Ross's TCPA paper

[Lucky Green]

Pete Chown wrote quoting Ross:
> > You need a valid signature on the binary, plus a cert to 
> use the TCPA 
> > PKI. That will cost you money (if not at first, then eventually).
> 
> I think it would be a breach of the GPL to stop people 
> redistributing the signature: "You must cause any work that 
> you distribute or publish, that in whole or in part contains 
> or is derived from the Program or any part thereof, to be 
> licensed as a whole at no charge to all third parties under 
> the terms of this License."

The application or OS vendor can in confidence distribute not just the
code, but also the also the signature and cert. In fact, the application
vendor can distribute absolutely everything they have access to
themselves and you still won't be able to run the application in trusted
mode.

The cert that enables an application to run in trusted mode is tied to a
specific TPM and therefore to a specific motherboard. For this cert to
work on another motherboard without a new and different cert, the
software vendor would need to extract the 2048-bit secret RSA key [1]
from their own motherboard's TPM, make the secret key available for
download, followed by the customer importing the key into their own TPM.
The TPM, for obvious reasons, offers no facilities to export or import
the TPM's internal keys.

The GPL cannot possibly require a software author to distribute a
hardware crack with their software or be in violation of the GPL.
Distributing a crack for TPM's is distributing an infringement device
and as such is illegal under US law. Even if the GPL were to be modified
to mandate what is technically near impossible to a software vendor to
achieve, even this layperson knows that contracts that require illegal
acts are unenforceable. Note that I am not referring to acts that might
be illegal in the future under the Hollings bill. Doing the above is
illegal today.

The GPL might be modified to require that the application vendor do
whatever is necessary for a user to utilize an application in the way
the user deems fit (i.e. in privileged mode), but that would put the GPL
into very dangerous, and I believe thoroughly undesirable, territory.
With such modifications, the hypothetical new GPL would mandate, to use
Richard Stallman's terminology, not just freedom of speech, but free
beer as well. That has never been the intend of the GPL.

Furthermore, the certs required to run the OS or application will in may
cases be issued by a party other than the application author or vendor.
To continue using Richard's terminology, to cover this case the GPL
would need to be rewritten to mandate that a third-party provide the
free beer.

I will leave it to the attorneys on this list to elucidate on the legal
deficiencies of such a hypothetical contract, since I am not an attorney
I will simply state that I sincerely doubt such contract would hold up
in litigation.

Of course I do not believe the FSF would make such changes. Which gets
us back to Ross's point that the TCPA threatens the core of the GPL,
from which this discussion started. For completeness I would like to
state that I have no personal stake in the continued enforceability of
the GPL, being a long-time supporter of the BSD licensing scheme myself.

[1] 1024-bit RSA keys were rejected during the design phase of the TPM
by members of the TCPA, which, as Anonymous pointed out in a previous
post, contains several well-known crypto companies. The TCPA's website,
which only makes specs, but not design documents, available to the
public, unfortunately does not provide any documentation which reasoning
lead to this decision.

--Lucky Green


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com