Eliot Lear <l...@cisco.com> wrote:
    >> Eliot Lear <l...@cisco.com> wrote:
    >>> Before we nail this down, it seems like we need to have a discussion
    >>> about how best to onboard wired IoT devices in particular from an
    >>> on-prem view.  The issue here is that EAP-TLS-PSK is useful for that
    >>> purpose, as we discussed.  Now there is nothing particularly special
    >>> about PSK and we could run with a naked public key pair as well in
    >>> 1.3, but we have to choose something.
    >> okay, so why do you prefer PSK?

    > I do not.  But we need to have *a* flow for on prem onboarding.
    > TLS-PSK is one approach, but there are others.  I just want a
    > discussion before we nail this down, as I wrote.

    >>> The fundamental question is what does a manufacturer stamp into the
    >>> device and what is placed on a label.  We have a running example of
    >>> DPP doing this for wireless with public key code, but that doesn’t
    >>> get us to proper onboarding for wired – the signaling just isn’t
    >>> there.
    >> I don't understand this.  Are you saying that because it's wired,
    >> people do not expect to scan anything?

    > No quite the opposite- I’m saying that there is at least one way to do
    > this with Wifi, but no way to do this for wired right now, an we need
    > one.

So, can wired just be a degenerate version of wifi, where there can be only
one "ESSID", and there are no beacons to consider?

]               Never tell me the odds!                 | ipv6 mesh networks [ 
]   Michael Richardson, Sandelman Software Works        | network architect  [ 
]     m...@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [ 

Attachment: signature.asc
Description: PGP signature

Emu mailing list

Reply via email to