Challenge to David Wagner on TCPA

Eric Murray ericm at lne.com
Thu Aug 1 14:45:52 PDT 2002 

On Wed, Jul 31, 2002 at 11:45:35PM -0700, AARG! Anonymous wrote:
> Peter Trei writes:
> > AARG!, our anonymous Pangloss, is strictly correct - Wagner should have
> > said "could" rather than "would".
> 
> So TCPA and Palladium "could" restrict which software you could run.

TCPA (when it isn't turned off) WILL restrict the software that you
can run.  Software that has an invalid or missing signature won't be
able to access "sensitive data"[1].   Meaning that unapproved software
won't work.  Ok, technically it will run but can't access the data,
but that it a very fine hair to split, and depending on the nature of
the data that it can't access, it may not be able to run in truth.

If TCPA allows all software to run, it defeats its purpose.
Therefore Wagner's statement is logically correct.


Yes, the spec says that it can be turned off.  At that point you
can run anything that doesn't need any of the protected data or
other TCPA services.   But, why would a software vendor that wants
the protection that TCPA provides allow his software to run
without TCPA as well, abandoning those protections?
I doubt many would do so, the majority of TCPA-enabled
software will be TCPA-only.  Perhaps not at first, but eventually
when there are enough TCPA machines out there.  More likely, spiffy
new content and features will be enabled if one has TCPA and is
properly authenticated, disabled otherwise.  But as we have seen
time after time, today's spiffy new content is tomorrows
virtual standard.

This will require the majority of people to run with TCPA turned on
if they want the content.  TCPA doesn't need to be required by law,
the market will require it.  At some point, running without TCPA
will be as difficult as avoiding MS software in an otherwise all-MS
office.... theoretically possible, but difficult in practice.

"TCPA could be required" by the government or MS or <insert evil
company here> is, I agree, a red herring.  It is not outside
the realm of possibility, in fact I'd bet that someone at MS has
seriously thought through the implications.  But to my mind
the "requirement by defacto standard" scenerio I outline above
is much more likely, in fact it is certain to happen if TCPA
gets in more than say 50% of computers.

I worked for a short while on a very early version of TCPA with Geoff
Strongin from AMD.  We were both concerned that TCPA not be able to
be used to restrict user's freedom, and at the time I thought that
"you can always turn it off" was good enough.  Now I'm not so sure.
If someday all the stuff that you do with your computer touches data that can
only be operated on by TCPA-enabled software, what are you going to do?

BTW, what's your credentials?  You seem familiar with the TCPA spec, which
is no mean feat considering that it seems to have been written to
make it as difficult to understand as possible (or perhaps someone
hired an out-of-work ISO standards writer).  I think that Peter's
guess is spot on.  Of course having you participate as a nym
is much preferable to not having you participate at all, so don't
feel as though you have to out yourself or stop posting.


[1] TCPAmain_20v1_1a.pdf, section 2.2


Eric



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cypherpunks-legacy mailing list