3.2.4.4 Confirm Action
In order to perform the Confirm action, the control point MUST attach a <Confirm> body to the DTAG SOAP message that contains the <HostID>, <IterationsRequired>, and <HostConfirmNonce> elements. This action is only valid if TrustState is 4 (Confirming).
On this action, the following checks MUST be performed:
The <HostID>, <HostConfirmNonce>, and <IterationsRequired> (N) MUST be syntactically validated.
The <HostID> MUST match the value of the _HostID obtained in the Exchange action.
The value of HMAC(_HostConfirmNonce, UTF-8 (N + OTP + _HostID + _HostCertificate) ), as specified in section 3.1.1, MUST match the _HostConfirmAuthenticator acquired in the Exchange action.
If successful, then trust has been established, and the service:
MUST store _HostID and _HostCertificate in a tamper-proof, persistent store.
MUST change TrustState from 4 (Confirming) to 0 (Idle).
MUST set the following element and return with status 200 (success):
<DeviceConfirmNonce>, a base64 encoded string of _DeviceConfirmNonce, which is the 20 octet random number acquired in section 3.1.4.1.
If this action fails, the device MUST find the appropriate error code from the table in section 2.2.3.1 and send a SOAP fault message to the control point, as specified in section 3.1.1.