...
Such Device Keys may be created using a Key Derivation Key (KDK) which is common to an application providers (usually a sales channels) all devices. This KDK can then be shared among the participants which should be able to validate the device signature protection. The KDK is a symmetric key which needs to be held confidential to any adversaries. For this reason it is not exchanged through the Metadata, but rather provided bilaterally using the Device API endpoint, and then only to authorised entities.
How a Device Key are is derived from the KDK is described in MTS2. As Device Keys are stored in non-secure environments, it is appropriate to regularly roll them. Likewise, it is also reasonable to rotate KSKs, as they are distributed over a potential large number of participants and devices. The required timing for updating the KDK is determined bilaterally between the participants, which would also affect any roll-over schedules. KDKs are generally valid for as long as they are available though the Devices API. During a roll-over several KDKs will normally have to be available, and the receiving party should accept them all as valid. As a key is no longer available through the API is must be removed from all validating devices.
...