Challenge to David Wagner on TCPA

Peter Fairbrother zenadsl6186 at zen.co.uk
Wed Jul 31 12:07:16 PDT 2002 

> AARG! Anonymous wrote:

> James Donald wrote:
>> On 29 Jul 2002 at 15:35, AARG! Anonymous wrote:
>>> both Palladium and TCPA deny that they are designed to restrict
>>> what applications you run.  The TPM FAQ at
>>> http://www.trustedcomputing.org/docs/TPM_QA_071802.pdf reads
>> 
>> They deny that intent, but physically they have that capability.
> 
> Maybe, but the point is whether the architectural spec includes that
> capability.  After all, any OS could restrict what applications you
> run; you don't need special hardware for that.  The question is whether
> restrictions on software are part of the design spec.  You should be
> able to point to something in the TCPA spec that would restrict or limit
> software, if that is the case.
> 
> Or do you think that when David Wagner said, "Both Palladium and TCPA
> incorporate features that would restrict what applications you could run,"
> he meant "that *could* restrict what applications you run"?  They *could*
> impose restrictions, just like any OS could impose restrictions.
> 
> But to say that they *would* impose restrictions is a stronger
> statement, don't you think?  If you claim that an architecture would
> impose restrictions, shouldn't you be able to point to somewhere in the
> design document where it explains how this would occur?
> 
> There's enormous amount of information in the TCPA spec about how to
> measure the code which is going to be run, and to report those measurement
> results so third parties can know what code is running.  But there's not
> one word about preventing software from running based on the measurements.
> 

The wise general will plan his defences according to his opponent's
capabilities, not according to his opponent's avowed intentions.

However, in this case the intention to attack with all available weapons has
not been well hidden. There may be some dupes who honestly profess that no
attack is planned, and some naif's who cannot or will not see the wood, but
they will reap the whirlwind.

My humble opinion,

-- Peter Fairbrother


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cypherpunks-legacy mailing list