Jeremy Hahn <m...@jeremyhahn.com> wrote:
> An attestation authorization still needs to be verified with a challenge,
> so setting it to valid in the new-order request does not seem like it
would
> work. I think what's best for device attestation is the ability to send
the
> attestation / challenge response at the same time the challenge is
If I'm understanding this thread correctly...
I really think it's a mistake to lump attestation responses in with
authorization challenges. As I said in the WG session, I think that the
terminology is an attractive nuissance and we need a new term that describes
the process by which a client proves they are "sane" enough to be issued a
certificate, and that this is very different from proving authorization for a
name.
OTH, I may mis-understand this discussion.
--
Michael Richardson <mcr+i...@sandelman.ca> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ Acme mailing list -- acme@ietf.org To unsubscribe send an email to acme-le...@ietf.org
