diff --git a/apps/esp32/light_example/sdkconfig b/apps/esp32/light_example/sdkconfig
index e0584603..9f847479 100644
--- a/apps/esp32/light_example/sdkconfig
+++ b/apps/esp32/light_example/sdkconfig
@@ -339,7 +339,9 @@ CONFIG_HEAP_TRACING_OFF=y
 # CONFIG_HEAP_TRACING_TOHOST is not set
 # CONFIG_HEAP_TRACING is not set
 CONFIG_STDK_IOT_CORE=y
+CONFIG_STDK_IOT_CORE_EASYSETUP_DISCOVERY_SSID=y
 CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP=y
+CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP_USE_SOCKET_API=y
 # CONFIG_STDK_IOT_CORE_EASYSETUP_X509 is not set
 # CONFIG_STDK_IOT_CORE_EASYSETUP_LOG_SUPPORT_NO_USE_LOGFILE is not set
 CONFIG_STDK_IOT_CORE_LOG_LEVEL_ERROR=y
diff --git a/apps/esp32/ota_demo/main/ota_util.c b/apps/esp32/ota_demo/main/ota_util.c
index 52bc7cce..c90ddeef 100644
--- a/apps/esp32/ota_demo/main/ota_util.c
+++ b/apps/esp32/ota_demo/main/ota_util.c
@@ -34,6 +34,7 @@
 #include "mbedtls/rsa.h"
 #include "mbedtls/pk.h"
 #include "mbedtls/ssl.h"
+#include "mbedtls/error.h"
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -279,44 +280,64 @@ static int _crypto_sha256(const unsigned char *src, size_t src_len, unsigned cha
 
 static int _pk_verify(const unsigned char *sig, const unsigned char *hash)
 {
-	int ret;
+    int ret;
 
-	mbedtls_pk_context pk;
+    mbedtls_pk_context pk;
 
-	unsigned char *public_key = (unsigned char *) public_key_start;
-	unsigned int public_key_len = public_key_end - public_key_start;
+    unsigned char *public_key = (unsigned char *) public_key_start;
+    unsigned int public_key_len = public_key_end - public_key_start;
+    unsigned char *public_key_buffer = NULL;
 
-	mbedtls_pk_init( &pk );
+    public_key_buffer = (unsigned char *)malloc(public_key_len + 1);
+    if (!public_key_buffer) {
+        printf("Couldn't allocate memory \n");
+        return -1;
+    }
 
-	ret = mbedtls_pk_parse_public_key( &pk, (const unsigned char *)public_key, public_key_len );
-	if (ret != 0) {
-		printf("Parse error: 0x%04X\n", ret);
-		goto clean_up;
-	}
+    memcpy(public_key_buffer, public_key, public_key_len);
+    public_key_buffer[public_key_len] = '\0';
 
-	if (!mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA))
-	{
-		printf("Failed! Key is not an RSA key\n");
-		ret = MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH;
-		goto clean_up;
-	}
+    mbedtls_pk_init( &pk );
 
-	ret = mbedtls_rsa_check_pubkey(mbedtls_pk_rsa(pk));
-	if (ret != 0) {
-		printf("Check pubkey failed: 0x%04X\n", ret);
-		goto clean_up;
-	}
+    ret = mbedtls_pk_parse_public_key( &pk, (const unsigned char *)public_key_buffer, public_key_len + 1 );
+    if (ret != 0) {
+        char error_buf[100];
+        mbedtls_strerror( ret, error_buf, 100);
+        printf( "parse error -0x%04x - %s \n", -ret, error_buf );
+        goto clean_up;
+    }
 
