Difference between TCPA-Hardware and other forms of trust

[Peter Gutmann]

John Gilmore <gnu at toad.com> writes:

>They eventually censored out all the sample application scenarios like DRM'd
>online music, and ramped up the level of jargon significantly, so that nobody
>reading it can tell what it's for any more.  Now all the documents available
>at that site go on for pages and pages saying things like "FIA_UAU.1 Timing of
>authentication. Hierarchical to: No other components. FIA_UAU.1.1 The TSF
>shall allow access to data and keys where entity owner has given the 'world'
>access based on the value of TCPA_AUTH_DATA_USAGE; access to the following
>commands: TPM_SelfTestFull, TPM_ContinueSelfTest, TPM_GetTestResult,
>TPM_PcrRead, TPM_DirRead, and TPM_EvictKey on behalf of the user to be
>performed before the user is authenticated."

That gobbledigook sounds like Common Criteria-speak.  So it's not deliberate,
it's a side-effect of making it CC-friendly.

>nobody reading it can tell what it's for any more

Yup, that's definitely Common Criteria.

Peter.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com