OTA should offer a possibility for certificate update/revocation
PKI certificates used for secure connections do have an expiry date. It might be also necessary to revoke a certificate. The OTA should offer an option to update the certificates, including revocation.
This should cover:
- boot/image certificates
- application-level certificates (eg. built-in web server)