On Thursday 20 August 2009 09:59:42 Michal Suchanek wrote: > 2009/8/20 Michael Gorven <mich...@gorven.za.net>: > > On Thursday 20 August 2009 09:49:06 Michal Suchanek wrote: > >> 2009/8/20 Michael Gorven <mich...@gorven.za.net>: > >> > On Wednesday 19 August 2009 21:21:28 Michal Suchanek wrote: > >> >> Tell me one technical benefit of TPM over coreboot. > >> > > >> > Coreboot doesn't provide protected storage of secrets (e.g. harddrive > >> > decryption keys). > >> > >> TPM does not either at the time the BIOS is loaded. Remember, it's the > >> CPU what's running the BIOS, not the TPM chip. > >> > >> Only after BIOS enables TPM or coreboot enables any crypto device you > >> choose you get any secrets or keys. > > > > So? It's still protected storage. You can read a BIOS chip, but you can't > > just read the contents of a TPM chip. > > You can use decent crypto storage rather than half-broken TPM. There > is no advantage to using it.
Like what? -- http://michael.gorven.za.net PGP Key ID 1E016BE8 S/MIME Key ID AAF09E0E
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
