Eliot Lear <[email protected]> wrote: >> Eliot Lear <[email protected]> wrote: >>> Before we nail this down, it seems like we need to have a discussion >>> about how best to onboard wired IoT devices in particular from an >>> on-prem view. The issue here is that EAP-TLS-PSK is useful for that >>> purpose, as we discussed. Now there is nothing particularly special >>> about PSK and we could run with a naked public key pair as well in >>> 1.3, but we have to choose something. >> >> okay, so why do you prefer PSK?
> I do not. But we need to have *a* flow for on prem onboarding.
> TLS-PSK is one approach, but there are others. I just want a
> discussion before we nail this down, as I wrote.
>>
>>> The fundamental question is what does a manufacturer stamp into the
>>> device and what is placed on a label. We have a running example of
>>> DPP doing this for wireless with public key code, but that doesn’t
>>> get us to proper onboarding for wired – the signaling just isn’t
>>> there.
>>
>> I don't understand this. Are you saying that because it's wired,
>> people do not expect to scan anything?
> No quite the opposite- I’m saying that there is at least one way to do
> this with Wifi, but no way to do this for wired right now, an we need
> one.
So, can wired just be a degenerate version of wifi, where there can be only
one "ESSID", and there are no beacons to consider?
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | network architect [
] [email protected] http://www.sandelman.ca/ | ruby on rails [
signature.asc
Description: PGP signature
_______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
