On 2/10/2017 11:46 AM, James Bottomley wrote: > On Fri, 2017-02-10 at 04:03 -0600, Dr. Greg Wettstein wrote: >> On Feb 9, 11:24am, James Bottomley wrote:
>> quote: 810 milliseconds >> verify signature: 635 milliseconds > ... > > Part of the way of reducing the latency is not to use the TPM for > things that don't require secrecy: container signature verification is > one such because the container is signed with a private key to which > ... Agreed. There are a few times one would verify a signature inside the TPM, but they're far from mainstream: 1 - Early in the boot cycle, when there's no crypto library. 2 - When the crypto library doesn't support the required algorithm. 3 - When a ticket is needed to prove to the TPM later that it verified the signature. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
