thank you for your response!
both LWM2M and Kafka have their security mechanisms and both focus on their area of interest. On one side, we have constrained sensors connecting to a LWM2M server with UDP with DTLS (which Leshan supports), and on the other side, edge Kafka to cloud, we need to have a encrypted connection (on TCP) plus authorization and ACL’s per topic, which Kafka supports.
What will be nice is to derive some mechanism to bridge those worlds. One example I can see of, is for automatic provisioning of certificates and raw public keys on the Leshan server itself, e.g by producing events to a Kafka topic that Leshan listens. Those events would be produced to the central administration broker, get replicated to the edge and have Leshan auto-provision them. The same goes for revoking them, another set of events.
I think leveraging the best features of these two worlds and coming up with mechanisms to simplify Developer and Devops experience would be nice.