I know your email and you from your paper on IMA and the website of IBM on IMA. IMA is very interesting and is very similar to TNC, i think.
Would you be kind to explain some questions on IMA for me?
1.you said that "we measure executables only the first time and after they changed". my question is how the host system know the file has changed. maybe this is what you named "dirty flag". if a file has changed in any way, the systme really could know the file has changed?
2.you said the remote system can ask for the measurement list and the signed aggreate tpm value(pcr). my question is whether an application on the host system can ask for the measurement list and the signed pcr if yes, how to do? by tpm_quote and tpm_eventlog or alike?
anyway thank you.