Ø But I don't think we can tell endpoints that they are on their own unless
they get the right hardware or they comply with the ACE-OAuth model, or DOXS.
[This is probably an issue unrelated to EST topic but worthwhile to talk about
How do you expect companies to come up with reasonable IoT security?
Our (Arm) thinking was that working on building blocks that are then combined
in complete IoT device management solutions (like LwM2M) and supplemented with
security guidance that includes the implementation (software & hardware), as we
do it with the Platform Security Architecture (see
is the only way to improve IoT security. If you just dump ideas and protocols
with lots of options to OEMs and let them figure out the security story
themselves then guess what the outcome will be.
IMPORTANT NOTICE: The contents of this email and any attachments are
confidential and may also be privileged. If you are not the intended recipient,
please notify the sender immediately and do not disclose the contents to any
other person, use it for any purpose, or store or copy the information in any
medium. Thank you.
Ace mailing list