-	if ((ret = mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, hash, OTA_CRYPTO_SHA256_LEN, sig, OTA_SIGNATURE_SIZE)) != 0 ) {
-		printf("Invalid firmware : 0x%04X\n", ret);
-		goto clean_up;
-	}
+    if (!mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA))
+    {
+    	printf("Failed! Key is not an RSA key\n");
+    	ret = MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH;
+    	goto clean_up;
+    }
+
+    ret = mbedtls_rsa_check_pubkey(mbedtls_pk_rsa(pk));
+    if (ret != 0) {
+        char error_buf[100];
+        mbedtls_strerror( ret, error_buf, 100);
+        printf( "parse error -0x%04x - %s \n", -ret, error_buf );
+        goto clean_up;
+    }
+
+    if ((ret = mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, hash, OTA_CRYPTO_SHA256_LEN, sig, OTA_SIGNATURE_SIZE)) != 0 ) {
+        char error_buf[100];
+        mbedtls_strerror( ret, error_buf, 100);
+        printf( "parse error -0x%04x - %s \n", -ret, error_buf );
+        goto clean_up;
+    }
 
 clean_up:
 
-	mbedtls_pk_free( &pk );
+    if (public_key_buffer) {
+        free(public_key_buffer);
+    }
 
-	return ret;
+    mbedtls_pk_free( &pk );
+
+    return ret;
 }
 
 static bool _check_firmware_validation(const unsigned char *sha256, unsigned char *sig_data, unsigned int sig_len)
diff --git a/apps/esp32/ota_demo/sdkconfig b/apps/esp32/ota_demo/sdkconfig
index 9a713f92..9bfbfc1d 100644
--- a/apps/esp32/ota_demo/sdkconfig
+++ b/apps/esp32/ota_demo/sdkconfig
@@ -339,6 +339,7 @@ CONFIG_HEAP_TRACING_OFF=y
 # CONFIG_HEAP_TRACING_TOHOST is not set
 # CONFIG_HEAP_TRACING is not set
 CONFIG_STDK_IOT_CORE=y
+CONFIG_STDK_IOT_CORE_EASYSETUP_DISCOVERY_SSID=y
 CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP=y
 CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP_USE_SOCKET_API=y
 # CONFIG_STDK_IOT_CORE_EASYSETUP_X509 is not set
diff --git a/apps/esp32/switch_example/sdkconfig b/apps/esp32/switch_example/sdkconfig
index e0584603..9f847479 100644
--- a/apps/esp32/switch_example/sdkconfig
+++ b/apps/esp32/switch_example/sdkconfig
@@ -339,7 +339,9 @@ CONFIG_HEAP_TRACING_OFF=y
 # CONFIG_HEAP_TRACING_TOHOST is not set
 # CONFIG_HEAP_TRACING is not set
 CONFIG_STDK_IOT_CORE=y
+CONFIG_STDK_IOT_CORE_EASYSETUP_DISCOVERY_SSID=y
 CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP=y
+CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP_USE_SOCKET_API=y
 # CONFIG_STDK_IOT_CORE_EASYSETUP_X509 is not set
 # CONFIG_STDK_IOT_CORE_EASYSETUP_LOG_SUPPORT_NO_USE_LOGFILE is not set
 CONFIG_STDK_IOT_CORE_LOG_LEVEL_ERROR=y
diff --git a/apps/esp8266/light_example/sdkconfig b/apps/esp8266/light_example/sdkconfig
index 26d3daf8..6df9eaff 100644
--- a/apps/esp8266/light_example/sdkconfig
+++ b/apps/esp8266/light_example/sdkconfig
@@ -354,6 +354,7 @@ CONFIG_OPENSSL_ASSERT_DO_NOTHING=y
 # CONFIG_ENABLE_PTHREAD is not set
 # CONFIG_USING_SPIFFS is not set
 CONFIG_STDK_IOT_CORE=y
+CONFIG_STDK_IOT_CORE_EASYSETUP_DISCOVERY_SSID=y
 CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP=y
 CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP_USE_SOCKET_API=y
 # CONFIG_STDK_IOT_CORE_EASYSETUP_X509 is not set
diff --git a/apps/esp8266/switch_example/sdkconfig b/apps/esp8266/switch_example/sdkconfig
index 26d3daf8..6df9eaff 100644
--- a/apps/esp8266/switch_example/sdkconfig
+++ b/apps/esp8266/switch_example/sdkconfig
@@ -354,6 +354,7 @@ CONFIG_OPENSSL_ASSERT_DO_NOTHING=y
 # CONFIG_ENABLE_PTHREAD is not set
 # CONFIG_USING_SPIFFS is not set
 CONFIG_STDK_IOT_CORE=y
+CONFIG_STDK_IOT_CORE_EASYSETUP_DISCOVERY_SSID=y
 CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP=y
 CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP_USE_SOCKET_API=y
 # CONFIG_STDK_IOT_CORE_EASYSETUP_X509 is not set
diff --git a/apps/rtl8195/light_example/sdkconfig.h b/apps/rtl8195/light_example/sdkconfig.h
index 3aa4bdaf..e8490ecb 100644
--- a/apps/rtl8195/light_example/sdkconfig.h
+++ b/apps/rtl8195/light_example/sdkconfig.h
@@ -3,6 +3,7 @@
 #define _SDKCONFIG_H_
 
