The problem is that possibly billions of devices will be bricked and landfilled before this becomes the norm.
On Tue, Oct 2, 2018 at 3:05 PM Michael Richardson <mcr+i...@sandelman.ca> wrote: > > Ted Lemon <mel...@fugue.com> wrote: > > The manufacturer-going-out-of-business use case argues for there > being > > a way that a person with physical access to the unit can re-key it > > without contacting the manufacturer. It also argues for open source, > > but that's out of scope. :) > > The authors think that having the box rekeyed is a feature that some > manufacturers will provide, and some buyers will **insist** upon. > > It has to be difficult, and in some cases, physical access may be too > insecure! > > It's not much different than handing an (sometimes encrypted) > QIC-tape/CD/DVD > containing source code over to an escrow lawyer, something I've regularly > done when I've worked on products with proprietary stacks. > We will see such things being discussed when we do the security review for > SUIT as well. > > Being able to replace the manufacturer trust anchors for firmware, and the > trust anchor for validating ownership vouchers will become a checkmark > feature. Any company can become Nortel. > > > -- > Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works > -= IPv6 IoT consulting =- > > > >
_______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima
