| 摘要 |
A device certificate identifies a particular device using a globally-unique device identifier and contains a public key associated therewith. A private key stored in protected storage of the device is used to digitally sign outbound messages, enabling communicating devices to authenticate one another using the associated device certificate and public key, before returning a response. Devices functioning as servers can thereby securely participate in dynamic, automatic address assignment services using a service such as a Boot Protocol or Dynamic Host Configuration Protocol, and/or to update address information stored in a Domain Name System (DNS) server, ensuring that the update is authentic, and when the DNS is also authenticated, ensuring that a legitimate DNS has been contacted.
|
