Okay for you crypto people (by which I mean "cryptographers" not "tulip bulb investors"), I have a question that seems simple to me that can't be right. Why can't we ship valid SSL certificates with IoT for their management consoles?
-
Show this thread
-
Obviously, for a Linksys router, you can't ship a certificate in the http://linksys.com domain. But why not ship it for http://23486983.linksysdevice.com , where that's the serial number of the device? This could be signed by an intermediate http://linksysdevice.com signing certificate.
2 replies 0 retweets 10 likesShow this thread -
Now there is a DNS naming problem, but in the case of home routers, it going to be optionally doing your DNS for you anyway, so that when you attempt to resolve this, it gets 192.168.1.1 or whatever.
4 replies 0 retweets 4 likesShow this thread -
In the case of other IoT on the network, it's just a matter of reading the serial number off the device and adding it to your /etc/hosts file or your DHCP leases table.
7 replies 0 retweets 2 likesShow this thread
From the Web PKI perspective, this is totally doable. Plex is doing it, and they have a clever solution for the DNS problem: http://A-B-C-D.DEVICEID.plex.direct resolves to A.B.C.D. https://blog.filippo.io/how-plex-is-doing-https-for-all-its-users/ … But most IoT makers do not strike me as very savvy.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.