potential challenges of using TLS and PKI in these scenarios. According to this, this paper provides a deep revision of several security aspects of TLS and PKI, with a particular focus on current certificate pinning solutions in order to illustrate the potential problems that should be addressed.

中文翻译：

---

物联网和 M2M 安全通信的 TLS/PKI 挑战和证书锁定技术

传输层安全 (TLS) 正在成为当前 Internet 中提供端到端安全的事实标准。IoT 和 M2M 场景也不例外，因为 TLS 也在那里被采用。TLS 协商任何安全参数的能力、其灵活性和可扩展性是其广泛采用的原因，也是多种攻击的原因。此外，由于它依赖于公钥基础设施 (PKI) 进行身份验证，因此也受到 PKI 问题的影响。考虑到 IoT/M2M 场景的出现及其特殊性，有必要仔细研究 TLS 历史，以评估在这些场景中使用 TLS 和 PKI 的潜在挑战。据此，本文对TLS和PKI的几个安全方面进行了深度修订，