 #define CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP_USE_SOCKET_API
+#define CONFIG_STDK_IOT_CORE_EASYSETUP_DISCOVERY_SSID
 #define CONFIG_MBEDTLS_XTEA_C 1
 #define CONFIG_MBEDTLS_KEY_EXCHANGE_RSA 1
 #define CONFIG_MBEDTLS_AES_C 1
diff --git a/apps/rtl8195/light_example/usr_config.mk b/apps/rtl8195/light_example/usr_config.mk
index 7168bb24..059674bd 100644
--- a/apps/rtl8195/light_example/usr_config.mk
+++ b/apps/rtl8195/light_example/usr_config.mk
@@ -4,5 +4,6 @@
 
 CONFIG_STDK_IOT_CORE_SECURITY_BACKEND_SOFTWARE=y
 CONFIG_STDK_IOT_CORE_SECURITY_BACKEND_HARDWARE=
-
+CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP_USE_SOCKET_API=y
+CONFIG_STDK_IOT_CORE_EASYSETUP_DISCOVERY_SSID=y
 
diff --git a/apps/rtl8195/switch_example/sdkconfig.h b/apps/rtl8195/switch_example/sdkconfig.h
index 3aa4bdaf..e8490ecb 100644
--- a/apps/rtl8195/switch_example/sdkconfig.h
+++ b/apps/rtl8195/switch_example/sdkconfig.h
@@ -3,6 +3,7 @@
 #define _SDKCONFIG_H_
 
 #define CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP_USE_SOCKET_API
+#define CONFIG_STDK_IOT_CORE_EASYSETUP_DISCOVERY_SSID
 #define CONFIG_MBEDTLS_XTEA_C 1
 #define CONFIG_MBEDTLS_KEY_EXCHANGE_RSA 1
 #define CONFIG_MBEDTLS_AES_C 1
diff --git a/apps/rtl8195/switch_example/usr_config.mk b/apps/rtl8195/switch_example/usr_config.mk
index 7168bb24..059674bd 100644
--- a/apps/rtl8195/switch_example/usr_config.mk
+++ b/apps/rtl8195/switch_example/usr_config.mk
@@ -4,5 +4,6 @@
 
 CONFIG_STDK_IOT_CORE_SECURITY_BACKEND_SOFTWARE=y
 CONFIG_STDK_IOT_CORE_SECURITY_BACKEND_HARDWARE=
-
+CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP_USE_SOCKET_API=y
+CONFIG_STDK_IOT_CORE_EASYSETUP_DISCOVERY_SSID=y
 
diff --git a/apps/rtl8720c/light_example/sdkconfig.h b/apps/rtl8720c/light_example/sdkconfig.h
index 3aa4bdaf..e8490ecb 100644
--- a/apps/rtl8720c/light_example/sdkconfig.h
+++ b/apps/rtl8720c/light_example/sdkconfig.h
@@ -3,6 +3,7 @@
 #define _SDKCONFIG_H_
 
