Re: about smartcards (Re: TPM support status ?)

[decoder]

Robert Millan wrote:
> > This is wrong. Smartcards of course have a an interface to interact with  
> > them.
> >     
>
> Yes, but it's usually just a button or similar.  It doesn't behave like a
> computer.
>   
What I meant is the software interface. There are crypto protocols to 
interact with a smartcard and they are similar to the TPM protocols.
> The same happens with your oven or your fridge.  They run software and have a
> user interface, but they don't work like a computer.
>
>   
> > And yes, you could use a Smartcard to do DRM.
> >     
>
> No, you can't.  What you can do is use the smartcard for authentication
> in a computer that has been previously rigged against its user.  In this
> case it is the computer which implements DRM, not the card.
>   
The TPM module itself does not implement DRM either... It provides the 
necessary crypto routines, a smartcard does so too.
> What does this have to do with anything?  Being passive doesn't prevent it
> from being used in coercion schemes like:
>
>   "Either you use this TPM to certify you're running Crippleware Reader
>    2.0 or you can't read this book"
>   
You can use a smartcard as well for that purpose. Crippleware Reader 2.0 
can cryptographically make sure that the smartcard is attached, and 
refuse to work otherwise. And you can make the Smartcard a requirement 
to read the book.

I don't really see the point why people keep bashing the TPM module for 
purposes like DRM. It's not the TPM module that is bad, but the stuff 
that people plan to do with it.


Chris

smime.p7s
Description: S/MIME Cryptographic Signature