Issue link: https://read.uberflip.com/i/1428305
TR005 LoRaWAN® Device Identification QR Codes ©2020 LoRa Alliance® Page 13 of 16 The authors reserve the right to change specifications without notice. Appendix A. Example Generation and Use of OwnerToken 313 314 This is an example of how OwnerToken may be generated and used. There are possibly 315 other ways of managing the OwnerToken. They are all valid as long as they are compliant 316 with the specification in Section 4.2.5.2. 317 318 - At the time of device provisioning on the JS, the JS generates a random OwnerToken and 319 assigns it to the DevEUI of the device. Both the DevEUI and the OwnerToken (along with 320 some other attributes, such as AppKey) are stored on the JS. The JS marks the device as 321 "unclaimed" at that point. 322 323 - The OwnerToken is provided to the manufacturer to generate the QR code to be printed 324 and placed on the end-device. There are other information elements needed for the QR that 325 are not mentioned here for the sake of brevity. 326 327 - Device with the QR code is placed inside a box and made available to the final owner 328 through a chain of events. The QR code cannot be readily seen from outside the box during 329 this journey. 330 331 - The owner unboxes the device. The owner uses the mobile app provided by her LoRaWAN 332 operator in order to provision the newly-acquired device with her own account. 333 334 - Mobile app reads the QR code on the device and sends that to a user account 335 management server in the operator domain. 336 337 - The server contacts the JS as identified by the JoinEUI which is encoded on the QR to 338 attempt to claim the device as identified by the DevEUI in order to set its home NS while 339 presenting the OwnerToken as the proof of ownership. The interface allowing this interaction 340 is currently outside the scope of LoRa Alliance. 341 342 - The JS verifies the device identified by the DevEUI is not claimed and the received 343 OwnerToken matches the stored value. If this is the case, the JS marks the device as 344 "claimed", and sets the home NS to the value received in the request. 345 346 In this example, one-time claim is illustrated. Subsequent unclaim/claim procedures can be 347 implemented by the JS generating and providing a new OwnerToken back to the current 348 owner to be shared with the future owner of the device. 349 350 351