 #define CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP_USE_SOCKET_API
+#define CONFIG_STDK_IOT_CORE_EASYSETUP_DISCOVERY_SSID
 #define CONFIG_MBEDTLS_XTEA_C 1
 #define CONFIG_MBEDTLS_KEY_EXCHANGE_RSA 1
 #define CONFIG_MBEDTLS_AES_C 1
diff --git a/apps/rtl8720c/light_example/usr_config.mk b/apps/rtl8720c/light_example/usr_config.mk
index 7168bb24..059674bd 100644
--- a/apps/rtl8720c/light_example/usr_config.mk
+++ b/apps/rtl8720c/light_example/usr_config.mk
@@ -4,5 +4,6 @@
 
 CONFIG_STDK_IOT_CORE_SECURITY_BACKEND_SOFTWARE=y
 CONFIG_STDK_IOT_CORE_SECURITY_BACKEND_HARDWARE=
-
+CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP_USE_SOCKET_API=y
+CONFIG_STDK_IOT_CORE_EASYSETUP_DISCOVERY_SSID=y
 
diff --git a/apps/rtl8720c/switch_example/sdkconfig.h b/apps/rtl8720c/switch_example/sdkconfig.h
index 3aa4bdaf..e8490ecb 100644
--- a/apps/rtl8720c/switch_example/sdkconfig.h
+++ b/apps/rtl8720c/switch_example/sdkconfig.h
@@ -3,6 +3,7 @@
 #define _SDKCONFIG_H_
 
 #define CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP_USE_SOCKET_API
+#define CONFIG_STDK_IOT_CORE_EASYSETUP_DISCOVERY_SSID
 #define CONFIG_MBEDTLS_XTEA_C 1
 #define CONFIG_MBEDTLS_KEY_EXCHANGE_RSA 1
 #define CONFIG_MBEDTLS_AES_C 1
diff --git a/apps/rtl8720c/switch_example/usr_config.mk b/apps/rtl8720c/switch_example/usr_config.mk
index 7168bb24..059674bd 100644
--- a/apps/rtl8720c/switch_example/usr_config.mk
+++ b/apps/rtl8720c/switch_example/usr_config.mk
@@ -4,5 +4,6 @@
 
 CONFIG_STDK_IOT_CORE_SECURITY_BACKEND_SOFTWARE=y
 CONFIG_STDK_IOT_CORE_SECURITY_BACKEND_HARDWARE=
-
+CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP_USE_SOCKET_API=y
+CONFIG_STDK_IOT_CORE_EASYSETUP_DISCOVERY_SSID=y
 
diff --git a/apps/rtl8721c/light_example/sdkconfig.h b/apps/rtl8721c/light_example/sdkconfig.h
index 3aa4bdaf..e8490ecb 100644
--- a/apps/rtl8721c/light_example/sdkconfig.h
+++ b/apps/rtl8721c/light_example/sdkconfig.h
@@ -3,6 +3,7 @@
 #define _SDKCONFIG_H_
 
 #define CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP_USE_SOCKET_API
+#define CONFIG_STDK_IOT_CORE_EASYSETUP_DISCOVERY_SSID
 #define CONFIG_MBEDTLS_XTEA_C 1
 #define CONFIG_MBEDTLS_KEY_EXCHANGE_RSA 1
 #define CONFIG_MBEDTLS_AES_C 1
diff --git a/apps/rtl8721c/light_example/usr_config.mk b/apps/rtl8721c/light_example/usr_config.mk
index 7168bb24..059674bd 100644
--- a/apps/rtl8721c/light_example/usr_config.mk
+++ b/apps/rtl8721c/light_example/usr_config.mk
@@ -4,5 +4,6 @@
 
