You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is the target device guaranteed to be provided with that CA cert(ca-cert1) from the gNOI client beforehand?
If the CA cert(ca-cert1) is not present or if the certificate(ee-cert1) verification fails with CA cert(ca-cert1), should the target device fail the install RPC?
Is the expected behavior applicable for rotate() RPC as well?
The text was updated successfully, but these errors were encountered:
Section "Validate installed certificate" from page https://github.com/openconfig/gnoi/blob/master/docs/simplified_security_model.md#validate-installed-certificate insists that the target device needs to verify the new certificate(let's say ee-cert1) being installed with a CA cert(let's say ca-cert1) in the CA pool.
The text was updated successfully, but these errors were encountered: