Ben Laurie <[email protected]> writes: >Apart from the obvious fact that if the TPM is good for DRM then it is also >good for protecting servers and the data on them,
In which way, and for what sorts of "protection"? And I mean that as a serious inquiry, not just a "Did you spill my pint?" question. At the moment the sole significant use of TPMs is Bitlocker, which uses it as little more than a PIN-protected USB memory key and even then functions just as well without it. To take a really simple usage case, how would you: - Generate a public/private key pair and use it to sign email (PGP, S/MIME, take your pick)? - As above, but send the public portion of the key to someone and use the private portion to decrypt incoming email? (for extra points, prove that it's workable by implementing it using an actual TPM to send and receive email with it, which given the hit-and-miss functionality and implementation quality of TPMs is more or less a required second step). I've implemented PGP email using a Fortezza card (which is surely the very last thing it was ever intended for), but not using a TPM... >Mark Ryan presented a plausible use case that is not DRM: >http://www.cs.bham.ac.uk/~mdr/research/projects/08-tpmFunc/. This use is like the joke about the dancing bear, the amazing thing isn't the quality of the "dancing" but the fact that the bear can "dance" at all :-). It's an impressive piece of lateral thinking, but I can't see people rushing out to buy TPM-enabled PCs for this. Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [email protected]
