Just to complete the thought: Whether such a voucher would be pinned is something we do not have to specify, with the risks of it not being pinned being born by the owner.
Eliot > On 11 Jul 2019, at 23:44, Eliot Lear <[email protected]> wrote: > > Signed PGP part > One thought: > > I think the simplest way to address the bulk of both Adam’s and Warren’s > concern is to require the device to emit via whatever management interface > exists, upon request, a voucher that it has signed with its own iDevID. It > would have to be nonceless with perhaps a long expiry, and that would cover a > number of other use cases as well. That way if the manufacturer goes out of > business, or if the owner wants to transfer the device without manufacturer > consent, there is a way forward. > > Eliot > >
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
