I've added the current configuration for revoking a ldevid.
@jr7g19 has created a service that invokes the local_revoke_serial_multiple_args.sh script when a device becomes untrusted. The script revokes ldevids based on their serial number.
Ideally, we'd want to revoke the entire certificate (local_revoke.sh). However, this is not possible because the registrar cannot obtain the ldevid.
I changed the brski-server to reflect this setting and published this draft PR.
I've added the current configuration for revoking a ldevid.
@jr7g19 has created a service that invokes the local_revoke_serial_multiple_args.sh script when a device becomes untrusted. The script revokes ldevids based on their serial number.
Ideally, we'd want to revoke the entire certificate (local_revoke.sh). However, this is not possible because the registrar cannot obtain the ldevid.
I changed the brski-server to reflect this setting and published this draft PR.