Anoop Kumar Pandey <an...@cdac.in> wrote: > Pledge verifying the > domain is anyway overrated.
So, I think you are saying that you do not subscribe to the problem statement. > Besides, it can also be done by verifying > the certificate of JRC during enrolment. Please explain. It would be great to simplify the protocol. > I would also like to quote/remind following lines from Section 1.3 > [Scope of Solution] of the RFC: > “But this solution is not exclusive to the large, it is intended to > scale to thousands of devices located in hostile environments, such as > ISP provided CPE devices which are drop-shipped to the end user. The > situation where an order is fulfilled from distributed warehouse from > a common stock and shipped directly to the target location at the > request of the domain owner is explicitly supported. That stock > ("SKU") could be provided to a number of potential domain owners, and > the eventual domain owner will not know a-priori which device will go > to which location.” Yes, it's designed exactly to deal with situation. Are you saying that it fails in some way? -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-
Description: PGP signature
_______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima