Closed EskoDijk closed 1 year ago
@mcr Just to reconfirm - we agreed I think that a simple Pledge will identify itself using an IDevID certificate in the DTLS handshake, even if the Pledge does only RPK and it cannot do X.509 chaining & verification operations.
If ok then I can do a text change to clarify this.
Even if the Pledge can't do X509 operations, it still identifies itself using the IDevID. Text to be updated in Section 4 to reflect this. Section 8.3 also a little bit ("not PKIX certificates" -> "not PKIX certificate operations")