Special D3 Claims
The special claims section is for advanced features that could bd developed in the future, or as proprietary extensions, but are not expected within the first release.
Infer Device Spoofing
A simple example of a smart agent, could report potential MAC spoofing instances.
Any MAC address reported simultaneously from two origins, is a potentially suspicious activity
SIGNED-BY: (AGENT | CLOUD) (prv-key)
Subject(mac-address): 00:00:5e:00:53:af (optional)
D3-type: d3-mac-spoof
first instance: domain:GUID1
second instance: domain:GUID2
There are many ways of implementing this. And the value is dependent on what visibility is has of asserted devices.
Zero knowledge proofs could be used to limit information disclosure
Work needs doing to see how reliable this is. How many MAC address duplications are they in the wild?
Infer IP conflict
The router could assert an identified IP conflict (two devices on the same network holding the same IP address at he same time)
Value here is the IP conflict can be recognised with inferred device type and history, so we can see the probable culprit