Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
  • Using self-signed certificates using elliptic curve key pairs
    • Reasonable key size for 20 year time frame
    • Considering adding certificate signing request
    • At factory/install specify EVC plus root CA certificate for EVC
  • Leverage TEE/TPM for secure key storage, measured boot, etc
  • Several variants for on-boardingĀ depending on factory constraints
    • Want strong binding between user/purchaser and device identity
  • Images are signed; verified by device; can pull from any datastore
  • No remote (ssh) or keyboard access to EVE(*)

...