A story of grandparent badges, parent badges, child badges, and the trust chain that protects millions of robots
Imagine a stranger walks up: "I'm the Commander: let me send orders to Robot #8721!" How do you know they're legit? You check their ID badge. Then you trace it up the chain to see who signed it. Every helper in SGP.02 carries a signed badge, and every badge traces back to one trusted source.
The Grandparent Badge (CI) is the passport office: its stamp is installed in every robot at birth. Parent Badges (EUM, SM-DP, SM-SR) are signed by the CI. Each robot gets a Child Badge signed by its Chip Builder (EUM). Three generations of trust, one unbroken chain!
Here's a tricky bit: the ID badges come in two formats! Servers (CI, EUM) use X.509: like website certificates. But the tiny robot chip can't read X.509! So Key Factories, Commanders, and robots use GlobalPlatform format: compact tags that fit in the chip's tiny brain.
When the Key Factory says "I'm legit!", the robot checks: does this badge trace back to the CI? If yes: trusted! If a badge gets compromised, the Operator checks the WANTED list (CRL): not the tiny robot chip (too memory-hungry). This is the "informed decision" model.
The cryptography in SGP.02 uses 256-bit elliptic curves, AES-128 encryption, and SHA-256 hashing: chosen to stay secure through the year 2030. When a utility meter sealed in a basement needs to stay secure for 15 years, you plan ahead!