I would probably go a step further than Adam. Protecting the device so
a thief can not use it in the thiefs' own network seems to me to be
something that we should not be trying to achieve. An active non-goal.
It is not our problem. And trying to achieve it has the implications
that lead to this whole discussion about the original manufacturer
controlling who can resell / re-buy the device. While manufacturers may
like that, it does not seem to be something we should get involved in.
At all.
Yours,
Joel
On 7/15/2019 5:10 PM, Adam Roach wrote:
On 7/15/19 3:38 PM, Brian E Carpenter wrote:
On 15-Jul-19 16:45, Joel M. Halpern wrote:
I presume I am missing something basic.
I have tried to follow this discussion, as it seems to be about a
critical aspect of whether the BRSKI work is acceptable.
I have assumed that what we needed is the ability for a buyer, who has
physical possession of the device, and possibly some simple (non
cryptographic) credentials provided by the seller to force the device to
reset what it thinks it is part of, and to emit in some accessible form
the information the buyer needs to be able to make this device part of
his network, using his authentication servers, etc.
Yes, but *not* a solution that works if the device is stolen.
I'm actually a little ambivalent with respect to this use case. For the
kind of devices that the document purports to be targeting, I would
imagine that theft is in the range of parts-per-thousand (or lower) as
compared to things like post-bankruptcy liquidation. If you can fix the
first without ruining the second, great.
/a
_______________________________________________
Anima mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/anima
