On 2018-10-02 08:36, Randy Bush wrote: >>> a stunning review as usual. but i have two questions which you kind >>> of finessed. they are simple binary, i.e. yes/no, questions that the >>> end user, to whom the IETF is ultimately responsible, really cares >>> about. >> >>> if the manufacturer's servers go down, either permanently or even for >>> a day, does the device i have purchased still work? i.e. is it fail >>> soft? [0] >> >> First, BRSKI as used by ANIMA is specifically not targetted at Things. >> (We are developing profiles of BRSKI that are about Things, but I >> think that this internet-draft should not be be evaluated on that >> basis). >> >> It's targetted at routers and other devices found at ISPs or >> Enterprises. > > i missed where i said light bulbs. i do have some of those, but i run > routers, servers, etc.; and do not want $vendor to break my network for > *any* reason. > >> Second, the only time the manufacturer's servers need to be alive is >> when device ownership is claimed. > > i.e. when i sell the router to some other op. that was my second > question. > >> Once the device is claimed, it joins *YOUR* network, and trusts your >> infrastructure, not the manufacturer. Whether or not the device will >> *operate* without the manufacturer's servers is really outside of >> BRSKI. > > ahhh. we just sell the guns, we do not say how they are used. It's not quite that. We sell X's. We cannot control how the X's are used. But if they are used without calling home to our MASA, we cannot certify that they are genuine X's. They might be counterfeit X's. BRSKI is a way of proving that the X announcing its identity as X12345 really is the one and only X12345. If you sell it to someone who doesn't care about that, they can use it anyway. Anyway, that's how I understand it. Brian > >>> That answer seems to imply that if the MASA is down before I try to >>> transfer my device, and if the MASA is still down when the recipient >>> tries to get my device working, it won't work. >> >>> Which seems to mean that once a MASA goes down permanently, any new >>> can not get a device reliant on that MASA to work. >> >>> Seems a pretty severe limitation. >> >> You are answering a different question than Randy asked > > no. he is speaking to the second question i asked. and his answer > deeply concerns me. > >> This is a pretty important question and we have discussed it at >> length. I remain concerned, but as far as I can see, we have this >> problem already. > > if i understand correctly, it creates a new problem, needing the > manufacturer's consent for me to resell my light^Hrouter. > >> It fundamentally depends upon a number of things which unfortunately, the >> manufacturer has ultimate decision making about. > > see above about guns > > randy >