Having thought about how else it could "worl" for a while, the only two ways I can think of are:
The vendor purchasing a FQDN. getting a CA signed cert for that domain, put that cert in the firmware image, then either:
* pointing it to a RFC 1918 address (internal, eg. 192.168.1.1)
* configuring the device to engage in some sort of dns spoofing.
All of which.. seems bad.
Am I close?
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds