Dear all:
AFAIK, DAC contains the device's identity information and the manufacturer's signature.
On the other hand, The private key is used to generate the manufacturer's signature.
Is it possible not to store the DAC private key due to signature has been existed in DAC?
dac_cert |
(DAC) Device Attestation Certificate | <1, 602> B | byte string | mandatory | The Device Attestation Certificate (DAC) and the corresponding private key are unique to each Matter device. The DAC is used for the Device Attestation process and to perform commissioning into a fabric. The DAC is a DER-encoded X.509v3-compliant certificate, as defined in RFC 5280. |
dac_key |
DAC private key | 68 B | byte string | mandatory | The private key associated with the Device Attestation Certificate (DAC). This key should be encrypted and maximum security should be guaranteed while generating and providing it to factory data. |
BR
Chuan
