Secure subsequent provisioning?

Hello,

Have you thought about including some security schema in the standard for subsequent provisioning?
For example, intermediating a secure token that can be required to reset or update previous provision state.

Kind regards,
Mate