On Sat, Mar 07, 2009 at 05:40:31AM +1300, Peter Gutmann wrote: > > Given that, when I looked a couple of years ago, TPM support for > public/private-key stuff was rather hit-and-miss and in some cases seemed to > be entirely absent (so you could use the TPM to wrap and unwrap stored private > keys
But this, itself, is valuable. Given trivial support in the operating system kernel, it eliminates one of the most common key-theft attack vectors against webservers. I must admit I'm curious whether the TPM vendors are licensing the relevant IBM patent on what amounts to any wrapping of cryptographic keys using encryption - I can only assume they are. Thor --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com