icos-2----Page:17
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
|
Initial Provisioning Scenario: Company Y calls OEM, says “please send me 10K hosts, pre-provisioned for IP configuration security.” Can they easily be manufactured? Where goal is secure boot, credentials may need to be provisioned in NVRAM How many different credentials are required? Shared secrets, certificates, trust anchors, etc. How much boot ROM code is required? Certificate handling requires substantial footprint Boot ROM code often runs in REAL mode Does NVRAM need to be individually provisioned? Unique shared secret/certificate for each client? Same set of trust anchors? |