On Sat, Mar 07, 2009 at 05:40:31AM +1300, Peter Gutmann wrote:
> Given that, when I looked a couple of years ago, TPM support for
> public/private-key stuff was rather hit-and-miss and in some cases seemed to
> be entirely absent (so you could use the TPM to wrap and unwrap stored private
> keys

But this, itself, is valuable.  Given trivial support in the operating system
kernel, it eliminates one of the most common key-theft attack vectors
against webservers.

I must admit I'm curious whether the TPM vendors are licensing the relevant
IBM patent on what amounts to any wrapping of cryptographic keys using
encryption - I can only assume they are.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Reply via email to