1 - I wonder why owner evict keys are not the solution. You only get a few of them, but their purpose is to persist and travel with the TPM.
2 - You could also store a few key blobs in NV indexes. Again, you only get a few of them. 3 - I'd try to solve this at the system layer. Swapping a disk is no different from a disk failure, or even a TPM failure. Whatever you're enterprise is doing for key backup (or general data backup) should work for key blobs. 4 - In TPM 2.0, primary keys are repeatable. It's slow, so you may not want to do it routinely, but it's a way to recover in case you lose your disk copy. ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
