On Mon, 5 Aug 2002, Adam Back wrote:
I haven't read the TCPA detailed spec yet (next on TCPA/Palladium list of reading material), but this bit I can infer I think:
I don't have time to read it, but I do appreciate the effort you've put into this so far!
The corresponding public key is certified by the secure hardware manufacturer, I think.
Are all the keys certified? Are any copied outright?
Then they have this privacy CA which accepts requests signed by the platform's signature key, and gives in return a certified pseudonym of the users choice. They claim this gives privacy, which it only does if you trusted the "privacy CA" -- the privacy CA can link all of your anonymous and pseudonymous credentials. (Anonymous may want to straighten out the different keys names -- I think there are some encryption, some signature, some sealing keys derived from other secret keys and the checksum of the application and OS / firmware etc.)
Brands digital credentials could be used to fix this sub-problem I think.
One key for encryption, one key for signature, one key for checksums, and one key to rule them all!! :-)
They put in the privacy CA thing as a defense against the PR problems Intel had with the pentium serial number. The FAQs at www.trustedpc.org talk about this arguing how this is better than pentium serial number at avoiding linkability.
The documentation problem I find is there isn't much documentation available which is technical except for the 330 page spec which drops right down to implementation details in RFC standards style.
I think that explaining it in a mathematical or technical abstract way would give competitors an advantage. Seems like the consortium that's building it can keep these details proprietary and just sell the thing on the market to whoever wants to buy it - no need for all this FAQ stuff anyway. They only need publicity to get past the congress or MP's. I guess I don't see why the spec is public if the purpose is to create a platform that's just a toy. But I'm confused, so keep at it and maybe I'll figure something out! Patience, persistence, truth, Dr. mike