OK. Several people have again had questions, so let's further flesh this out.
Please note: the fact that Mobile Armor is included on DARTT aside, there are several other providers on DARTT - we are not the only one. The original question that started this thread was: 8/16/ 2007 Saqib Ali wrote : " John Grimes' (DOD chief information officer) July 3rd memo is mandating encryption for all sensitive but unclassified information on mobile devices in compliance with FIPS 140-2. "Mobile devices" include laptops, PDAs, CDs, flash drives, etc. See: http://iase.disa.mil/policy-guidance/dod-dar-tpm-decree07-03-07.pdf Also all new computer assets (servers, notebooks, desktops, PDAs) must have TPM (if available). I guess this is good news for Wavesys <http://www.wavesys.com/ >. Wavesys is the only company that makes enterprise grade TPM management suite that can be centrally managed. But I think more and more FDE vendors will now start supporting TPM for encryption key management, and trusted device management." My entire point is that the second part of the e-mail is correct, and the first isn't (good news for Wavesys), under the following rationale: The Grimes Memo, which perhaps we should post in its' entirety, requires future machines to have TPM. TPM was a Technical Requirement under DARTT to store FDE keys, it was a desirable feature which all FDE vendors have different answers for (some do it today). Wave's solution will not benefit by this, because it does not manage any of the DARTT selected software. I have personally been having discussions about this with several DOD agencies, and have had this confirmed. So, if you are using TPM for some other purpose besides encryption of DAR, then sure you can use Wave's management tools. IF you would like to use it to manage encryption like that in the Dell laptops or Momentus hard disks, then you're out of luck. Regards; Bryan ------------------------------------ Mobile Armor Bryan E. Glancey Senior Vice President & Chief Technology Officer [EMAIL PROTECTED] 400 South Woods Mill Rd. Suite 110 Chesterfield, MO 63017 tel: 877-276-6778 fax: 877-277-7369 mobile: 314-495-2048 http://www.mobilearmor.com/ ------------------------------------ -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ali, Saqib Sent: Friday, August 17, 2007 12:18 AM To: [email protected] Subject: Re: [FDE] New DoD encryption mandate and TPM requirements On 8/16/07, Bryan Glancey <[EMAIL PROTECTED]> wrote: > The rest of Grimes Memo links to the DARTT (Data At Rest Tiger Team) - > which does not include Wave Sys. Therefore Wave Sys is legally barred > from Federal Government sales for the next 5 years. As the name (Data At Rest) suggests, the list only includes encryption providers. Whereas Wavesys is a TPM management suite. Which is a completely different beast. Barring Wavesys from Gov't sales would not make much sense, as it is the only viable enterprise grade TPM management suite. saqib http://www.linkedin.com/in/encryption _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
