Overcoming the potential downside of TCPA

Joseph Ashwood ashwood at msn.com
Wed Aug 14 19:23:29 PDT 2002


----- Original Message -----
From: "Ben Laurie" <ben at algroup.co.uk>
> > The important part for this, is that TCPA has no key until it has an
owner,
> > and the owner can wipe the TCPA at any time. From what I can tell this
was
> > designed for resale of components, but is perfectly suitable as a point
of
> > attack.
>
> If this is true, I'm really happy about it, and I agree it would allow
> virtualisation. I'm pretty sure it won't be for Palladium, but I don't
> know about TCPA - certainly it fits the bill for what TCPA is supposed
> to do.

I certainly don't believe many people to believe me simply because I say it
is so. Instead I'll supply a link to the authority of TCPA, the 1.1b
specification, it is available at
http://www.trustedcomputing.org/docs/main%20v1_1b.pdf . There are other
documents, unfortunately the main spec gives substantial leeway, and I
haven't had time to read the others (I haven't fully digested the main spec
yet either). From that spec, all 332 pages of it, I encourage everyone that
wants to decide for themselves to read the spec. If you reach different
conclusions than I have, feel free to comment, I'm sure there are many
people on these lists that would be interested in justification for either
position.

Personally, I believe I've processed enough of the spec to state that TCPA
is a tool, and like any tool it has both positive and negative aspects.
Provided the requirement to be able to turn it off (and for my preference
they should add a requirement that the motherboard continue functioning even
under the condition that the TCPA module(s) is/are physically removed from
the board). The current spec though does seem to have a bend towards being
as advertised, being primarily a tool for the user. Whether this will remain
in the version 2.0 that is in the works, I cannot say as I have no access to
it, although if someone is listening with an NDA nearby, I'd be more than
happy to review it.
                    Joe


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com





More information about the cypherpunks-legacy mailing list