Opt-in accepting/distribution of 'generic'-signed serials

Continuing on top of the work from Lazy/fallback serial registration for classic:

We would like to allow models to opt-in to receive serials from the store that would be signed by the new ‘generic’ authority, this would happen through a flag generic-serials: true in the model assertion,

to do this properly we need to extend the device registration protocol to include optionally the model assertion after the serial-request assertion in a request stream,

this requires first of all to adapt the registration endpoints to support and not choke on such request streams in:

  • serial-vault
  • store device registration endpoint

@jamesj @rmescandon we are looking into starting this kind of change, I think I can submit a PR with a first sketch of what is needed to change in the serial-vault and we can go from there…

@pedronis Ok. We can start from that. That would be also awesome having some details in the PR description about the change and needs covered.

thanks, I’ll look into having something during tomorrow

@jamesj @rmescandon I started/sketched something in:


I have redone the store endpoint changes for registration that we backed out when it was not clear how we would evolve the registration API:

this was eventually implemented via serial-authority: [generic].

1 Like