Re: The embedded gear is often based on very low-power hardware
So start out using a weak key and then replace it after it has been running long enough to generate a strong one
They're talking about the private half of a key pair with an associated certificate, are they not? So replacing the private key would mean requesting a new certificate from the CA and updating that. And that means the device would have to be able to create a CSR (or use some other, almost certainly worse, protocol for the certificate request), contact the CA, and install the new certificate; it's not simply a matter of replacing a single key.
And the CA would have to be able to verify the identity of the requesting device. It could counter-sign its CSR with its existing key, but the whole problem is the existing key is weak.
A simpler fix would be to add some better entropy-generating hardware to the device. I don't pay close attention to current research in HRNGs, but I'd bet that even traditional techniques such as Zener diode avalanche noise or reverse-bias transistor noise would improve whatever these weak-key devices are currently doing. These aren't expensive techniques and multiple instances can be run in parallel.
Of course, as someone else posted above, some of these devices may be getting keys burned in at manufacturing time, and it's simply a matter of better manufacturing.
