-- Kuehn, Ulrich wrote: > However, this is the big problem with the TPM > according to the TCG spec. While you can remotely > verify that the system came up according to what you > installed there, you have no means to force it to > either come up the way you want, or to be in a clear > error state. That is the huge difference between the > verifiable booting the TPM provides and secure > booting, which would run only predetermined software. > > I assume that the TCG chose not to implement the > latter due to fear of public bashing...
What we want is that a bank client can prove to the bank it is the real client, and not trojaned. What the evil guys at RIAA want is that their music player can prove it is their real music player, and not hacked by the end user. Having a system that will only boot up in a known state is going to lead to legions of unhappy customers who find their system does not come up at all. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG mzJSAlA4uoeaqcIPwxmdSTaMGpCr10BSXet2rKo+ 4C0qq8mGmz37gK89YinlEpVVumD1TtkcDOd8iHHGh --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]