-- On 13 Aug 2002 at 0:05, AARG! Anonymous wrote:
The point is that while this is a form of signed code, it's not something which gives the TPM control over what OS can boot. Instead, the VCs are used to report to third party challengers (on remote systems) what the system configuration of this system is "supposed" to be, along with what it actually is.
It does however, enable the state to control what OS one can boot if one wishes to access the internet. It does not seem to me that the TPM is likely to give hollywood what it wants, unless it is backed by such state enforcement. Furthermore, since the TPM gets first whack at boot up, a simple code download to the TPM could change the meaning of the signature, so that the machine will not boot unless running a state authorized operating system. It could well happen that TPM machines become required to go on the internet, and then later only certain operating systems are permitted on the internet, and then later the required operating system upgrades the TPM software so that only authorized operating systems boot at all. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG H/t91jm8hq5pLR2AdFYi2lRoV9AKYBZ7WqqJmKFe 2/IFQaW0fl6ec+TL3iMKMxD6Y0ulGDK7RwqTVJlBQ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com