Here is the use case:
- Router vendor to support 3rd party app hosting on their Routers with apps digitally signed by Router vendor only.
- Router to support skipping signature verification for App developers/vendors during Dev phase.
- Router to enforce signature verification in production mode.
- Router vendor to build this solution on a production router image so that they don’t need to provide separate Dev/Test router image to app vendors during Dev phase.
What is the secure way to support this on embedded systems like Routers without having to create 2 separate sets of images for Dev and Production from the router vendor?