On 7/15/19 3:38 PM, Brian E Carpenter wrote:
On 15-Jul-19 16:45, Joel M. Halpern wrote:
I presume I am missing something basic.
I have tried to follow this discussion, as it seems to be about a
critical aspect of whether the BRSKI work is acceptable.
I have assumed that what we needed is the ability for a buyer, who has
physical possession of the device, and possibly some simple (non
cryptographic) credentials provided by the seller to force the device to
reset what it thinks it is part of, and to emit in some accessible form
the information the buyer needs to be able to make this device part of
his network, using his authentication servers, etc.
Yes, but *not* a solution that works if the device is stolen.
I'm actually a little ambivalent with respect to this use case. For the
kind of devices that the document purports to be targeting, I would
imagine that theft is in the range of parts-per-thousand (or lower) as
compared to things like post-bankruptcy liquidation. If you can fix the
first without ruining the second, great.
/a
_______________________________________________
Anima mailing list
Anima@ietf.org
https://www.ietf.org/mailman/listinfo/anima
