[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TPM support status ?

From: Vladimir 'phcoder' Serbinenko
Subject: Re: TPM support status ?
Date: Thu, 20 Aug 2009 12:19:54 +0200

On Thu, Aug 20, 2009 at 9:40 AM, Michael Gorven<address@hidden> wrote:
> On Wednesday 19 August 2009 22:44:18 Vladimir 'phcoder' Serbinenko wrote:
>> But why can't I generate my keys on first use? Or why do I need
>> manufacturer's signature?
> You don't.
Exactly. But signature is there which makes it possible to challenge
user to use TPM without owning the system. For user it doesn't matter
if key is signed or not. If TPM was supplied blank and the user could
generate keypair himself then if he doesn't want to use TPM he could
generate a keypair in GnuPG and noone would be able to distinguish it
from TPM key.
The owner would have a public key and he would know it's the key from
TPM because he himself generated and retrieved it.
But do manufacturers do it that way?
> --
> PGP Key ID 1E016BE8
> _______________________________________________
> Grub-devel mailing list
> address@hidden

Vladimir 'phcoder' Serbinenko

Personal git repository:

reply via email to

[Prev in Thread] Current Thread [Next in Thread]