Certificates are associated with an HFC MAC address. All they are are Verisigns Root Server validating that the HFC MAC you have has its correct "born-at-birth" Verisign made certificates. in the old days, users could just "sniff" a network and grab some HFC MACs that were buzzing along between the cable modem and the CMTS..The problem was, when BPI +, and the "+" is critical here, was enforced, these HFC MAC's were asked to send their certificates which were made at the time the modem had its non-vol injected at the factory. When you sniff for MACs you dont get these specific certificates, thus when the CMTS asks for them, the HFC MAC will fail verification as the certs that are in the one you have do not match since you used a MAC you sniffed on the network...
Kapisch?
Kapisch?
Knowledge=Power