Flexible device onboarding via bootstrap keys

What is claimed is: 1. A method, comprising: by a registrar computing device: communicating, to a candidate computing device, an authentication key; receiving, from the candidate computing device, a signed voucher request comprising: a request to authenticate a network to which the candidate computing device will be able to connect, and an indication that the authentication key communicated by the registrar computing device matches an authentication key embedded in the firmware of the candidate computing device; providing, to an authorizing computing device, the signed voucher request; and receiving, from the authorizing computing device, a signed voucher, wherein the signed voucher authenticates the network to which the candidate computing device will connect and is based on the indication that the authentication key communicated by the registrar computing device matches the authentication key embedded in the firmware of the candidate computing device. 2. The method of claim 1 , further comprising obtaining the authentication key, wherein the authentication key is obtained by the registrar computing device based on an input of the authentication key into the registrar computing device. 3. The method of claim 1 , further comprising matching, by the candidate computing device prior to sending the signed voucher request, the authentication key communicated by the registrar computing device to the authentication key embedded in the firmware of the candidate computing device. 4. The method of claim 1 , further comprising determining, by the authorizing computing device, that the signed voucher request includes the indication that the authentication key communicated by the registrar computing device matches the authentication key embedded in the firmware of the candidate computing device. 5. The method of claim 4 , comprising determining, by the authorizing computing device prior to determining that the signed voucher request includes the indication that the authentication key communicated by the registrar computing device matches the authentication key embedded in the firmware of the candidate computing device, that a trust relationship exists between the authorizing computing device and the registrar computing device. 6. The method of claim 5 , wherein the trust relationship is based on a legal agreement, a short message service, an email, or a paid subscription service. 7. The method of claim 5 , further comprising providing, by the authorizing computing device to the candidate computing device via the registrar computing device, an error message that the trust relationship has not been established. 8. The method of claim 1 , wherein the registrar computing device is a network access server. 9. The method of claim 1 , wherein the registrar computing device is a mobile registrar application and the network is a wireless network. 10. The method of claim 9 , further comprising: scanning, by the mobile registrar application, the wireless network for the candidate computing device; providing, by the mobile registrar application to the authorizing computing device, the signed voucher request and a request to authenticate the wireless network to which the candidate computing device will connect; providing, by the authorizing computing device to the mobile registrar application, the signed voucher, wherein the signed voucher instructs the candidate computing device to trust the mobile registrar application and allows connection to the wireless network; and providing, by the mobile registrar application to the candidate computing device, a communication comprising: the signed voucher instructing the candidate computing device to connect to the wireless network; and a service set identifier and a password to connect to the wireless network. 11. The method of claim 1 , further comprising obtaining, from the candidate computing device, a request to establish a connection with the registrar computing device prior to the registrar computing device receiving the signed voucher request from the candidate computing device, wherein establishing the connection requires that the registrar computing device share the authentication key with the candidate computing device. 12. The method of claim 11 , wherein the connection is established using an extensible authentication protocol transport layer security protocol. 13. The method of claim 1 , wherein the signed voucher request is generated by the candidate computing device. 14. The method of claim 1 , further comprising providing, by the authorizing computing device to the candidate computing device via the registrar computing device, an error message that the signed voucher request does not include the indication that the authentication key communicated by the registrar computing device matches the authentication key embedded in the firmware of the candidate computing device. 15. A computer program product, comprising: a non-transitory computer-readable medium having computer-readable program instructions embodied thereon, the computer-readable instructions comprising computer-readable instructions to: communicate, by a registrar computing device to a candidate computing device, an authentication key; receive, by the registrar computing device from the candidate computing device, a signed voucher request comprising: a request to authenticate a network to which the candidate computing device will be able to connect, and an indication that the authentication key communicated by the registrar computing device matches an authentication key embedded in the firmware of the candidate computing device; provide, by the registrar computing device to an authorizing computing device, the signed voucher request; and receive, by the registrar computing device from the authorizing computing device, a signed voucher, wherein the signed voucher authenticates the network to which the candidate computing device will connect and is based on the indication that the authentication key communicated by the registrar computing device matches the authentication key embedded in the firmware of the candidate computing device. 16. The computer program product of claim 15 , further comprising computer-readable instructions to obtain, by the registrar computing device, the authentication key, wherein the authentication key is obtained by the registrar computing device based on an input of the authentication key into the registrar computing device. 17. The computer program product of claim 15 , further comprising computer-readable instructions to determine, by the authorizing computing device, that the signed voucher request includes the indication that the authentication key communicated by the registrar computing device matches the authentication key embedded in the firmware of the candidate computing device. 18. The computer program product of claim 17 , further comprising computer-readable instructions to determine, by the authorizing computing device prior to determining that the signed voucher request includes the indication that the authentication key communicated by the registrar computing device matches the authentication key embedded in the firmware of the candidate computing device, that a trust relationship exists between the authorizing computing device and the registrar computing device. 19. The computer program product of claim 15 , comprising computer-readable instructions to obtain, by the registrar computing device from the candidate computing device, a request to establish a connection with the registrar