I thought the point of TPMs was to hold secrets and reveal or use them only when the stars were aligned the PCRs had the right values. But you seem to be talking about policies running on the host that verify an earlier component by checking the PCRs, and I thought the whole point was you can't verify an earlier component except through whether the TPM gives up its secrets or not.
As for remote attestation - so far as I can see, there's nothing to stop a rogue system from calculating the 'right' hash and reporting that.
Power management, mobile and firmware developer on Linux. Security developer at Aurora. Ex-biologist. mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer. Also on Mastodon.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Confused
Date: 2016-04-05 01:46 am (UTC)the stars were alignedthe PCRs had the right values. But you seem to be talking about policies running on the host that verify an earlier component by checking the PCRs, and I thought the whole point was you can't verify an earlier component except through whether the TPM gives up its secrets or not.As for remote attestation - so far as I can see, there's nothing to stop a rogue system from calculating the 'right' hash and reporting that.
What am I missing?