> In all cases, we would like to standardize the trust root
> provisioning protocol without having to mandate any
> boots-trapping public key. Just having the message exchange
> protocol with standardized formats for the trust-anchor info
> including meta-data for the anchor's issuing constraints
> would be great. The security mechanism to use relies on the
> shared-secrets/OTP/Kerberos/password/public-key, and should
> not be mandated IMHO.
> Hope that explains.
It seems like the issue is more with a comment in section 4 of the problem statement regarding the placement of at least one public key in a device during initialization than with the TA definition that preceded this discussion. I propose we adopt a public key/signature-focused TA definition, soften the language in the problem statement regarding the bootstrap public key and address these issues when we define the security mechanisms for TA mgmt messages. There may be some additional tweaks to the problem statement resulting from this discussion as well.