On Aug 19, 2007, at 12:13 PM, Ali, Saqib wrote:
On if MS provided some way to manage them centrally. Using a encrypted DB to manually store the keys in it, is simply not feasible.
Your argument just went from "TPMs are bad for volume encryption with BitLocker because they can't be centrally managed" to "Microsoft should provide tools to centrally manage key recovery files because I find doing it myself too hard". Which are you actually arguing? I've tried to show you that the first argument is _wrong_; the second argument has nothing to do with TPMs. You have a choice when it comes to how you approach the recovery keyfile problem. You can build tools for it, or any company that perceives a market need can do so.
-- Ivan Krstić <[EMAIL PROTECTED]> | http://radian.org --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
