A device certificate identifies a particular device using a globally-unique
device identifier and contains a public key associated therewith. A
private key stored in protected storage of the device is used to digitally
sign outbound messages, enabling the message receiver to authenticate the
message originator. Devices requesting address assignment from a service
such as a Boot Protocol or Dynamic Host Configuration Protocol service can
be authenticated by that service before an address is assigned. The device
of the service providing the address assignment may also digitally sign
the requested address, using its own private key, enabling the address
receiver to verify that the address provider is authentic before accepting
and using the assigned address. A device requesting an update to address
information stored in a Domain Name System (DNS) server can be
authenticated and/or can ensure that a legitimate DNS has been contacted.
