Hmm, and do they really publish their CAs? I haven't found any in the past.
Also there a Privacy CA when it comes to attestation, so you don't use the
provided keys or certificate directly.
Jan
> On 15 Jun 2016, at 19:43, Tadd Seiff <[email protected]> wrote:
>
> "Public" really means anyone who "trusts" the manufacturer of the chip. If
> they have a root-of-trust that you can link to the EK cert they put on your
> chip during manufacturing, you can convince an arbitrary person (the public)
> that your chip is an authentic TPM. The manufacturer, because they publish
> the root certificates, becomes a sort of "CA".
>
> If there is no cert on the chip when you get it, you can't establish this
> chain of trust. You can create your EK, and create your own cert, but then
> the root-of-trust stops with you.
>
> -Tadd
>
> On Wed, Jun 15, 2016 at 10:37 AM Jan Schermer <[email protected]
> <mailto:[email protected]>> wrote:
> I got the tools, looks like I can to everything using tpm_nvdefine if needed.
>
> What do you mean trusted by public? EK is not really a "public" certificate
> in the sense SSL certificates are, there's no CA, just the public portion
> should be provided by the OEM...
>
> Jan
>
> > On 15 Jun 2016, at 19:05, Ken Goldman <[email protected]
> > <mailto:[email protected]>> wrote:
> >
> > On 6/14/2016 4:55 AM, Jan Schermer wrote:
> >>
> >> Does anybody know whether this is something I can do using only
> >> tpm-tools? Can I create all the needed indexes and set the nvLocked
> >> bit and get it working properly? (= with TXT working) Or do I
> >> absolutely need this Intel utility because I does something magical
> >> I'm not aware of?
> >
> > You can definitely set nvLocked through the API.
> >
> > I don't know about the TXT indexes.
> >
> > I also wonder if it comes with an EK certificate? If it doesn't, you
> > can provision your own, but it won't be trusted by the public.
> >
> >
> >
> > ------------------------------------------------------------------------------
> > What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
> > patterns at an interface-level. Reveals which users, apps, and protocols are
> > consuming the most bandwidth. Provides multi-vendor support for NetFlow,
> > J-Flow, sFlow and other flows. Make informed decisions using capacity
> > planning
> > reports.
> > http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381
> > <http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381>
> > _______________________________________________
> > TrouSerS-users mailing list
> > [email protected]
> > <mailto:[email protected]>
> > https://lists.sourceforge.net/lists/listinfo/trousers-users
> > <https://lists.sourceforge.net/lists/listinfo/trousers-users>
>
>
> ------------------------------------------------------------------------------
> What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
> patterns at an interface-level. Reveals which users, apps, and protocols are
> consuming the most bandwidth. Provides multi-vendor support for NetFlow,
> J-Flow, sFlow and other flows. Make informed decisions using capacity planning
> reports.
> http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381
> <http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381>
> _______________________________________________
> TrouSerS-users mailing list
> [email protected]
> <mailto:[email protected]>
> https://lists.sourceforge.net/lists/listinfo/trousers-users
> <https://lists.sourceforge.net/lists/listinfo/trousers-users>
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports. http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
