I would like to have a discussion about provisioning. Right now, it seems that the only way we specify a device identifying itself is by giving its public key, which would require that every device to be provisioned be entered into some kind of database before it could be known.

Instead I'd like to propose that we have a way of storing and retrieving an X.509 certificate, which would have that public key in it, along with a signature chain that could be used to indicate that this device is trusted. This is commonly done in deployed devices, and we might as well add this functionality now.

David