TPM & disk crypto
John Gilmore
gnu at toad.com
Tue Oct 10 13:44:54 EDT 2006
> What we want is that a bank client can prove to the bank
> it is the real client, and not trojaned. What the evil
> guys at RIAA want is that their music player can prove
> it is their real music player, and not hacked by the end
> user. Having a system that will only boot up in a known
> state is going to lead to legions of unhappy customers
> who find their system does not come up at all.
Having "remote attestation" that provides signed checksums of every
stage of the startup process, which are checked by guys at the RIAA or
guys at the bank, will lead to legions of unhappy customers who find
their system boots fine, but is denied access to both the bank and the
music store. (Seventy thousand totally valid configurations are not
going to be checked and confirmed by either one.) But their system
will access the Darknet just fine.
John
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list