/* WHISPER FOR OT */ Device identity on the wire for the plant floor. Give every industrial asset — PLC, RTU, IED, HMI, engineering workstation, gateway, historian — an identity it can prove and no one can forge: a routable IPv6 /128 derived from the public key it already holds, DNSSEC-anchored, DANE-EE pinned, RDAP-registered, verifiable by anyone with dig. Bind the OPC UA ApplicationUri (or the 802.1AR IDevID / asset serial) to that /128, and an off-switch its protocol never had — revocable across the integrator/vendor/asset-owner boundary at DNS-TTL. Plus MUD (RFC 8520) egress made enforceable. So a reachable socket on a flat network can't command a plant you never set foot in. The docs and the whole system behind this are identical to whisper.online; only the story here is told for the asset owner and the OT-security team. /* THE OPERATOR */ Operator: Whisper Security (viaGraph B.V.), Amsterdam, NL Network: AS219419, IPv6-only, RPKI-signed, MANRS-compliant Address space: AS219419 announces 2a04:2a01::/32, one /128 per device/agent