i'd also scrawled: > my understanding from a person active in the NEA working group [1] (IETF) > is that TPMs these days "come along for free" because they're included on-die > in at least one of said chips.
[EMAIL PROTECTED] said: > Check again. A few months ago I was chatting with someone who works for a > large US computer hardware distributor and he located one single motherboard > (an Intel one, based on an old, possibly discontinued chipset) in their > entire inventory that contained a TPM (they also had all the ex-IBM/Lenovo > laptops, and a handful of HP laptops, that were reported as having TPMs). He > also said that there were a handful of others (e.g. a few Dell laptops, which > they don't carry) with TPMs. my bad. I'd neglected to add "on enterprise-class systems" after "come along for free" (a qualification he did indeed express). WRT to Dell notebooks, that'd be the Latitude models. In fact, with a little searching, i found the Dell pages below [2] that indicate TPM is installed on Dell's D-series enterprise class notebooks. [EMAIL PROTECTED] said: > One of the driving forces for TPM adoption going forward will be enterprise > remote or "distributed" management. Of course. And that's the driving force behind the IETF NEA ("Network Endpoint Assessment") working group AFAIK [1]. =JeffH ------ [1] <http://www.ietf.org/html.charters/nea-charter.html> [2] <http://www.dell.com/content/topics/global.aspx/solutions/en/latitude_highlight ?c=us&l=en&s=gen> "... Trusted Platform Module (TPM 1.1) The TPM, or Trusted Platform Module ships standard on D410, D610 & D810. TPM is a security hardware device on the system board that will hold computer generated keys for encryption. It is a hardware-based solution that can help avoid attacks by hackers looking to capture passwords and encryption keys to sensitive data. ..." <http://www.dell.com/content/learnmore/learnmore.aspx?c=us&cs=RC968571&l=en&s=h ea&~id=smartcard&~line=notebooks&~mode=popup&~series=latit&~tab=recommendations > "What is TPM? The TPM, or Trusted Platform Module, is a security hardware device on the system board that will hold computer generated keys for encryption. It is a hardware based solution that can help avoid attacks by hackers looking to capture passwords and encryption keys to sensitive data. When deploying advanced security features like TPM in your environment, the archive and recovery of keys protected by the TPM is critical to avoiding the risk of data loss or inaccessibility in the event of a system failure. The security features provided by the TPM are internally supported by the following cryptographic capabilities of each TPM: hashing, random number generation, asymmetric key generation, and asymmetric encryption/decryption. Each individual TPM on each individual computer system has a unique signature initialized during the silicon manufacturing process that further enhances its trust/security effectiveness. Each individual TPM must have an Owner before it is useful as a security device. TPM Applications TPM is useful for any customer that is interested in providing an addition layer of security to the computer system. The TPM, when bundled with an optional security software package, can provide overall system security, file protection capabilities and protect against email /privacy concerns. TPM helps provide security that can be stronger than that contained in the system BIOS, operating system, or any non-TPM application. Which Dell systems support TPM? The TPM 1.2 security hardware device comes standard on the following LatitudeTM notebook systems: Latitude D420, D620, D820, OptiPlexTM desktop systems: Optiplex 745, 740 and Dell PrecisionTM Mobile Workstations M65, M90. Dell recommends the use of Microsoft® Windows® XP Professional XP Professional operating system with TPM which includes advanced security, mobility and networking features. TPM is currently not supported by Dell on Red Hat® Linux® operating systems. Customers who deploy TPM should also purchase Wave Systems Embassy Trust Suite from Dell Software & Peripherals to enable full TPM features including key archival and migration." --- end --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]