One thought: I think the simplest way to address the bulk of both Adam’s and Warren’s concern is to require the device to emit via whatever management interface exists, upon request, a voucher that it has signed with its own iDevID. It would have to be nonceless with perhaps a long expiry, and that would cover a number of other use cases as well. That way if the manufacturer goes out of business, or if the owner wants to transfer the device without manufacturer consent, there is a way forward.
Eliot
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima