On 7/1/21 3:23 PM, Alan DeKok wrote:
On Jun 30, 2021, at 9:52 AM, Eliot Lear <l...@lear.ch> wrote:
I think we have to be a bit careful about using the term "TPM". What we care
about are trust anchors, credentials, and operations on those. Those objects might be
stored in TPMs, but it seems to me that the protocol does not need to be aware of that.
Yes.
Well. Yes, that is one dimension. A TPM can also allow for more
automated proofs of trust. However if the issue is how to talk to a
device to get a certificate installed, you will face the same challenges
with or without TPM since the operating system sits inbetween.
A TPM could also come with pre-installed device identity certificates. I
am not sure that is happening a lot these days, so hm.
best regards
Carolin
_______________________________________________
Emu mailing list
Emu@ietf.org
https://www.ietf.org/mailman/listinfo/emu