|
|
|
|
|
|
by cyberax
564 days ago
|
|
|
Thank you! That's pretty cool. The proposed changes actually will fix this glaring omission: > Limited Security – by only validating SECC TLS cert is from a trusted issuer, one charger’s compromised private key compromises the entire region And I like the simplification. Instead of relying on validating contracts, the charger provider will simply rely on signed "metering receipts" from the car. Each car has its own private key (presumably in some hardware-hardened storage), and the charging network can just associate the payment details with the public key of the car. The provider can use the receipts as a proof that the car has indeed used the charging equipment. And the receipts are sent periodically during the charging process, so the charger can terminate the session if there's a discrepancy between the station's and the car's accounting. Nice and neat. Edit: and this also can easily work offline. The networks can just sync the list of approved public keys to chargers with the corresponding credit balances. It'll require account setup with each network, but if you have to do it once, it's not _too_ bad. |
|
|
For example, Ford has this "Blue Oval" network concept, so any charger network that is a part of that would trust that without necessarily needing me to associate my individual car identity.
Honestly though I'm kind of a fan of just having a credit card reader on the dispenser. Its way easier if I want to choose a different payment method for a particular charge, and honestly it is not that much additional work to plug in, tap a credit card or phone, and then it starts charging. Its adding like 10-30 seconds to a 10min+ transaction.