Opt-in accepting/distribution of 'generic'-signed serials

pedronis · September 6, 2017, 11:38am

Continuing on top of the work from Lazy/fallback serial registration for classic:

We would like to allow models to opt-in to receive serials from the store that would be signed by the new ‘generic’ authority, this would happen through a flag generic-serials: true in the model assertion,

to do this properly we need to extend the device registration protocol to include optionally the model assertion after the serial-request assertion in a request stream,

this requires first of all to adapt the registration endpoints to support and not choke on such request streams in:

serial-vault
store device registration endpoint

pedronis · September 6, 2017, 11:39am

@jamesj @rmescandon we are looking into starting this kind of change, I think I can submit a PR with a first sketch of what is needed to change in the serial-vault and we can go from there…

rmescandon · September 6, 2017, 12:44pm

@pedronis Ok. We can start from that. That would be also awesome having some details in the PR description about the change and needs covered.

pedronis · September 6, 2017, 2:05pm

thanks, I’ll look into having something during tomorrow

pedronis · September 7, 2017, 3:29pm

@jamesj @rmescandon I started/sketched something in:

https://github.com/CanonicalLtd/serial-vault/pull/152/files

pedronis · November 7, 2017, 7:14pm

I have redone the store endpoint changes for registration that we backed out when it was not clear how we would evolve the registration API:

pedronis · April 14, 2021, 9:48am

this was eventually implemented via serial-authority: [generic].