On 26 June 2007 00:51, Ian Farquhar (ifarquha) wrote: >> It seems odd for the TPM of all devices to be put on a pluggable module as >> shown here. The whole point of the chip is to be bound tightly to the >> motherboard and to observe the boot and initial program load sequence. > > Maybe I am showing my eternal optimist side here, but to me, this is how > TPM's should be used, as opposed to the way their backers originally wanted > them used. A removable module whose connection to a device I establish > (and can de-establish, assuming the presence of a tamper-respondent barrier > such as a sensor-enabled computer case to legitimize that activity) is a > very useful thing to me, as it facilitates all sorts of useful > applications. The utility of the original intent has already been widely > criticised, so I won't repeat that here. :)
If you can remove it, what's to stop you plugging it into another machine and copying all your DRM-encumbered material to that machine? It's supposed to identify the machine, not the user. Sounds to me like what you want is a personally identifying cert that you could carry around on a usb key... cheers, DaveK -- Can't think of a witty .sigline today.... --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]