On Thu, 2006-11-09 at 14:04 +0100, Colbus Emmanuel wrote: > > > 3. Local software can perform these operations, refusing to decrypt > > content unless an acceptable endorsement is provided by the TPM. > > That's one of the points I never understood... So far I know, on x86, > there is no instruction which makes it possible to call the tpm device > from userspace. >... > So my first question is : how does the local software has to proceed, in > order to check that the endorsement key he got from the kernel was > really provided by the TPM?
Good questions. I initially thought they were straightforward, and then realized that using all of this was tricky. I'm going to need to look into this before I can give you a sensible answer. shap _______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
