We see here a difference between your and my sides of the Atlantic. Here in the US, almost no one has a smart card.
Of those cards you carry, how many are capable of doing public key operations? A simple memory smartcard doesn't count for what we were talking about.
I don't know. If you can tell me how to find out, I'd be happy to investigate. I have quite a few that are no longer needed, so destructive investigation is possible :-)
BTW, I forgot the two smartcards that are used by my Sky satellite TV stuff.
There are other problems with doing TCPA-like operations with a smartcard, but I didn't go into those. The biggest one to chew on is that I, the computer owner, need verification that my software is in good shape. My agent in my computer (presumably the smartcard) needs a way to examine the software state of my computer without relying on any of the software in my computer (which might have been corrupted, if the computer's S/W has been corrupted). This implies to me that my agent chip needs a H/W path for examining all the S/W of my computer. That's something the TPM gives us that a smartcard doesn't (when that smartcard goes through a normal device driver to access its machine).
I'm not arguing with this - just the economic argument about number of smartcards.
Cheers,
Ben.
-- http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
