Understand PKI (public key infrastructure)

[emiltin]

device are often on a closed network with out access to the general internet. does this make it hard to validate certificates?

C-ITS has some of the same challenge, perhaps there is prio art in e.g. Nordic Way 3.

• technical
• organizational, who does what?

[emiltin]

https://en.wikipedia.org/wiki/Public_key_infrastructure#Issuer_market_share https://www.encryptionconsulting.com/a-detailed-guide-on-building-your-own-pki/ https://www.hashicorp.com/blog/pki-and-internet-of-things-use-cases

[emiltin]

EST is a PKI enrollment service that standardizes interoperability and secure information exchange between client and certificate authority (CA). In an IoT PKI architecture, EST services execute functions generally done by Registration Authorities (RA). For instance, EST validates whether clients are authorized to receive the requested certificates. When validated, EST communicates with the CA to return the certificate(s) to the client. EST is popular for IoT use cases because of its interoperability advantages and because it only requires requests via a standard URL or IP address.

https://en.wikipedia.org/wiki/Enrollment_over_Secure_Transport