full-disk subversion standards released
Thor Lancelot Simon
tls at rek.tjls.com
Fri Mar 6 12:30:02 EST 2009
On Sat, Mar 07, 2009 at 05:40:31AM +1300, Peter Gutmann wrote:
>
> Given that, when I looked a couple of years ago, TPM support for
> public/private-key stuff was rather hit-and-miss and in some cases seemed to
> be entirely absent (so you could use the TPM to wrap and unwrap stored private
> keys
But this, itself, is valuable. Given trivial support in the operating system
kernel, it eliminates one of the most common key-theft attack vectors
against webservers.
I must admit I'm curious whether the TPM vendors are licensing the relevant
IBM patent on what amounts to any wrapping of cryptographic keys using
encryption - I can only assume they are.
Thor
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list