Skip to content

Any way to not distribute the signing key? #305

Description

@vlovich

Currently if I didn't misread the docs the flow is for the provisioner device to have the customer key which means that the key is accessible to it and the provisioning device itself needs to be super hardened. This seems like a security risk if you want to give the provisioner to an untrusted party to do the flashing en masse. Isn't it more common to generate a signed image and only distribute the public key? Or am I totally misreading the docs about how it works?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions