How to Manage Revocation of Keys for Critical Devices

The debug interface is only available for a short time. So you have to type that password in in the first two seconds after booting. Another question from the audience we have is how do you manage revocation of keys for critical devices? That's probably a whole paper. One I have not written. It isn't so much revoking the keys. It's replacing them. You can't just trash a bunch of units so they can't get to your cloud because they've fallen off a truck or something, that's one thing. But if you have devices you think may have been accessed improperly, then you probably just sending them new keys isn't going to help.