On 1/2/2014 9:39 AM, Thomas Habets wrote: > > Yeah it makes sense, but it misses the (according to me) valid use > case of only allowing one-way migration. It would be nice if it'd had > another bit signifying that.
There is no way for the TPM to enforce (and therefore be able to certify) one way migration. Once a private key is migrated off a TPM, or if the private key was originally created off the TPM, the TPM loses control. It can go anywhere. What additional assurance could your 'second bit' give? ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
