microbuilder
commented
2 years ago As discussed, lets rename this to 'Bootstrap Key/Cert'
Closed d3zd3z closed 2 years ago
microbuilder
commented
2 years ago As discussed, lets rename this to 'Bootstrap Key/Cert'
d3zd3z
commented
2 years ago Resolved by #26
Right now, anyone can connect to the CA port, give a CRT, and be issued to certificate (and even be registered as a device). As a beginning level of security, we can create a device-class key which is used by all of the devices in one class to register. This would need to present a client certificate during the handshake to prove the device is valid. Probably initially, we could compile this private key into the image directly.