> From: Erik Tews [mailto:[EMAIL PROTECTED] 
> Sent: Donnerstag, 5. Oktober 2006 23:52
> 
[...]
> 
> Later, you can remotely query your system and get a report 
> what has been bootet on your system. You can do this query 
> using a java application and tpm4java.
> 

However, this is the big problem with the TPM according to the TCG spec. While 
you can remotely verify that the system came up according to what you installed 
there, you have no means to force it to either come up the way you want, or to 
be in a clear error state. That is the huge difference between the verifiable 
booting the TPM provides and secure booting, which would run only predetermined 
software.

I assume that the TCG chose not to implement the latter due to fear of public 
bashing...

Ulrich

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to