It certainly doesn't help that Intel chose such a widely used 3
letter acronym.

Hah, I was going to comment on that. I wonder if it is truly too late to go back to the old codename, which is far easier to say and search.
 
As far as the use of Tboot, it seems to be primarily oriented around
launching the Xen virtual machine monitor, making it a measured VMM or
MVMM. Xen can then launch Linux or certain other OS's, perhaps even
measuring them as well.

Right. The use case I'm actually interested in is somewhere between the two - I'd like to launch Firefox in a protected domain and have it usable for surfing the web. My vague, poorly thought out plan was to let the user pick a photo from a library as proof of the trusted path, then show it in a tab at startup. Once you saw the personal photo, you'd know you were interacting with a copy of the browser that'd be safe to use even on a malware-riddled machine.
 
Personally I prefer the direction of Jonathan McCune's "Flicker"
project, http://sparrow.ece.cmu.edu/group/flicker.html - it similar to
what you describe, launching from within a running OS self-contained
applets (which I think he should call, flicklets) that run for a brief
moment in a measured, protected mode, perform some sensitive
calculation and then return to the conventional OS. I was working on a
similar idea but he is quite a bit further along with it, and last I
heard it was already working with AMD's skinit and almost there with
Intel TXT.

Huh, OK. I'm still pretty new to this whole space. I had no idea AMD had a TXT equivalent. Is it actually an implementation of the same system or are they separate/proprietary but with similar goals? For a trusted Firefox you really do need the whole stack AFAICT - including trusted channels to the video card and keyboard. Perhaps not the remote attestation although I suspect it'd be useful for allowing updates and/or allowing you to use a trusted firefox at a friends house. I need to consider that a bit more though.

Something else I'm interested in figuring out is how much of the tboot/flicker code could be re-used in a Windows context, as obviously, that's where the biggest security problems lie. Tboot seems pretty Linux specific although presumably it could be ported to the equivalent Windows kernel APIs. Launching an actual copy of Linux inside another MVMM is pretty heavy - I'd really want a completely minimal ring 0 environment inside the MVMM ..... enough to let Firefox establish a channel to the GFX card and keyboard, then I'd want it to communicate back through to the main OS for things like disk/network IO.