Menu
▾
▴
[TrouSerS-users] TPM "secure boot"
|
From: Axelle A. <axe...@ya...> - 2005-05-20 14:18:55
|
Hi all, this is not 100% related to trousers (sorry) but I'm quite sure you know... I'm a little uneasy with the "secure boot" functionality of TPM. Does this refer to the way the TPM initializes itself (TPM_Init, TPM_Startup, TPM_ContinueSelfTests etc) or does this refer to some higher level mechanism using PCRs ? If it's the former, this means "secure boot" is TPM-dependant. It works the way the manufacturer has shipped it, and so it only guarantees the "hardware" is not damaged. If it's the latter, I don't understand how it works. I've been reading about chain of trusts etc, but it's strange because it makes integrity measurements, that are stored in the PCR. Okay, but against what does it check those PCR values ? Because at each reboot, PCRs are zeroed, so how does it know, at the end of the boot procedure, that PCR value XYZ is correct ? Thanks for any explanation... Axelle. _____________________________________________________________________________ Découvrez le nouveau Yahoo! Mail : 1 Go d'espace de stockage pour vos mails, photos et vidéos ! Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com |