Re: more TCPA stuff (Re: "trust me" pseudonyms in TCPA)
Inline... ----- Original Message ----- From: "Adam Back" <adam@cypherspace.org> To: "Mike Rosing" <eresrch@eskimo.com> Cc: <cypherpunks@lne.com>; "Cryptography" <cryptography@wasabisystems.com>; "Adam Back" <adam@cypherspace.org> Sent: Monday, August 05, 2002 2:26 PM Subject: more TCPA stuff (Re: "trust me" pseudonyms in TCPA)
On Mon, Aug 05, 2002 at 07:42:45AM -0700, Mike Rosing wrote:
On Mon, 5 Aug 2002, Adam Back wrote:
<snip>
Effectively I think the best succinct description of the platforms motivation and function is that:
"TCPA/Palladium is an extensible, general purpose programmable dongle soldered to your mother board with centralised points belonging to Microsoft/IBM/Intel/".
The Pd SCP isn't extensible or programable. I wouldn't say that it is "general purpose" either, but I am not sure what you mean by this. It is soldered to your motherboard. It provides a limited (smaller than a TPM) feature set. Pd does not create a a centralised point belonging to Microsoft. There are no root certs from MS except those to certify our own nub and SW, and these are SW certs. How others do this for their SW is up to them. I expect that we will want to get third party certification for our Pd software as well as certing it ourselves. HW is assumed to be certified by whomever built it, based on whatever criteria they want to use for whatever the solution and cost dictate, and they too can get third-party certs as they see fit. It is entirely possible to run Pd and get it's benefits without telling MS Inc. anything about your machine. For Pd to work you have to tell the MS TOR (unless you are using a different TOR) about your machine, and so we have to prove to everyone that telling the TOR something is very different from telling MS Inc. something. Pd doesn't phone home on it's own. <snip>
From my current understanding, the worst problem is the centralised control of this platform. If it were completely open, and possible to fix it's potential dangers, it would bring about a new framework of secured computing and could be a net positive. In it's current form with centralised control and other problems it could be a big net negative.
There isn't centralized control in Pd. Users are in control. It is up to whomever cares about the trust on a given system to decide if they trust it, and this obviously must start with the user. Peter ++++ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com ----- End forwarded message -----
participants (1)
-
Peter N. Biddle