Warning: Some posts on this platform may contain adult material intended for mature audiences only. Viewer discretion is advised. By clicking ‘Continue’, you confirm that you are 18 years or older and consent to viewing explicit content.
Company A submits a new device for certification signed by their private key.
Company B certifies the device signed by their private key.
Company C on boards a device for an end-user and is confident it came from Company A and has been verified by Company B since the device has a certificate that can be verified from Companies A and B.
Yes it prevents home brew (though you can do home brew by replacing Company C with your own controller), but it also prevents knock offs.
When this information is distributed (like Lemmy federation), between instances, one has a degree of assurances all these records originated from the signer.
While the ledger part is not required, it provides a nice audit trail for the companies who do not trust each other enough without the transparency. Sure a central authority like the ESRB could do the same, but we could also all be on Reddit and not Lemmy…
Company A submits a new device for certification signed by their private key.
Company B certifies the device signed by their private key.
Company C on boards a device for an end-user and is confident it came from Company A and has been verified by Company B since the device has a certificate that can be verified from Companies A and B.
Yes it prevents home brew (though you can do home brew by replacing Company C with your own controller), but it also prevents knock offs.
When this information is distributed (like Lemmy federation), between instances, one has a degree of assurances all these records originated from the signer.
While the ledger part is not required, it provides a nice audit trail for the companies who do not trust each other enough without the transparency. Sure a central authority like the ESRB could do the same, but we could also all be on Reddit and not Lemmy…