On Thu, Jul 11, 2019 at 11:44:55PM +0200, Eliot Lear wrote: > One thought: > > I think the simplest way to address the bulk of both Adam’s and Warren’s > concern is to require the device to emit via whatever management interface > exists, upon request, a voucher that it has signed with its own iDevID. It > would have to be nonceless with perhaps a long expiry, and that would cover a > number of other use cases as well. That way if the manufacturer goes out of > business, or if the owner wants to transfer the device without manufacturer > consent, there is a way forward.
An interesting thought. Would there be a way (or a need) to usefully audit such voucher issuance? -Ben _______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
