On 1/26/2017 10:18 AM, James Bottomley wrote: >> >> I'm wondering if you ever need more than two sessions at once? If we >> would limit the number of sessions to that you could probably >> simplify a lot. > > Three seems to be the agreed maximum: hmac authority, parameter > encryption and command audit.
3 is recommended. There is also the possibility that the encrypt (response) and decrypt (command) parameters could use different keys, and thus need their own session. FYI: It is possible to have one session that does HMAC, parameter encryption for command and response, and audit. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ tpmdd-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
