On 8/7/2015 5:56 AM, Julie P wrote: > Hi all! > > I wanted to know what would happen if a TPM is moved to another machine? > If EK and SRK were already created they are reset?
The EK and SRK are in persistent memory. They are not reset by a power cycle, and thus are not reset if you move to another machine. The TPM vendor typically generates the EK and its certificate on the manufacturing line, before the chips are shipped to the platform manufacturer. > How many times can we recreate an EK with the tpm-tools command > "tpm_createek"? Typically, the EK is already generated (by the TPM vendor) so you cannot recreate it at all. Less typically, you get a TPM with no EK and you can run the command once. While the specification provides an option to create a revokable EK, I don't think any TPM vendor implemented it. ------------------------------------------------------------------------------ _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
