I’d say it was entirely incorrect. PKI and attestation are things done by the manufacturer using a publish open standard. Manufacturers are not required to certify anything or pay a single royalty. Certification is optional and has other benefits which includes jointing the Thread Group (which steers the standard); the costs are simply a way of funding both the certification process (which requires people) and the Group, which also provides support and other resources (which again, requires people).
Basically, it’s not much different than when an Open Source project is supported by a company that separately offers an “Enterprise” option where they host the application and provide additional Enterprise features and support. It’s not required, but a business might choose to do it.
Basically, it’s not much different than when an Open Source project is supported by a company that separately offers an “Enterprise” option where they host the application and provide additional Enterprise features and support. It’s not required, but a business might choose to do it.