Randy Bush <[email protected]> wrote: >> The BRSKI specification is a tradeoff and that's why I would really >> like to see the tradeoff explained in clear terms in the spec. It is >> designed to prevent hijacking of the device during its registration in >> the buyer's network.
> if, to actually own a device i bought, i need to manage my own
> security, then i will take that.
I think that this is already the case, and I see BRSKI as a mechanism by
which to safely handoff control from the manufacturer to the owner.
If the manufacturer doesn't want to do this, BRSKI isn't very useful to
them. They should retain control of the device via their cloud
infrastructure, and not let the end user have any control at all.
> the manufactures have very small incentive to lower drm barriers. i
> can point to a jillion current examples. my favorite of the week is
> john deere.
You are right. But at least it's clear that john deere actually owns the
tractor, not the farmer and walk away from the mortgage. It's not a
pretty picture, but I don't think we are making the situation worse: there is
already DRM and TPM.
What we are doing is making it clear that the tractor is actually owned,
and not p0wned. However, I'm not sure that BRSKI has a value for large
devices with real user interfaces. Maybe it has value for implements though.
--
Michael Richardson <[email protected]>, Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
