<john_k[m]>
whitequark: did they not want to accept pre-programmed parts? or something else?
<whitequark>
pre-programmed parts?
<john_k[m]>
ATECC, you'd need to send them pre-provisioned parts right?
<john_k[m]>
sorry that statement is a bit abiguous, for a manufacturer to produce a board with an ATECC either you're have to provide them with a quantity of pre-provisioned ATECC ICs, or have the manufacturer provision them themselves
<john_k[m]>
I was just curious what the vendors objected to
<whitequark>
the plan was to do the latter, i specifically insist on *not* manufacturing *anything* for this project
<whitequark>
that's why one would need PKI
<whitequark>
and manufacturers didn't see the hassle worth the benefits
<john_k[m]>
ah, one could always have a supplier like AVNet provision them for you, increases cost though
<john_k[m]>
the manufacturer's side makes sense, it's something they're not good at
<whitequark>
nope
<whitequark>
the manufacturer would just give me a key
<whitequark>
well, i guess you could ask avnet, but that wasn't the plan
<awygle>
Microchip actually provisions shit themselves now
<awygle>
In reasonable quantities but perhaps not quite _this_ low
<john_k[m]>
awygle: huh, neat
<whitequark>
the plan would be that the manufacturer would give me a pubkey, with a privkey that remains on their premises, and i authenticate using their pubkey
<whitequark>
without any third parties
<john_k[m]>
right, I don't know of a single board house that I would trust to understand or implement PKI of any sort
<john_k[m]>
including Foxconn, etc...
<whitequark>
they'd run code that i provide as a part of the whole $ glasgow factory thing
<john_k[m]>
ah
<whitequark>
the PKI would provide benefits solely to *them*
<whitequark>
since they're the one who would need to ensure the returns are genuine
<whitequark>
so if they fuck it up, that's solely their problem and not mine
_alice has quit [Remote host closed the connection]
Stormwind_mobile has quit [Remote host closed the connection]