> On Tue, 2022-03-29 at 14:38 +0000, Peter Robinson wrote: > > > > > > Can we get a link to the actual software stack being > > > > > > proposed? > > > > > > The link in this proposal is a marketing post ... > > > > > > > > > > Yes, that was an oversight, for reference: > > > > > https://github.com/fedora-iot/fido-device-onboard-rs > > > > > > > > For reference it's under scope where I mentioned the > > > > implementation > > > > and clearly forgot to add the link. > > > > > > > > > > This is pretty neat! What kind of stuff can be done with this > > > onboarding system? > > > > It's designed to be small and straight forward, do one job securely > > Where is the security part coming from ? > Does this require devices to be pre-registred/pre-seeded with some root > of trust? > Or is it TOFU ? > > Or something else?
It uses a RoT/chain of trust, details are in the spec: https://fidoalliance.org/specs/FDO/FIDO-Device-Onboard-RD-v1.1-20211214/FIDO-device-onboard-spec-v1.1-rd-20211214.html _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
