The Letter of Introduction

In 18th-century Europe, a traveler arriving in a new city would carry letters of introduction—documents signed by someone the recipient trusted, vouching for the bearer's identity. The letter itself wasn't secret; anyone could read it. What mattered was the seal.

The certificate in this protocol serves the same function. It's a letter of introduction signed by your CA, saying "the bearer of this document holds private key X and goes by serial number Y." The device presents it openly because it's designed to be shared.

The signature over the payload is different—it's the proof that the bearer actually holds the private key mentioned in the letter. Anyone can carry a letter; only the legitimate bearer can produce a valid signature.

The server doesn't keep a registry of all device certificates. It just trusts the CA's seal. When a device shows up with a certificate signed by your CA and produces a valid signature, the server knows: this is a legitimate device, and it's the device it claims to be.

Two proofs, one identity: the letter and the handshake.