Challenge to David Wagner on TCPA
Ben Laurie
ben at algroup.co.uk
Sat Aug 10 07:46:03 PDT 2002
Lucky Green wrote:
> Ray wrote:
>
>>>From: "James A. Donald" <jamesd at echeque.com>
>>>Date: Tue, 30 Jul 2002 20:51:24 -0700
>>
>>>On 29 Jul 2002 at 15:35, AARG! Anonymous wrote:
>>>
>>>>both Palladium and TCPA deny that they are designed to restrict
>>>>what applications you run. The TPM FAQ at
>>>>http://www.trustedcomputing.org/docs/TPM_QA_071802.pdf reads
>>>>....
>>>
>>>They deny that intent, but physically they have that capability.
>>
>>To make their denial credible, they could give the owner
>>access to the private key of the TPM/SCP. But somehow I
>>don't think that jibes with their agenda.
>
>
> Probably not surprisingly to anybody on this list, with the exception of
> potentially Anonymous, according to the TCPA's own TPM Common Criteria
> Protection Profile, the TPM prevents the owner of a TPM from exporting
> the TPM's internal key. The ability of the TPM to keep the owner of a PC
> from reading the private key stored in the TPM has been evaluated to E3
> (augmented). For the evaluation certificate issued by NIST, see:
>
> http://niap.nist.gov/cc-scheme/PPentries/CCEVS-020016-VR-TPM.pdf
Obviously revealing the key would defeat any useful properties of the
TPM/SCP. However, unless the machine refuses to run stuff unless signed
by some other key, its a matter of choice whether you run an OS that has
the aforementioned properties.
Of course, its highly likely that if you want to watch products of Da
Mouse on your PC, you will be obliged to choose a certain OS. In order
to avoid more sinister uses, it makes sense to me to ensure that at
least one free OS gets appropriate signoff (and no, that does not
include a Linux port by HP). At least, it makes sense to me if I assume
that the certain other OS will otherwise become dominant. Which seems
likely.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
Available for contract work.
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cypherpunks-legacy
mailing list