Peter Gutmann wrote:
John Gilmore <g...@toad.com> writes:
The theory that we should build "good and useful" tools capable of monopoly
and totalitarianism, but use social mechanisms to prevent them from being
used for that purpose, strikes me as naive.
There's another problem with this theory and that's the practical
implementation issue. I've read through... well, at least skimmed through the
elephantine bulk of the TCG specs, and also read related papers and
publications and talked to people who've worked with the technology, to see
how I could use it as a crypto plugin for my software (which already supports
some pretty diverse stuff, smart cards, HSMs, the VIA Padlock engine, ARM
security cores, Fortezza cards (I even have my own USG-allocated Fortezza ID
:-), and in general pretty much anything out there that does crypto in any
way, shape, or form). However after detailed study of the TCG specs and
discussions with users I found that the only thing you can really do with
this, or at least the bits likely to be implemented and supported and not full
of bugs and incompatibilities, is DRM.
Apart from the obvious fact that if the TPM is good for DRM then it is
also good for protecting servers and the data on them, Mark Ryan
presented a plausible use case that is not DRM:
http://www.cs.bham.ac.uk/~mdr/research/projects/08-tpmFunc/.
I wrote it up briefly here: http://www.links.org/?p=530.
As for John's original point, isn't the world full of such tools (guns,
TV cameras, telephone networks, jet engines, blah blah)?
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
