At 2:09 PM -0700 9/10/07, Thomas Hardjono wrote:
... Hmmm, there are plenty of Enterprises who only allow their IT guys to perform any and all updates (software and firmware). Employees are prohibited from installing anything. These IT guys turn-off Windows auto update on all clients. In such Enterprises, the IT guy is the sole TAA. He/she downloads all software and firmware updates, tests them and then (if ok) pushes them out to the client machines through the internal network.
good point; that is a more appropriate model in such contexts. But, even if the IT guy is the TAA, he will want to install TAs that are constrained in what they are used to verify, which is consistent with the need to interpret TA data to enforce such constraints.
However, this is perhaps orthogonal to a technically sound TAM solution (which should allow the Enterprise to designate multiple TAAs). /thomas/
no argument there. Steve