> On May 26, 2023, at 1:18 PM, Michael Richardson <mcr+i...@sandelman.ca> wrote: > >> Is that identity now an LDevID (even though it has a completely >> different shape than the IDevID), or is a certificate based LDevID >> still created as part of the process, or can the device happily >> complete the ANIMA processes without an LDevID? > > I wouldn't call it an LDevID. > You don't need to do EST and ask for an LDevID.
I do not see this being prohibited. It would require: - CA recognizes the trust anchor associated with the IDevID, - CA can issue the LDevID, - Client can authenticate the EST server based on something configured at the factory. Russ
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace