On Fri, May 25, 2007 at 10:11:03AM -0500, Bruno Wolff III wrote: > On Fri, May 25, 2007 at 11:06:49 +0200, > Patrick Georgi <[EMAIL PROTECTED]> wrote: > > > > As so often, it can be used for, and against the user. Binding certain > > data to a machine (eg. certificates) and making it non-trivial to get at > > them. > > And the way to tell is who has the keys that are stored on the TPM chip. > If it is use, then things are good. If it is someone else, then things > are bad.
That's a missconception. It's not the fact that a CA has a master key that makes this system a threat, it's the fact that when someone else has that key, there's no way for the owner to use physical access to become the root of the trust chain and make his own computer sign anything he wants. IOW, no matter who the keys belong to, the problem is there's a component in the hardware I paid for that is hostile to me, which contains keys that I cannot retrieve (good, because of security), and refuses to use the keys on anything I want it to (bad, because it's inherently an abusive tool). That, of course, unless owner override feature is present. Then it's a whole different story. -- Robert Millan My spam trap is [EMAIL PROTECTED] Note: this address is only intended for spam harvesters. Writing to it will get you added to my black list. _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
