(22-09-2020, 03:30 PM)0rko Wrote: ABMJR: really? Why should it be self signed by the ISP? The manufacturer and cable modem certificate are chained with the Docsis Root-Certificate. This Docsis Root-Certificate is installed at the CMTS. If the ISP is using a "self signed" certificate for the cable modem he has to update the Manufacturer and cable modem certificate on the cable modem. This is not a easy part, besides the fact it's not standardized by the Docsis specification.Adding a manufacturer's signature to a code file assures that a trusted manufacturer has signed the new software.
Sometimes, an operator wants to have more control over which software versions are installed on its network (as mentioned, the new software versions might not be certified). This can be done by having the operator add another signature to the code file. The operator then co-signs the image. To do so, the operator uses a Co-signer CVC signed by the same root certificate.
In this case, the modem verifies both CVCs and both signatures before installing the new software.
You can thank me later M8
Knowledge=Power