Welcome to the IoT Fuse 2018 workshop on PKI Integration.
The purpose of this class is to discuss and practice using tools helpful in securing devices at the transport layer. Modern IoT Platforms, such as Murano, can utilize the device's Client Certificate (public key) to authenticate and identify the connecting device.
This allows the IoT platform to utilize the asymmetric encryption methods in TLS for provisioning and identification at the connection-level.
Though it is still common, and sometimes necessary, to add a symmetric provisioning layer on top of the TLS connection (e.g. connect, retrieve auth token in a secure/trusted environment like a manufacturing facility, use token for all subsequent connections), it is often desirable and becoming more common to allow the connecting device to present its Client Cert as its identity.