Eliot Lear <l...@cisco.com> wrote:
>> Eliot Lear <l...@cisco.com> wrote:
>>> Before we nail this down, it seems like we need to have a discussion
>>> about how best to onboard wired IoT devices in particular from an
>>> on-prem view. The issue here is that EAP-TLS-PSK is useful for that
>>> purpose, as we discussed. Now there is nothing particularly special
>>> about PSK and we could run with a naked public key pair as well in
>>> 1.3, but we have to choose something.
>>
>> okay, so why do you prefer PSK?
> I do not. But we need to have *a* flow for on prem onboarding.
> TLS-PSK is one approach, but there are others. I just want a
> discussion before we nail this down, as I wrote.
>>
>>> The fundamental question is what does a manufacturer stamp into the
>>> device and what is placed on a label. We have a running example of
>>> DPP doing this for wireless with public key code, but that doesn’t
>>> get us to proper onboarding for wired – the signaling just isn’t
>>> there.
>>
>> I don't understand this. Are you saying that because it's wired,
>> people do not expect to scan anything?
> No quite the opposite- I’m saying that there is at least one way to do
> this with Wifi, but no way to do this for wired right now, an we need
> one.
So, can wired just be a degenerate version of wifi, where there can be only
one "ESSID", and there are no beacons to consider?
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | network architect [
] m...@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
signature.asc
Description: PGP signature
_______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