 CONFIG_STDK_IOT_CORE_SECURITY_BACKEND_SOFTWARE=y
 CONFIG_STDK_IOT_CORE_SECURITY_BACKEND_HARDWARE=
-
+CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP_USE_SOCKET_API=y
+CONFIG_STDK_IOT_CORE_EASYSETUP_DISCOVERY_SSID=y
 
diff --git a/apps/rtl8721c/switch_example/sdkconfig.h b/apps/rtl8721c/switch_example/sdkconfig.h
index 3aa4bdaf..e8490ecb 100644
--- a/apps/rtl8721c/switch_example/sdkconfig.h
+++ b/apps/rtl8721c/switch_example/sdkconfig.h
@@ -3,6 +3,7 @@
 #define _SDKCONFIG_H_
 
 #define CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP_USE_SOCKET_API
+#define CONFIG_STDK_IOT_CORE_EASYSETUP_DISCOVERY_SSID
 #define CONFIG_MBEDTLS_XTEA_C 1
 #define CONFIG_MBEDTLS_KEY_EXCHANGE_RSA 1
 #define CONFIG_MBEDTLS_AES_C 1
diff --git a/apps/rtl8721c/switch_example/usr_config.mk b/apps/rtl8721c/switch_example/usr_config.mk
index 7168bb24..059674bd 100644
--- a/apps/rtl8721c/switch_example/usr_config.mk
+++ b/apps/rtl8721c/switch_example/usr_config.mk
@@ -4,5 +4,6 @@
 
 CONFIG_STDK_IOT_CORE_SECURITY_BACKEND_SOFTWARE=y
 CONFIG_STDK_IOT_CORE_SECURITY_BACKEND_HARDWARE=
-
+CONFIG_STDK_IOT_CORE_EASYSETUP_HTTP_USE_SOCKET_API=y
+CONFIG_STDK_IOT_CORE_EASYSETUP_DISCOVERY_SSID=y
 
diff --git a/doc/getting_started.md b/doc/getting_started.md
index 0633ec33..04294954 100755
--- a/doc/getting_started.md
+++ b/doc/getting_started.md
@@ -340,11 +340,11 @@ Your IoT device needs two pieces of information when connecting to the SmartThin
      The mapping between `iot_nvd_t` and real storage path name can be found at `iot_bsp_nv_data_XXX.c` for [each bsp's porting layer](https://github.com/SmartThingsCommunity/st-device-sdk-c/tree/master/src/port/bsp).  
      [stdk-keygen.py](https://github.com/SmartThingsCommunity/st-device-sdk-c/tree/master/tools/keygen#commercial) also supports batch creation by reading csv formatted series of device serial number.
 
-     | Data Path     | Description                   | Examples                 |
-     | :------------ | :---------------------------- | :----------------------- |
-     | PublicKey     | Client (= Device) Public key  | device.pubkey.b64        |
-     | PrivateKey    | Client (= Device) Private key | device.seckey.b64        |
-     | SerialNum     | Device Serial Number          | SN12345678F              |
+     | Data Path     | Description                   | Detail                              | Examples                 |
+     | :------------ | :---------------------------- | :---------------------------------- | :----------------------- |
+     | PublicKey     | Client (= Device) Public key  | base64 encoded ED25519 Public Key   | device.pubkey.b64        |
+     | PrivateKey    | Client (= Device) Private key | base64 encoded ED25519 Privated Key | device.seckey.b64        |
+     | SerialNum     | Device Serial Number          | alphanumberic string (8~30)         | SN12345678F              |
 
      > **Note :**
      >
diff --git a/iot-core b/iot-core
index f22572e2..28b876c9 160000
--- a/iot-core
+++ b/iot-core
@@ -1 +1 @@
-Subproject commit f22572e2eeb42482ff53be36a26157926cbeb597
+Subproject commit 28b876c9913bcb90a9aad6d4f874379d30e1ea5c